Mention kpasswrd_server setting for krb5.conf

2010-11-18 08:34:36 -05:00
parent cb712170ff
commit 502360ef2d
1 changed files with 11 additions and 1 deletions
--- a/doc/setup.texi
+++ b/doc/setup.texi
@@ -407,7 +407,17 @@ To allow users to change their passwords, you should run @command{kpasswdd}.
 It is not run from @command{inetd}.

 You might need to add @samp{kpasswd} to your @file{/etc/services} as
-@samp{464/udp}.
+@samp{464/udp}.  If your realm is not setup to use DNS, you might also
+need to add a @samp{kpasswd_server} entry to the realm configuration
+in @file{/etc/krb5.conf} on client machines:
+
+@example
+[realms]
+        MY.REALM = @{
+                kdc = my.kdc my.slave.kdc
+                kpasswd_server = my.kdc
+        @}
+@end example

@subsection Password quality assurance