|
Hey Squid Users, Wanted to reach out and see if there was an updated version of the /etc/krb5.conf example file anywhere.
I’ve been using “wiki.squid-cache.org/ConfigExamples/Authenticate/WindowsActiveDirectory” as a reference point and I’m concerned that the Squid 3, Windows 2003/2008, and such examples might be out of date.
As of right now, my krb5.conf file looks like this: includedir /etc/krb5.conf.d/ [logging] default = FILE:/var/log/krb5libs.log kdc = FILE:/var/log/krb5kdc.log admin_server = FILE:/var/log/kadmind.log [libdefaults] dns_lookup_realm = true ticket_lifetime = 24h renew_lifetime = 7d forwardable = true rdns = true pkinit_anchors = FILE:/etc/pki/tls/certs/ca-bundle.crt spake_preauth_groups = edwards25519 dns_canonicalize_hostname = true qualify_shortname = "" default_realm = AD.ARC-TECH.COM default_ccache_name = KEYRING:persistent:%{uid} udp_preference_limit = 0 [realms] # EXAMPLE.COM = { # kdc = kerberos.example.com # admin_server = kerberos.example.com # } [domain_realm] # .example.com = EXAMPLE.COM # example.com = EXAMPLE.COM This config file was done automatically when I joined the Linux Proxy Server to Windows AD using realmD. But I couldn’t help but think there’s a few things missing. I’ve been going through our whole Kerberos setup to figure out why Squid
isn’t using it when directed to in the squid.conf file. Any help is always appreciated, Josh |
_______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx https://lists.squid-cache.org/listinfo/squid-users
