infra/roles/kerberos5/templates/kdc.conf.j2

[kdcdefaults]
 kdc_ports = 88
 kdc_tcp_ports = 88

[realms]
 {{ krb5_realm | upper }} = {
  master_key_type = aes256-cts
  kadmind_port = 749
  max_life = 12h 0m 0s
  max_renewable_life = 7d 0h 0m 0s
  acl_file = {{ kdc_var_path }}/kadm5.acl
  dict_file = /usr/share/dict/words
  admin_keytab = {{ kdc_var_path }}/kadm5.keytab
  supported_enctypes = aes256-cts:normal aes128-cts:normal des3-hmac-sha1:normal arcfour-hmac:normal camellia256-cts:normal camellia128-cts:normal
 }

[logging]
 kdc = FILE:/var/log/krb5kdc.log
 admin_server = FILE:/var/log/kadmin.log
 default = FILE:/var/log/krb5lib.log