Red Hat Customer Portal - Access to 24x7 support and knowledge

I'm hitting a sticking point here as I've never done this before.

I'm using the following document from Red Hat for help:

https://access.redhat.com/sites/default/files/attachments/rhel-ad-integration-deployment-guidelines-v1.5.pdf

I'm to the part to install/configure Kerberos Client and I'm not sure how to configure the krb5.conf file

[logging]
 default = FILE:/var/log/krb5libs.log
 kdc = FILE:/var/log/krb5kdc.log
 admin_server = FILE:/var/log/kadmind.log
[libdefaults]
 default_realm = REFARCH-AD.CLOUD.LAB.ENG.BOS.REDHAT.COM
 dns_lookup_realm = false
 dns_lookup_kdc = false
 ticket_lifetime = 24h
 renew_lifetime = 7d
 forwardable = true
[realms]
 REFARCH-AD.CLOUD.LAB.ENG.BOS.REDHAT.COM = {
 kdc = WIN-SRV1.REFARCH-AD.CLOUD.LAB.ENG.BOS.REDHAT.COM
 admin_server = WIN-SRV1.REFARCH-AD.CLOUD.LAB.ENG.BOS.REDHAT.COM
 }
[domain_realm]
 .demo = REFARCH-AD.CLOUD.LAB.ENG.BOS.REDHAT.COM 
demo = REFARCH-AD.CLOUD.LAB.ENG.BOS.REDHAT.COM

For the default_realm, I believe I'm going to use the FQDN here for the local AD Server, correct

As for the realms, is this the same thing. I'm not really sure what to do for this part. Basically I'm trying to go thru this because if I do that, then I understand.

thanks

Ansible.com

Red Hat Ecosystem Catalog

Red Hat Hybrid Cloud Console

Red Hat Store

Red Hat Summit and AnsibleFest

Configure realms under krb5.conf file for using AD Authentication for RHEL VMs

Responses

Quick Links

Help

Site Info

Related Sites

Red Hat legal and privacy links

Red Hat legal and privacy links