Edit the /etc/krb5.conf file to reflect the following example:

[libdefaults]
default_realm = EXAMPLE.COM
default_tkt_enctypes = DES-CBC-CRC
default_tgs_enctypes = DES-CBC-CRC
ccache_type = 2

[realms]
EXAMPLE.COM = {
	kpasswd_server = ipaserver.example.com
	kdc = ipaserver.example.com:88
	admin_server = ipaserver.example.com:749
	default_domain = example.com
	}

[domain_realm]
.example.com = EXAMPLE.COM
example.com = EXAMPLE.COM

[appdefaults]
kinit = {
	forwardable = true
	}

The Kerberos configuration includes specifying the realm and domain details, and default ticket attributes. Forwardable tickets are configured by default, which facilitates connection to the administration interface from any operating system, and also provides for auditing of administration operations.