2 ## THIS FILE IS UNDER PUPPET CONTROL. DON'T EDIT IT HERE.
3 ## USE: git clone git+ssh://$USER@puppet.debian.org/srv/puppet.debian.org/git/dsa-puppet.git
7 default_realm = DEBIAN.ORG
9 # The following krb5.conf variables are only for MIT Kerberos.
10 krb4_config = /etc/krb.conf
11 krb4_realms = /etc/krb.realms
17 # The following encryption type specification will be used by MIT Kerberos
18 # if uncommented. In general, the defaults in the MIT Kerberos code are
19 # correct and overriding these specifications only serves to disable new
20 # encryption types as they are added, creating interoperability problems.
22 # Thie only time when you might need to uncomment these lines and change
23 # the enctypes is if you have local software that will break on ticket
24 # caches containing ticket encryption types it doesn't know about (such as
25 # old versions of Sun Java).
27 # default_tgs_enctypes = des3-hmac-sha1
28 # default_tkt_enctypes = des3-hmac-sha1
29 # permitted_enctypes = des3-hmac-sha1
31 # The following libdefaults parameters are only for Heimdal Kerberos.
32 v4_instance_resolve = false
39 something = something-else
42 fcc-mit-ticketflags = true
46 kdc = 82.195.75.92 # byrd
47 kdc = [2001:41b8:202:deb:216:36ff:fe40:3908] # byrd
48 kdc = 206.12.19.119 # schuetz
49 kdc = [2607:f8f0:610:4000:216:36ff:fe40:380a] # schuetz
50 master_kdc = 82.195.75.92 # byrd
51 master_kdc = [2001:41b8:202:deb:216:36ff:fe40:3908] # byrd
52 admin_server = 82.195.75.92 # byrd
53 admin_server = [2001:41b8:202:deb:216:36ff:fe40:3908] # byrd
57 .debian.org = DEBIAN.ORG
61 krb4_get_tickets = false
63 <% if fqdn == "byrd.debian.org" -%>
65 policies = builtin:minimum-length external-check
67 external_program = /etc/heimdal-kdc/heimdal-password-quality-check