;
; /etc/krb5.conf -- VRud: from lxplus202 !
; This file is maintained via ncm-krb5clt(1), local changes may be lost.
; If you need to add your realm, look at the "template" file
; in /usr/lib/ncm/config/krb5clt/etc_krb5.conf.tpl
; or get in touch with project-elfms@cern.ch

[libdefaults]
 default_realm = CERN.CH
 ticket_lifetime = 25h
 renew_lifetime = 120h
 forwardable = true
 proxiable = true

[realms]
 CERN.CH = {
  default_domain = cern.ch
  kpasswd_server = afskrb5m.cern.ch
  admin_server = afskrb5m.cern.ch
  kdc = afsdb2.cern.ch
  kdc = afsdb3.cern.ch
  kdc = afsdb1.cern.ch

  v4_name_convert = {
     host = {
         rcmd = host
     }
  }
 }
; the external institutes info is completely static for now and comes
; straight from the NCM template
 FNAL.GOV = {
  default_domain = fnal.gov
  admin_server = krb-fnal-admin.fnal.gov
  kdc = krb-fnal-1.fnal.gov:88
  kdc = krb-fnal-2.fnal.gov:88
  kdc = krb-fnal-3.fnal.gov:88
 }
 KFKI.HU = {
  kdc = kerberos.kfki.hu
  admin_server = kerberos.kfki.hu
 }
[domain_realm]
 .cern.ch = CERN.CH
 .fnal.gov = FNAL.GOV
 .kfki.hu = KFKI.HU
[appdefaults]
; options for Red Hat pam_krb5-2
 pam = {
   external = true
   minimum_uid = 100
 }