sssd_krb5_locator_plugin man page

sssd_krb5_locator_plugin — Kerberos locator plugin


The Kerberos locator plugin sssd_krb5_locator_plugin is used by the Kerberos provider of sssd(8) to tell the Kerberos libraries what Realm and which KDC to use. Typically this is done in krb5.conf(5) which is always read by the Kerberos libraries. To simplify the configuration the Realm and the KDC can be defined in sssd.conf(5) as described in sssd-krb5(5)

sssd(8) puts the Realm and the name or IP address of the KDC into the environment variables SSSD_KRB5_REALM and SSSD_KRB5_KDC respectively. When sssd_krb5_locator_plugin is called by the kerberos libraries it reads and evaluates these variables and returns them to the libraries.


Not all Kerberos implementations support the use of plugins. If sssd_krb5_locator_plugin is not available on your system you have to edit /etc/krb5.conf to reflect your Kerberos setup.

If the environment variable SSSD_KRB5_LOCATOR_DEBUG is set to any value debug messages will be sent to stderr.

See Also

sssd(8), sssd.conf(5), sssd-ldap(5), sssd-krb5(5), sssd-simple(5), sssd-ipa(5), sssd-ad(5), sssd-sudo(5), sss_cache(8), sss_debuglevel(8), sss_groupadd(8), sss_groupdel(8), sss_groupshow(8), sss_groupmod(8), sss_useradd(8), sss_userdel(8), sss_usermod(8), sss_obfuscate(8), sss_seed(8), sssd_krb5_locator_plugin(8), sss_ssh_authorizedkeys(8), sss_ssh_knownhostsproxy(8), sssd-ifp(5), pam_sss(8). sss_rpcidmapd(5)


The SSSD upstream -

Referenced By

idmap_sss(8), pam_sss(8), sss_cache(8), sssctl(8), sssd(8), sssd-ad(5), sssd.conf(5), sss_debuglevel(8), sssd-ifp(5), sssd-ipa(5), sssd-krb5(5), sssd-ldap(5), sssd-simple(5), sssd-sudo(5), sss_groupadd(8), sss_groupdel(8), sss_groupmod(8), sss_groupshow(8), sss_obfuscate(8), sss_override(8), sss_seed(8), sss_ssh_authorizedkeys(1), sss_ssh_knownhostsproxy(1), sss_useradd(8), sss_userdel(8), sss_usermod(8).

01/27/2017 SSSD Manual pages