Basic Krb5 Conf Editor
In
krb5.conf).
Kerberos authentication requires the ability to acquire Kerberos tickets that can be forwarded. The editor allows you to enable
and disable the Forwardable property.
Figure 242. Basic Krb5 Conf Editor view
To access this view, click .
Properties
| Property | Value | Description |
|---|---|---|
| Forwardable | true (default), false |
Enables and disables forwarding of Kerberos tickets. |
| Kdc Timeouts | 30 (default) | Required for redundant server support, specifies the length of time the station attempts to connect to the key distribution center before failing the connection attempt. |
| Kdc Max Retries | 3 (default) | Required for redundant server support, specifies the maximum number of times the station attempts to connect to one key distribution center before to the next one. |
NOTE: Values entered for the
Kdc Timeouts and Kdc Max Retries properties should be tailored to your specific scenario based on how long successful kdc connections generally take and when
to configure the the cut-off time after which the connection is considered to have failed. As with the connection timeout
above, this time needs to be not too short to cause false connection failures, but not so long as to cause excessive delays
when a server is down.