1[libdefaults] 2 default_realm = TEST.H5L.SE TEST2.H5L.SE 3 no-addresses = TRUE 4 allow_weak_crypto = TRUE 5 6[appdefaults] 7 pkinit_anchors = FILE:@srcdir@/../../lib/hx509/data/ca.crt 8 reconnect-min = 2s 9 reconnect-backoff = 2s 10 reconnect-max = 10s 11 12[realms] 13 TEST.H5L.SE = { 14 kdc = localhost:@port@ 15 admin_server = localhost:@admport@ 16 kpasswd_server = localhost:@pwport@ 17 } 18 19[domain_realm] 20 .test.h5l.se = TEST.H5L.SE 21 localhost = TEST.H5L.SE 22 23[kdc] 24 enable-digest = true 25 allow-anonymous = true 26 digests_allowed = chap-md5,digest-md5,ntlm-v1,ntlm-v1-session,ntlm-v2,ms-chap-v2 27 strict-nametypes = true 28 29 enable-http = true 30 31 enable-pkinit = true 32 pkinit_identity = FILE:@srcdir@/../../lib/hx509/data/kdc.crt,@srcdir@/../../lib/hx509/data/kdc.key 33 pkinit_anchors = FILE:@srcdir@/../../lib/hx509/data/ca.crt 34 pkinit_pool = FILE:@srcdir@/../../lib/hx509/data/sub-ca.crt 35# pkinit_revoke = CRL:@srcdir@/../../lib/hx509/data/crl1.crl 36 pkinit_mappings_file = @srcdir@/pki-mapping 37 pkinit_allow_proxy_certificate = true 38 39 database = { 40 label = { 41 dbname = mit-db:@srcdir@/hdb-mitdb 42 realm = TEST.H5L.SE 43 mkey_file = @srcdir@/hdb-mitdb.mkey 44 acl_file = @srcdir@/heimdal.acl 45 log_file = @objdir@/current@kdc@.log 46 } 47 } 48 49 signal_socket = @objdir@/signal 50 iprop-stats = @objdir@/iprop-stats 51 iprop-acl = @srcdir@/iprop-acl 52 53[logging] 54 kdc = 0-/FILE:@objdir@/messages.log 55 default = 0-/FILE:@objdir@/messages.log 56 57[kadmin] 58 save-password = true 59 @dk@ 60 61