diff options
author | Timothy Pearson <kb9vqf@pearsoncomputing.net> | 2015-09-29 13:30:59 -0500 |
---|---|---|
committer | Timothy Pearson <kb9vqf@pearsoncomputing.net> | 2015-09-29 13:30:59 -0500 |
commit | 80c65755dc02df84c632a9eba82dae8f8daab67f (patch) | |
tree | d9a439d1f7ccc860d427d25da57a0661cc63e2e5 /src/libtdeldap.cpp | |
parent | d9172dad3c94e373c944d6f4e7a06262ed0329a1 (diff) | |
download | libtdeldap-80c65755dc02df84c632a9eba82dae8f8daab67f.tar.gz libtdeldap-80c65755dc02df84c632a9eba82dae8f8daab67f.zip |
Write missing appdefaults section on client machines
Diffstat (limited to 'src/libtdeldap.cpp')
-rw-r--r-- | src/libtdeldap.cpp | 15 |
1 files changed, 15 insertions, 0 deletions
diff --git a/src/libtdeldap.cpp b/src/libtdeldap.cpp index 37cc76b..772596a 100644 --- a/src/libtdeldap.cpp +++ b/src/libtdeldap.cpp @@ -4825,6 +4825,21 @@ int LDAPManager::writeClientKrb5ConfFile(LDAPClientRealmConfig clientRealmConfig stream << "# All changes will be lost!\n"; stream << "\n"; + // Appdefaults + stream << "[appdefaults]\n"; + if (realmList.begin() != realmList.end()) { + LDAPRealmConfig realmcfg = *realmList.begin(); + TQString ldap_certfile = LDAP_CERT_FILE; + TQString ldap_crlfile = LDAP_CERTREVOC_FILE; + ldap_certfile.replace("@@@ADMINSERVER@@@", realmcfg.admin_server); + ldap_crlfile.replace("@@@ADMINSERVER@@@", realmcfg.admin_server); + + stream << " pkinit_anchors = FILE:" << ldap_certfile << "\n"; + stream << " pkinit_revoke = FILE:" << ldap_crlfile << "\n"; + } + stream << " pkinit_require_crl_checking = true\n"; + stream << "\n"; + // Defaults stream << "[libdefaults]\n"; stream << " ticket_lifetime = " << clientRealmConfig.ticketLifetime << "\n"; |