The information in this article applies:
Product: Knowledge Exchange
Version: 6.1.x
Issue
- How do I configureKrb5.ini
?
Resolution
- In the first section, [libdefaults], replace testserver. com with your Active Directory Server domain. This must be in caps.
[libdefaults]
default_realm=TESTSERVER.COM
default_tkt_enctypes=rc4-hmac des-cbc-md5 des-cbc-crc des3-cbc-sha1
default_tgs_enctypes=rc4-hmac des-cbc-md5 des-cbc-crc des3-cbc-sha1
permitted_enctypes=rc4-hmac des-cbc-md5 des-cbc-crc des3-cbc-sha1
kdc_req_checksum_type=2
ccache_type=2
ticket_lifetime=600
- Next, modify the [realms] section. start the section with the same ad server domain you specified above. on then next line (KDC =), specify any domain controller in that ad server domain. if there are no child realms, ignore the child1.testserver. COM = {} section or remove it.
[realms]
TESTSERVER.COM = {
kdc = AD01.TESTSERVER.COM
admin_server = AD01.TESTSERVER.COM
default_domain = TESTSERVER.COM
}
CHILD1.TESTSERVER.COM = {
kdc = PROLDAP01.CHILD1.TESTSERVER.COM
admin_server = PROLDAP01.CHILD1.TESTSERVER.COM
default_domain = CHILD1.TESTSERVER.COM
}
- In the [domain_realm] section, continue to use the same server domain (and child domains, if you have any .) follow the formatting shown exactly (spaces between equal signs, the right-hand side capitalized, and initial periods as shown .)
[domain_realm]
.testserver.com = TESTSERVER.COM
testserver.com = TESTSERVER.COM
.child1.testserver.com = CHILD1.TESTSERVER.COM
child1.testserver.com = CHILD1.TESTSERVER.COM
- In the last section, [appdefaults], no changes shoshould be made.
[Appdefaults]
Autologin = true
Forward = true
Forwardable = true
Encrypt = true
Source of the original article (Click here)