The installation script performs the Kerberos configuration automatically. This includes specifying the realm and domain details, and default ticket attributes. Forwardable tickets are configured by default, which facilitates connection to the administration interface from any operating system, and also provides for auditing of administration operations.

The following is an example of a Kerberos configuration file for Red Hat Enterprise IPA:

[libdefaults]
default_realm = EXAMPLE.COM
dns_lookup_realm = true
dns_lookup_kdc = true
forwardable = yes
ticket_lifetime = 24h

[realms]
EXAMPLE.COM = {
	kdc = ipaserver.example.com:88
	admin_server = ipaserver.example.com:749
	default_domain = example.com
	}
[domain_realm]
.example.com = EXAMPLE.COM
example.com = EXAMPLE.COM