1[libdefaults]
2	default_realm = TEST.H5L.SE TEST2.H5L.SE
3	no-addresses = TRUE
4	dns_lookup_realm = no
5	name_canon_rules = as-is:realm=TEST.H5L.SE
6	name_canon_rules = as-is:realm=TEST2.H5L.SE
7	name_canon_rules = as-is:realm=TEST3.H5L.SE
8	name_canon_rules = nss
9
10[appdefaults]
11	pkinit_anchors = FILE:@srcdir@/../../lib/hx509/data/ca.crt
12	reconnect-min = 2s
13	reconnect-backoff = 2s
14	reconnect-max = 10s
15
16[realms]
17	TEST.H5L.SE = {
18		kdc = localhost:@port@
19		admin_server = localhost:@admport@
20		kpasswd_server = localhost:@pwport@
21	}
22	TEST2.H5L.SE = {
23		kdc = localhost:@port@
24		kpasswd_server = localhost:@pwport@
25	}
26	TEST3.H5L.SE = {
27		kdc = localhost:@port@
28	}
29
30[domain_realm]
31	.test1.h5l.se = TEST.H5L.SE
32	.test2.h5l.se = TEST2.H5L.SE
33	.test3.h5l.se = TEST3.H5L.SE
34	localhost = TEST.H5L.SE
35
36
37[kdc]
38	enable-digest = true
39	allow-anonymous = true
40	digests_allowed = chap-md5,digest-md5,ntlm-v1,ntlm-v1-session,ntlm-v2,ms-chap-v2
41        strict-nametypes = true
42
43	enable-http = true
44
45	enable-pkinit = true
46	pkinit_identity = FILE:@srcdir@/../../lib/hx509/data/kdc.crt,@srcdir@/../../lib/hx509/data/kdc.key
47	pkinit_anchors = FILE:@srcdir@/../../lib/hx509/data/ca.crt
48	pkinit_pool = FILE:@srcdir@/../../lib/hx509/data/sub-ca.crt
49#	pkinit_revoke = CRL:@srcdir@/../../lib/hx509/data/crl1.crl
50	pkinit_mappings_file = @srcdir@/pki-mapping
51	pkinit_allow_proxy_certificate = true
52
53	database = {
54		label = {
55			dbname = @objdir@/current-db@kdc@
56			realm = TEST.H5L.SE
57			mkey_file = @objdir@/mkey.file
58			acl_file = @srcdir@/heimdal.acl
59			log_file = @objdir@/current@kdc@.log
60		}
61		label2 = {
62			dbname = @objdir@/current-db@kdc@
63			realm = TEST2.H5L.SE
64			mkey_file = @objdir@/mkey.file
65			acl_file = @srcdir@/heimdal.acl
66			log_file = @objdir@/current@kdc@.log
67		}
68	}
69
70	signal_socket = @objdir@/signal
71	iprop-stats = @objdir@/iprop-stats
72	iprop-acl = @srcdir@/iprop-acl
73
74[hdb]
75	db-dir = @objdir@
76
77[logging]
78	kdc = 0-/FILE:@objdir@/messages.log
79	default = 0-/FILE:@objdir@/messages.log
80
81[kadmin]
82	save-password = true
83	@dk@
84
85[capaths]
86	TEST.H5L.SE = {
87		TEST3.H5L.SE = .
88		TEST2.H5L.SE = .
89	}
90	TEST2.H5L.SE = {
91		TEST.H5L.SE = .
92		TEST3.H5L.SE = .
93	}
94	TEST3.H5L.SE = {
95		TEST.H5L.SE = .
96		TEST2.H5L.SE = .
97	}
98