[logging] default = FILE:/var/log/krb5libs.log kdc = FILE:/var/log/krb5kdc.log admin_server = FILE:/var/log/kadmind.log [libdefaults] default_realm = FOOBAR.COM dns_lookup_realm = true dns_lookup_kdc = true ticket_lifetime = 24h renew_lifetime = 7d rdns = false forwardable = yes [realms] FOOBAR.COM = { # Define the server only if DNS lookups are not working # kdc = kerberos.example.com # admin_server = kerberos.example.com } [domain_realm] .foobar.com = FOOBAR.COM foobar.com = FOOBAR.COM