URL: https://role.rhu.redhat.com/rol-rhu/app/courses/rh362ea-9.1/pages/ch01s04
Reporter RHNID: carias@redhat.com
Section: 4 - Guided Exercise: Red Hat Identity Management Infrastructure Topology
Language: en-US (English)
Workaround:

Description: Minor bug Task 3.4, view the /etc/krb5.conf on the client system. The text showing the content of the /etc/krb5.conf in the tutorial shows an already setup idm client joined to the idm server realm. Students running through this lab will have a /etc/krb5.conf file that looks like this:

{{# To opt out of the system crypto-policies configuration of krb5, remove the

1. symlink at /etc/krb5.conf.d/crypto-policies which will not be recreated.

includedir /etc/krb5.conf.d/ 
default = FILE:/var/log/krb5libs.log
kdc = FILE:/var/log/krb5kdc.log
admin_server = FILE:/var/log/kadmind.log 
dns_lookup_realm = false
ticket_lifetime = 24h
renew_lifetime = 7d
forwardable = true
rdns = false
pkinit_anchors = FILE:/etc/pki/tls/certs/ca-bundle.crt
spake_preauth_groups = edwards25519 dns_canonicalize_hostname = fallback qualify_shortname = ""

1. default_realm = EXAMPLE.COM
   default_ccache_name = KEYRING:persistent:%{uid} 
2. EXAMPLE.COM = {
3. kdc = kerberos.example.com
4. admin_server = kerberos.example.com # } 
5. .example.com = EXAMPLE.COM # example.com = EXAMPLE.COM 
   [logging]
   [libdefaults]
   [realms]
   [domain_realm]}}