summaryrefslogtreecommitdiff
path: root/src/man/sssd_krb5_locator_plugin.8.xml
blob: 25a20c88fcd4c2b3f644da24b34a4d5e9eb80ed3 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE reference PUBLIC "-//OASIS//DTD DocBook V4.4//EN"
"http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd">
<reference>
<title>SSSD Manual pages</title>
<refentry>
    <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="include/upstream.xml" />

    <refmeta>
        <refentrytitle>sssd_krb5_locator_plugin</refentrytitle>
        <manvolnum>8</manvolnum>
    </refmeta>

    <refnamediv id='name'>
        <refname>sssd_krb5_locator_plugin</refname>
        <refpurpose>Kerberos locator plugin</refpurpose>
    </refnamediv>

    <refsect1 id='description'>
        <title>DESCRIPTION</title>
        <para>
            The Kerberos locator plugin
            <command>sssd_krb5_locator_plugin</command> is used by the Kerberos
            provider of
            <citerefentry>
                <refentrytitle>sssd</refentrytitle>
                <manvolnum>8</manvolnum>
            </citerefentry>
            to tell the Kerberos libraries what Realm and which KDC to use.
            Typically this is done in
            <citerefentry>
                <refentrytitle>krb5.conf</refentrytitle>
                <manvolnum>5</manvolnum>
            </citerefentry>
            which is always read by the Kerberos libraries. To simplify the
            configuration the Realm and the KDC can be defined in
            <citerefentry>
                <refentrytitle>sssd.conf</refentrytitle>
                <manvolnum>5</manvolnum>
            </citerefentry>
            as described in
            <citerefentry>
                <refentrytitle>sssd-krb5</refentrytitle>
                <manvolnum>5</manvolnum>
            </citerefentry>
        </para>
        <para>
            <citerefentry>
                <refentrytitle>sssd</refentrytitle>
                <manvolnum>8</manvolnum>
            </citerefentry>
            puts the Realm and the name or IP address of the KDC into the
            environment variables SSSD_KRB5_REALM and SSSD_KRB5_KDC respectively.
            When <command>sssd_krb5_locator_plugin</command> is called by the
            kerberos libraries it reads and evaluates these variables and returns
            them to the libraries.
        </para>
    </refsect1>

    <refsect1 id='notes'>
        <title>NOTES</title>
        <para>
            Not all Kerberos implementations support the use of plugins. If
            <command>sssd_krb5_locator_plugin</command> is not available on
            your system you have to edit /etc/krb5.conf to reflect your
            Kerberos setup.
        </para>
        <para>
            If the environment variable SSSD_KRB5_LOCATOR_DEBUG is set to any
            value debug messages will be sent to stderr.
        </para>
    </refsect1>

    <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="include/seealso.xml" />

</refentry>
</reference>