Mac OS X Manual Page For kerberosautoconfig(8)

ADC Home > Reference Library > Reference > Mac OS X > Mac OS X Man Pages

This document is a Mac OS X manual page. Manual pages are a command-line technology for providing documentation. You can view these manual pages locally using the man(1) command. These manual pages come from many different sources, and thus, have a variety of writing styles.

For more information about the manual page format, see the manual page for manpages(5).


kerberosautoconfig(8)     BSD System Manager's Manual    kerberosautoconfig(8)

NAME
     kerberosautoconfig -- Kerberos -- Open Directory Single Sign On

SYNOPSIS
     kerberosautoconfig [-f directory_node] [-o output_dir] [-r realm_name -m master_kdc] [-u] [-k]
                        [-v debug_level]

DESCRIPTION
     The kerberosautoconfig command creates the edu.mit.Kerberos file from information stored in the open
     directory config record named KerberosClient. The existing edu.mit.Kerberos file is only replaced if
     the autogenerated header is present and the generation_id in the KerberosClient config record is
     greater than that within the file. The default location of the output file is /Library/Prefer-ences/edu.mit.Kerberos. /Library/Preferences/edu.mit.Kerberos.
     ences/edu.mit.Kerberos. If the machine is standalone, this command will do nothing (unless the -u
     option is used) Defifintions

     directory_node
              An open directory node path specifier. Such as /LDAPv3/127.0.0.1

     output_dir
              The directory in which kerberosautoconfig deposits the edu.mit.Kerberos file

     realm_name
              Name of the Kerberos realm that will be the default when creating a file from scratch

     master_kdc
              Host name of the master KDC for the default realm when creating a file from scratch

     debug_level
              Specifies the amount of debugging information printed to stdout, default is 1

     Flags:

     -f       Tells kerberosautoconfig to look in the specified open directory node for the KerberosClient
              config record.

     -o       Specifies the directory in which kerberosautoconfig will write the new edu.mit.Kerberos file
              into

     -r       kerberosautoconfig can create an edu.mit.Kerberos file from information passed on the command
              line. Use the -r and -m flags to specify the default realm and master KDC for that realm.

     -m       See above

     -k       Adds the default Kerberos logging directives to the config file (useful when setting up a kdc)

     -u       Forces an update of the file. Will overwrite an existing non-autogenerated edu.mit.Kerberos
              file.  Use with caution.

     -v       Specifies the amount of debugging information printed to stdout, default is 1

FILES
     /Library/Preferences/edu.mit.Kerberos         The main Kerberos config file (also known as krb5.conf on
                                                   other systems)

SEE ALSO
     DirectoryService(1), Kerberos(1), kdcsetup(8), krb5.conf(5)

BUGS
     kerberosautoconfig looks for the KerberosClient config record in each of the open directory nodes on
     the search path. It merges the realm information from any KerberosClient config records it finds, but
     it only checks the generation_id from the first config record found. This means that the file does not
     get updated if the second KerberosClient record found changes.

HISTORY
     kerberosautoconfig first appeared in Mac OS X 10.3

Darwin                           April 2, 2008                          Darwin

Did this document help you?
Yes: Tell us what works for you. It’s good, but: Report typos, inaccuracies, and so forth. It wasn’t helpful: Tell us what would have helped.