Use the following procedure to create a Kerberos realm, set the KDC(s), and select strong or weak encryption types. Descriptions of each property are located in Kerberos Service Properties and Kerberos Properties and Logs.
Before You Begin
Ensure that you have configured the NTP service.
hostname:configuration services kerberos> show Properties: <status> = disabled allow_weak_crypto = false
The default does not support weak encryption types.
For familiarity, the realm name can be the same as your DNS domain name, except that the realm name is in uppercase.
hostname:configuration services kerberos> create TEST.NET hostname:configuration services kerberos TEST.NET (uncommitted)> commit
hostname:configuration services kerberos> list REALM KDC TEST.NET
hostname:configuration services kerberos> select TEST.NET hostname:configuration services kerberos TEST.NET>
If your Kerberos configuration includes DNS support for KDC lookup, do not perform this step.
hostname:configuration services kerberos TEST.NET> set kdcs=kdc1.us.oracle.com,kdc2.us.oracle.com kdcs = kdc1.us.oracle.com,kdc2.us.oracle.com (uncommitted) hostname:configuration services kerberos TEST.NET> commit
Choose one of the following options: