1[libdefaults] 2 default_realm = TEST.H5L.SE TEST2.H5L.SE 3 no-addresses = TRUE 4 allow_weak_crypto = @WEAK@ 5 6[appdefaults] 7 pkinit_anchors = FILE:@srcdir@/../../lib/hx509/data/ca.crt 8 reconnect-min = 2s 9 reconnect-backoff = 2s 10 reconnect-max = 10s 11 12[realms] 13 TEST.H5L.SE = { 14 kdc = localhost:@port@ 15 admin_server = localhost:@admport@ 16 kpasswd_server = localhost:@pwport@ 17 } 18 19[domain_realm] 20 .test.h5l.se = TEST.H5L.SE 21 localhost = TEST.H5L.SE 22 23[kdc] 24 enable-digest = true 25 allow-anonymous = true 26 digests_allowed = chap-md5,digest-md5,ntlm-v1,ntlm-v1-session,ntlm-v2,ms-chap-v2 27 28 enable-http = true 29 30 enable-pkinit = true 31 pkinit_identity = FILE:@srcdir@/../../lib/hx509/data/kdc.crt,@srcdir@/../../lib/hx509/data/kdc.key 32 pkinit_anchors = FILE:@srcdir@/../../lib/hx509/data/ca.crt 33 pkinit_pool = FILE:@srcdir@/../../lib/hx509/data/sub-ca.crt 34# pkinit_revoke = CRL:@srcdir@/../../lib/hx509/data/crl1.crl 35 pkinit_mappings_file = @srcdir@/pki-mapping 36 pkinit_allow_proxy_certificate = true 37 38 database = { 39 label = { 40 dbname = mit-db:@objdir@/hdb-mitdb 41 realm = TEST.H5L.SE 42 mkey_file = @objdir@/hdb-mitdb.mkey 43 acl_file = @srcdir@/heimdal.acl 44 log_file = @objdir@/current@kdc@.log 45 } 46 } 47 48 signal_socket = @objdir@/signal 49 iprop-stats = @objdir@/iprop-stats 50 iprop-acl = @srcdir@/iprop-acl 51 52[logging] 53 kdc = 0-/FILE:@objdir@/messages.log 54 default = 0-/FILE:@objdir@/messages.log 55 56[kadmin] 57 save-password = true 58 @dk@ 59 60