2 default_realm = TEST.H5L.SE TEST2.H5L.SE
4 allow_weak_crypto = @WEAK@
10 pkinit_anchors = FILE:@srcdir@/../../lib/hx509/data/ca.crt
12 reconnect-backoff = 2s
17 kdc = localhost:@port@
18 admin_server = localhost:@admport@
19 kpasswd_server = localhost:@pwport@
22 kdc = localhost:@port@
25 kdc = localhost:@port@
26 kpasswd_server = localhost:@pwport@
29 kdc = localhost:@port@
32 kdc = localhost:@port@
35 kdc = localhost:@port@
38 kdc = localhost:@port@
41 kdc = localhost:@port@
44 kdc = localhost:@port@
47 kdc = localhost:@port@
50 kdc = http/localhost:@port@
53 kdc = localhost:@port@
56 kdc = localhost:@port@
59 kdc = localhost:@port@
62 kdc = localhost:@port@
66 .test.h5l.se = TEST.H5L.SE
67 .sub.test.h5l.se = SUB.TEST.H5L.SE
68 .h1.test.h5l.se = H1.TEST.H5L.SE
69 .h2.test.h5l.se = H2.TEST.H5L.SE
70 .h3.h2.test.h5l.se = H3.H2.TEST.H5L.SE
71 .h4.h2.test.h5l.se = H4.H2.TEST.H5L.SE
72 .example.com = TEST2.H5L.SE
73 localhost = TEST.H5L.SE
74 .localdomain = TEST.H5L.SE
75 localdomain = TEST.H5L.SE
76 .localdomain6 = TEST.H5L.SE
77 localdomain6 = TEST.H5L.SE
82 allow-anonymous = true
83 digests_allowed = chap-md5,digest-md5,ntlm-v1,ntlm-v1-session,ntlm-v2,ms-chap-v2
84 strict-nametypes = true
88 synthetic_clients = true
90 enable_gss_preauth = true
91 gss_mechanisms_allowed = sanon-x25519
94 pkinit_identity = FILE:@srcdir@/../../lib/hx509/data/kdc.crt,@srcdir@/../../lib/hx509/data/kdc.key
95 pkinit_anchors = FILE:@srcdir@/../../lib/hx509/data/ca.crt
96 pkinit_pool = FILE:@srcdir@/../../lib/hx509/data/sub-ca.crt
97 # pkinit_revoke = CRL:@srcdir@/../../lib/hx509/data/crl1.crl
98 pkinit_mappings_file = @srcdir@/pki-mapping
99 pkinit_allow_proxy_certificate = true
103 dbname = @db_type@:@objdir@/current-db@kdc@
105 mkey_file = @objdir@/mkey.file
106 acl_file = @srcdir@/heimdal.acl
107 log_file = @objdir@/current@kdc@.log
110 dbname = @db_type@:@objdir@/current-db@kdc@
112 mkey_file = @objdir@/mkey.file
113 acl_file = @srcdir@/heimdal.acl
114 log_file = @objdir@/current@kdc@.log
117 dbname = sqlite:@objdir@/current-db@kdc@.sqlite3
118 realm = SOME-REALM5.FR
119 mkey_file = @objdir@/mkey.file
120 acl_file = @srcdir@/heimdal.acl
121 log_file = @objdir@/current@kdc@.log
125 signal_socket = @objdir@/@signalsocket@
126 iprop-stats = @objdir@/@ipropstats@
127 iprop-acl = @srcdir@/iprop-acl
132 enable_virtual_hostbased_princs = true
133 virtual_hostbased_princ_mindots = 1
134 virtual_hostbased_princ_maxdots = 3
137 kdc = 0-/FILE:@objdir@/@messages@.log
138 krb5 = 0-/FILE:@objdir@/@messages@.log
139 default = 0-/FILE:@objdir@/@messages@.log
141 # If you are doing preformance measurements on OSX you want to change
142 # the kdc LOG line from = to - below to keep the FILE open and avoid
143 # open/write/close which is blocking (rdar:// ) on OSX.
144 # kdc = 0-/FILE=@objdir@/@messages@.log
148 default_key_rules = {
149 */des3-only@* = des3-cbc-sha1:pw-salt
150 */aes-only@* = aes256-cts-hmac-sha1-96:pw-salt
158 TEST3.H5L.SE = TEST2.H5L.SE
159 TEST4.H5L.SE = TEST2.H5L.SE
160 TEST4.H5L.SE = TEST3.H5L.SE
161 SOME-REALM6.US = SOME-REALM5.FR
162 SOME-REALM7.UK = SOME-REALM6.US
163 SOME-REALM7.UK = SOME-REALM5.FR
164 SOME-REALM8.UK = SOME-REALM6.US
166 H4.H2.TEST.H5L.SE = {
167 H1.TEST.H5L.SE = H3.H2.TEST.H5L.SE
168 H1.TEST.H5L.SE = H2.TEST.H5L.SE
169 H1.TEST.H5L.SE = TEST.H5L.SE
171 TEST.H5L.SE = H3.H2.TEST.H5L.SE
172 TEST.H5L.SE = H2.TEST.H5L.SE
174 H2.TEST.H5L.SE = H3.H2.TEST.H5L.SE