...
Example: kdc.example.com
Example: kdc.example.com:88
...
Example: kadmin.example.com
Example: kadmin.example.com:88
...
Possible values: true, false
Default value: false
ad_create_attributes_template
...
Example: -requires_preauth max_renew_life=7d
krb5-conf
...
manage_krb5_conf
Indicates whether your krb5.conf file should be managed by the wizard or should you manage it yourself
Possible values: true, false
Default value: false
domains
A comma-separated list of domain names used to map server host names to the Realm name (e.g. .example.com,example.com). This is optional.
Example: host.example.com, example.com, .example.com
conf_dir
The krb5.conf configuration directory
Default value: /etc
content
Customizable krb5.conf template (Jinja template engine)
Example: [libdefaults]
renew_lifetime = 7d
forwardable = true
default_realm = {{realm}}
ticket_lifetime = 24h
dns_lookup_realm = false
dns_lookup_kdc = false
#default_tgs_enctypes = {{encryption_types}}
#default_tkt_enctypes = {{encryption_types}}
{% if domains %}
[domain_realm]
{% for domain in domains.split(',') %}
{{domain}} = {{realm}}
{% endfor %}
{% endif %}
[logging]
default = FILE:/var/log/krb5kdc.log
admin_server = FILE:/var/log/kadmind.log
kdc = FILE:/var/log/krb5kdc.log
[realms]
{{realm}} = {
admin_server = {{admin_server_host|default(kdc_host, True)}}
kdc = {{kdc_host}}
}
{# Append additional realm declarations below #}
Enabling Kerberos
Enabling Kerberos on the cluster may be done using the Enable Kerberos Wizard within the Ambari UI or using the REST API.
...