System Administration Guide: Security Services

Kerberos Files

Table 27–1 Kerberos Files

File Name 



Default values for creating new principals in the SEAM Administration Tool


List of principals that grant access to a Kerberos account


Kerberos access control list file, which includes principal names of KDC administrators and their Kerberos administration privileges


Keytab file for the kadmin service on the master KDC


KDC configuration file


Kerberos database propagation configuration file


Kerberos realm configuration file


Keytab file for network application servers


Kerberos ticket expiration warning and automatic renewal configuration file


PAM configuration file


Default credentials cache, where uid is the decimal UID of the user


Temporary credentials cache for the lifetime of the password changing operation, where xxxxxx is a random string


KDC stash file, which contains a copy of the KDC master key


Log file for kadmind


Log file for the KDC


Kerberos principal database


Kerberos administrative database, which contains policy information


Kerberos administrative database lock file


Kerberos principal database initialization file that is created when the Kerberos database is initialized successfully


Kerberos update log, which contains updates for incremental propagation


Backup file of the KDC that the kprop_script script uses for propagation


Temporary dump file that is created when full updates are made to the specified slave