JavaScript is required to for searching.
Skip Navigation Links
Exit Print View
Oracle Solaris Administration: Security Services     Oracle Solaris 11 Information Library
search filter icon
search icon

Document Information


Part I Security Overview

1.  Security Services (Overview)

Part II System, File, and Device Security

2.  Managing Machine Security (Overview)

3.  Controlling Access to Systems (Tasks)

4.  Virus Scanning Service (Tasks)

5.  Controlling Access to Devices (Tasks)

6.  Using the Basic Audit Reporting Tool (Tasks)

7.  Controlling Access to Files (Tasks)

Part III Roles, Rights Profiles, and Privileges

8.  Using Roles and Privileges (Overview)

9.  Using Role-Based Access Control (Tasks)

10.  Security Attributes in Oracle Solaris (Reference)

Part IV Cryptographic Services

11.  Cryptographic Framework (Overview)

12.  Cryptographic Framework (Tasks)

13.  Key Management Framework

Part V Authentication Services and Secure Communication

14.  Network Services Authentication (Tasks)

15.  Using PAM

16.  Using SASL

17.  Using Secure Shell (Tasks)

18.  Secure Shell (Reference)

Part VI Kerberos Service

19.  Introduction to the Kerberos Service

20.  Planning for the Kerberos Service

21.  Configuring the Kerberos Service (Tasks)

22.  Kerberos Error Messages and Troubleshooting

23.  Administering Kerberos Principals and Policies (Tasks)

24.  Using Kerberos Applications (Tasks)

25.  The Kerberos Service (Reference)

Kerberos Files

Kerberos Commands

Kerberos Daemons

Kerberos Terminology

Kerberos-Specific Terminology

Authentication-Specific Terminology

Types of Tickets

Ticket Lifetimes

Kerberos Principal Names

How the Kerberos Authentication System Works

How the Kerberos Service Interacts With DNS and the nsswitch Service

Gaining Access to a Service Using Kerberos

Obtaining a Credential for the Ticket-Granting Service

Obtaining a Credential for a Server

Obtaining Access to a Specific Service

Using Kerberos Encryption Types

Using the gsscred Table

Notable Differences Between Oracle Solaris Kerberos and MIT Kerberos

Part VII Auditing in Oracle Solaris

26.  Auditing (Overview)

27.  Planning for Auditing

28.  Managing Auditing (Tasks)

29.  Auditing (Reference)



Kerberos Files

This section lists some of the files that are used by the Kerberos service.

Table 25-1 Kerberos Files

File Name
Default values for creating new principals in the SEAM Tool
List of principals that grant access to a Kerberos account
Kerberos access control list file, which includes principal names of KDC administrators and their Kerberos administration privileges
Obsolete: This file was removed in the Oracle Solaris 11 release.
KDC configuration file
Kerberos database propagation configuration file
Kerberos realm configuration file
Keytab file for network application servers
Kerberos ticket expiration warning and automatic renewal configuration file
PAM configuration file
Default credentials cache, where uid is the decimal UID of the user
Temporary credentials cache for the lifetime of the password changing operation, where xxxxxx is a random string
KDC stash file, which contains a copy of the KDC master key
Log file for kadmind
Log file for the KDC
Kerberos principal database
Kerberos administrative database, which contains policy information
Kerberos administrative database lock file
Kerberos principal database initialization file that is created when the Kerberos database is initialized successfully
Kerberos update log, which contains updates for incremental propagation
Backup file of the KDC that the kprop_script script uses for propagation
Temporary dump file that is created when full updates are made to the specified slave