Solaris 10 10/08 Installation Guide: Network-Based Installations

security_policy Keyword

You can use the security_policy keyword in your sysidcfg file to configure your system to use the Kerberos network authentication protocol. If you want to configure the system to use Kerberos, use the following syntax.


security_policy=kerberos {default_realm=FQDN 
                          admin_server=FQDN kdc=FQDN1, FQDN2, FQDN3}

FQDN specifies the fully qualified domain name of the Kerberos default realm, the administration server, or key distribution center (KDC). You must specify at least one, but no more than three, key distribution centers.

If you do not want to set the security policy for the system, set security_policy=NONE.

For more information about the Kerberos network authentication protocol, see System Administration Guide: Security Services.


Example 2–11 Configuring the System to Use Kerberos With the security_policy Keyword

This example configures the system to use Kerberos with the following information.


security_policy=kerberos 
                {default_realm=example.COM 
                 admin_server=krbadmin.example.com 
                 kdc=kdc1.example.com, 
                 kdc2.example.com}