Symantec Access Management

  • 1.  KRB5_CONFIG as env variable for Kerberos setup

    Posted Nov 20, 2018 10:04 AM

    Hi Team,

     

    is it mandate to set up KRB5_CONFIG as Env variable for Kerberos configuration. If not what could be the workaround for this.

     

    Since KRB5_CONFIG is already used by authentication bridging and it can't be used again, as it might mess up our current authentication bridging.

     

    and this is set to /opt/CA/uxauth/uxauth.ini file in unix. 

     

    Please advice.

     

    Joseph Christie



  • 2.  Re: KRB5_CONFIG as env variable for Kerberos setup
    Best Answer

    Broadcom Employee
    Posted Dec 04, 2018 02:15 AM

    Hi Joseph,

     

    Yes, you do need to set the environment variable KRB5_CONFIG in order
    to have kerberos access.

     

    More, according to MIT documentation, you can set several file names
    in this. Please refer to Kerberos documentation.

     

    MIT Kerberos Documentation

     

    KRB5_CONFIG

     

    Specifies the location of the Kerberos configuration file. The default
    is SYSCONFDIR/krb5.conf. Multiple filenames can be specified,
    separated by a colon; all files which are present will be read.

     

    https://web.mit.edu/kerberos/krb5-latest/doc/user/user_config/kerberos.html#kerberos-7

     

    I hope this helps,

     

    Best Regards,
    Patrick