...

Example:  kdc.example.com

Example: kdc.example.com:88

...

Example: kadmin.example.com

Example: kadmin.example.com:88 

...

Possible values: true, false

Default value: false

ad_create_attributes_template

...

Example: -requires_preauth max_renew_life=7d

krb5-conf

...

manage_krb5_conf

Indicates whether your krb5.conf file should be managed by the wizard or should you manage it yourself

Possible values: true, false

Default value: false

domains

A comma-separated list of domain names used to map server host names to the Realm name (e.g. .example.com,example.com). This is optional.

Example: host.example.com, example.com, .example.com

conf_dir

The krb5.conf configuration directory

Default value: /etc

content

Customizable krb5.conf template (Jinja template engine)

Example: [libdefaults]

renew_lifetime = 7d
forwardable = true
default_realm = {{realm}}
ticket_lifetime = 24h
dns_lookup_realm = false
dns_lookup_kdc = false
#default_tgs_enctypes = {{encryption_types}}
#default_tkt_enctypes = {{encryption_types}}

{% if domains %}
[domain_realm]
{% for domain in domains.split(',') %}
{{domain}} = {{realm}}
{% endfor %}
{% endif %}

[logging]
default = FILE:/var/log/krb5kdc.log
admin_server = FILE:/var/log/kadmind.log
kdc = FILE:/var/log/krb5kdc.log

[realms]
{{realm}} = {
  admin_server = {{admin_server_host|default(kdc_host, True)}}
  kdc = {{kdc_host}}
}

{# Append additional realm declarations below #}

Enabling Kerberos

Enabling Kerberos on the cluster may be done using the Enable Kerberos Wizard within the Ambari UI or using the REST API.  

...