[libdefaults]
	default_realm = YOURDOMAIN.COM
	clockskew = 300

[realms]
	YOURDOMAIN.COM = {
		kdc = yourdc.yourdomain.com
		default_domain = yourdomain.com
		admin_server = yourdc.yourdomain.com
	}
EXAMPLE.COM = {
	kdc = kerberos.example.com
	admin_server = kerberos.example.com
}

[logging]
	kdc = FILE:/var/log/krb5/krb5kdc.log
	admin_server = FILE:/var/log/krb5/kadmind.log
	default = SYSLOG:NOTICE:DAEMON
[domain_realm]
	.yourdomain.com = YOURDOMAIN.COM
[appdefaults]
	pam = {
		ticket_lifetime = 1d
		renew_lifetime = 1d
		forwardable = true
		proxiable = false
		retain_after_close = false
		minimum_uid = 1
		try_first_pass = true
	}