[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Sample kdc.conf

To: Brian May <bam@snoopy.apana.org.au>
Subject: Re: Sample kdc.conf
From: Love <lha@stacken.kth.se>
Date: Fri, 17 Dec 2004 19:40:38 +0100
Cc: heimdal-discuss@sics.se
In-Reply-To: <20041217083506.GA8565@snoopy.apana.org.au> (Brian May'smessage of "Fri, 17 Dec 2004 19:35:06 +1100")
References: <20041217083506.GA8565@snoopy.apana.org.au>
Sender: owner-heimdal-discuss@sics.se
User-Agent: Gnus/5.1006 (Gnus v5.10.6) Emacs/21.3 (berkeley-unix)

Brian May <bam@snoopy.apana.org.au> writes:

> I also noticed some errors:
>
> * Man page refers to enforce-transited-policy and the source code refers
>   to it, but the return value is not assigned to anything:
>
>         krb5_config_get_bool_default(context, NULL, TRUE, "kdc",
>              "enforce-transited-policy", NULL);
>
> * I have a suspicion enforce-transited-policy has been replaced with
>   transited-policy but transited-policy is not documented.

Yes, this is what happen, I forgot to pull up the manpage from current.

> * man page says default value of check-ticket-addresses is false,
>   but my reading of the source code suggests it is true.

thanks, fixed.

> * database = { ... } doesn't seem to be documented anywhere.

And I think I'll leave it a that since it will change soon. I'll rather
write documentation for something that is usable, [kdc]database={} isn't.

> * Same for logging,

As the kdc.8 hits, its documented in krb5_openlog.

>  key-file

deprecated.

> detach, 

fixed in current.

> default_keys, and use_v4_salt.

See krb5.conf

Love

PGP signature

References:
- Sample kdc.conf
  - From: Brian May <bam@snoopy.apana.org.au>

Prev by Date: Re: Patch to enable account expiration
Next by Date: Re: Unusual clock-skew issue
Prev by thread: Sample kdc.conf
Next by thread: password changing from Windows
Index(es):
- Date
- Thread