Basic Krb5 Conf Editor
In Niagara, an added editor view is available under the Tools menu, Basic Krb5 Conf Editor. It configures certain properties of an existing Kerberos configuration file (krb5.conf).
Properties
Kerberos authentication requires the ability to acquire Kerberos tickets that can be forwarded. The editor allows you to enable and disable the Forwardable property.
To access this view, click .
| Property | Value | Description |
|---|---|---|
| Forwardable | true (default), false | Enables and disables forwarding of Kerberos tickets. |
| Kdc Timeouts | 30 (default) | Required for redundant server support, specifies the length of time the station attempts to connect to the key distribution center before failing the connection attempt. |
| Kdc Max Retries | 3 (default) | Required for redundant server support, specifies the maximum number of times the station attempts to connect to one key distribution center before to the next one. |
Note: Values entered for the Kdc Timeouts and Kdc Max Retries properties should be tailored
to your specific scenario based on how long successful kdc connections
generally take and when to configure the the cut-off time after which
the connection is considered to have failed. As with the connection
timeout above, this time needs to be not too short to cause false
connection failures, but not so long as to cause excessive delays
when a server is down.