Creating a Kerberos Configuration File

The Kerberos server/AD server administrator must create a Kerberos configuration file.

Create a Kerberos configuration file:

  1. Create a Kerberos configuration file named krb5.conf.
  2. Place the following code in the krb5.conf file:
    [libdefaults]
                  default_realm = EXAMPLE.COM
                  default_tkt_enctypes = aes256-cts rc4-hmac des3-cbc-sha1 des-cbc-md5 des-cbc-crc
                  default_tgs_enctypes = aes256-cts rc4-hmac des3-cbc-sha1 des-cbc-md5 des-cbc-crc
                  permitted_enctypes   = aes256-cts rc4-hmac des3-cbc-sha1 des-cbc-md5 des-cbc-crc
    
    [realms]
        EXAMPLE.COM  = {
            kdc = dc-server.example.com
            default_domain = example.com
    }
    
    [domain_realm]
        .example.com = EXAMPLE.COM
        example.com = EXAMPLE.COM
    
    Note: example.com is your domain name. Substitute it with your appropriate domain value. EXAMPLE.COM is your realm name. Substitute it with your appropriate realm value. kdc provides the name of a host running a Kerberos Key Distribution Center (KDC) for that realm. Substitute it with your appropriate host name.
  3. Give the krb5.conf file to the Caliber Visualize or Caliber Review administrator.