2007-08-29 17:07:05 -05:00
|
|
|
#kerberos base object
|
|
|
|
|
dn: cn=kerberos,$SUFFIX
|
|
|
|
|
changetype: add
|
|
|
|
|
objectClass: krbContainer
|
|
|
|
|
objectClass: top
|
|
|
|
|
cn: kerberos
|
|
|
|
|
|
2011-06-08 16:21:23 -05:00
|
|
|
#Realm base object
|
|
|
|
|
dn: cn=$REALM,cn=kerberos,$SUFFIX
|
|
|
|
|
changetype: add
|
|
|
|
|
cn: $REALM
|
|
|
|
|
objectClass: top
|
|
|
|
|
objectClass: krbrealmcontainer
|
|
|
|
|
objectClass: krbticketpolicyaux
|
|
|
|
|
krbSubTrees: $SUFFIX
|
|
|
|
|
krbSearchScope: 2
|
|
|
|
|
krbSupportedEncSaltTypes: aes256-cts:normal
|
|
|
|
|
krbSupportedEncSaltTypes: aes256-cts:special
|
|
|
|
|
krbSupportedEncSaltTypes: aes128-cts:normal
|
|
|
|
|
krbSupportedEncSaltTypes: aes128-cts:special
|
2019-11-01 14:59:42 -05:00
|
|
|
krbSupportedEncSaltTypes: aes128-sha2:normal
|
|
|
|
|
krbSupportedEncSaltTypes: aes128-sha2:special
|
|
|
|
|
krbSupportedEncSaltTypes: aes256-sha2:normal
|
|
|
|
|
krbSupportedEncSaltTypes: aes256-sha2:special
|
2019-07-01 12:33:39 -05:00
|
|
|
${FIPS}krbSupportedEncSaltTypes: camellia128-cts-cmac:normal
|
|
|
|
|
${FIPS}krbSupportedEncSaltTypes: camellia128-cts-cmac:special
|
|
|
|
|
${FIPS}krbSupportedEncSaltTypes: camellia256-cts-cmac:normal
|
|
|
|
|
${FIPS}krbSupportedEncSaltTypes: camellia256-cts-cmac:special
|
2011-06-08 16:21:23 -05:00
|
|
|
krbMaxTicketLife: 86400
|
|
|
|
|
krbMaxRenewableAge: 604800
|
2022-02-25 00:58:24 -06:00
|
|
|
krbDefaultEncSaltTypes: aes256-sha2:special
|
|
|
|
|
krbDefaultEncSaltTypes: aes128-sha2:special
|
2011-06-08 16:21:23 -05:00
|
|
|
krbDefaultEncSaltTypes: aes256-cts:special
|
|
|
|
|
krbDefaultEncSaltTypes: aes128-cts:special
|
|
|
|
|
|
|
|
|
|
# Default password Policy
|
|
|
|
|
dn: cn=global_policy,cn=$REALM,cn=kerberos,$SUFFIX
|
|
|
|
|
changetype: add
|
|
|
|
|
objectClass: top
|
|
|
|
|
objectClass: nsContainer
|
|
|
|
|
objectClass: krbPwdPolicy
|
2022-06-01 10:17:41 -05:00
|
|
|
objectClass: ipaPwdPolicy
|
2011-06-08 16:21:23 -05:00
|
|
|
krbMinPwdLife: 3600
|
|
|
|
|
krbPwdMinDiffChars: 0
|
|
|
|
|
krbPwdMinLength: 8
|
|
|
|
|
krbPwdHistoryLength: 0
|
|
|
|
|
krbMaxPwdLife: 7776000
|
|
|
|
|
krbPwdMaxFailure: 6
|
|
|
|
|
krbPwdFailureCountInterval: 60
|
|
|
|
|
krbPwdLockoutDuration: 600
|
2022-06-01 10:17:41 -05:00
|
|
|
passwordGraceLimit: -1
|
