SSSD Manual pages


Table of Contents

sssd_krb5_locator_plugin — Kerberos locator plugin

Name

sssd_krb5_locator_plugin — Kerberos locator plugin

DESCRIPTION

The Kerberos locator plugin sssd_krb5_locator_plugin is used by the Kerberos provider of sssd(8) to tell the Kerberos libraries what Realm and which KDC to use. Typically this is done in krb5.conf(5) which is always read by the Kerberos libraries. To simplify the configuration the Realm and the KDC can be defined in sssd.conf(5) as described in sssd-krb5(5)

sssd(8) puts the Realm and the name or IP address of the KDC into the environment variables SSSD_KRB5_REALM and SSSD_KRB5_KDC respectively. When sssd_krb5_locator_plugin is called by the kerberos libraries it reads and evaluates these variables and returns them to the libraries.

NOTES

Not all Kerberos implementations support the use of plugins. If sssd_krb5_locator_plugin is not available on your system you have to edit /etc/krb5.conf to reflect your Kerberos setup.

If the environment variable SSSD_KRB5_LOCATOR_DEBUG is set to any value debug messages will be sent to stderr.

If the environment variable SSSD_KRB5_LOCATOR_DISABLE is set to any value the plugin is disabled and will just return KRB5_PLUGIN_NO_HANDLE to the caller.

SEE ALSO

sssd(8), sssd.conf(5), sssd-ldap(5), sssd-krb5(5), sssd-simple(5), sssd-ipa(5), sssd-ad(5), sssd-sudo(5), sssd-secrets(5), sssd-session-recording(5), sss_cache(8), sss_debuglevel(8), sss_groupadd(8), sss_groupdel(8), sss_groupshow(8), sss_groupmod(8), sss_useradd(8), sss_userdel(8), sss_usermod(8), sss_obfuscate(8), sss_seed(8), sssd_krb5_locator_plugin(8), sss_ssh_authorizedkeys(8), sss_ssh_knownhostsproxy(8), sssd-ifp(5), pam_sss(8). sss_rpcidmapd(5) sssd-systemtap(5)