JavaScript is required to for searching.
Skip Navigation Links
Exit Print View
System Administration Guide: Security Services
search filter icon
search icon

Document Information


Part I Security Overview

1.  Security Services (Overview)

Part II System, File, and Device Security

2.  Managing Machine Security (Overview)

3.  Controlling Access to Systems (Tasks)

4.  Controlling Access to Devices (Tasks)

5.  Using the Basic Audit Reporting Tool (Tasks)

6.  Controlling Access to Files (Tasks)

7.  Using the Automated Security Enhancement Tool (Tasks)

Part III Roles, Rights Profiles, and Privileges

8.  Using Roles and Privileges (Overview)

9.  Using Role-Based Access Control (Tasks)

10.  Role-Based Access Control (Reference)

11.  Privileges (Tasks)

12.  Privileges (Reference)

Part IV Oracle Solaris Cryptographic Services

13.  Oracle Solaris Cryptographic Framework (Overview)

14.  Oracle Solaris Cryptographic Framework (Tasks)

15.  Oracle Solaris Key Management Framework

Part V Authentication Services and Secure Communication

16.  Using Authentication Services (Tasks)

17.  Using PAM

18.  Using SASL

19.  Using Solaris Secure Shell (Tasks)

20.  Solaris Secure Shell (Reference)

Part VI Kerberos Service

21.  Introduction to the Kerberos Service

22.  Planning for the Kerberos Service

23.  Configuring the Kerberos Service (Tasks)

24.  Kerberos Error Messages and Troubleshooting

25.  Administering Kerberos Principals and Policies (Tasks)

26.  Using Kerberos Applications (Tasks)

27.  The Kerberos Service (Reference)

Kerberos Files

Kerberos Commands

Kerberos Daemons

Kerberos Terminology

Kerberos-Specific Terminology

Authentication-Specific Terminology

Types of Tickets

Ticket Lifetimes

Kerberos Principal Names

How the Kerberos Authentication System Works

How the Kerberos Service Interacts With DNS and the nsswitch.conf File

Gaining Access to a Service Using Kerberos

Obtaining a Credential for the Ticket-Granting Service

Obtaining a Credential for a Server

Obtaining Access to a Specific Service

Using Kerberos Encryption Types

Using the gsscred Table

Notable Differences Between Oracle Solaris Kerberos and MIT Kerberos

Part VII Oracle Solaris Auditing

28.  Oracle Solaris Auditing (Overview)

29.  Planning for Oracle Solaris Auditing

30.  Managing Solaris Auditing (Tasks)

31.  Solaris Auditing (Reference)



Kerberos Files

Table 27-1 Kerberos Files

File Name
Default values for creating new principals in the SEAM Tool
List of principals that grant access to a Kerberos account
Kerberos access control list file, which includes principal names of KDC administrators and their Kerberos administration privileges
Keytab file for the kadmin service on the master KDC
KDC configuration file
Kerberos database propagation configuration file
Kerberos realm configuration file
Keytab file for network application servers
Kerberos ticket expiration warning and automatic renewal configuration file
PAM configuration file
Default credentials cache, where uid is the decimal UID of the user
Temporary credentials cache for the lifetime of the password changing operation, where xxxxxx is a random string
KDC stash file, which contains a copy of the KDC master key
Log file for kadmind
Log file for the KDC
Kerberos principal database
Kerberos administrative database, which contains policy information
Kerberos administrative database lock file
Kerberos principal database initialization file that is created when the Kerberos database is initialized successfully
Kerberos update log, which contains updates for incremental propagation
Backup file of the KDC that the kprop_script script uses for propagation
Temporary dump file that is created when full updates are made to the specified slave