This Kerberos configuration file can be used to integrate Linux into Active Directory. This configuration uses DNS SRV records to locate the Kerberos realm and KDCs (AD domain controllers).

krb5.conf

[logging]
 default = FILE:/var/log/krb5libs.log
 kdc = FILE:/var/log/krb5kdc.log
 admin_server = FILE:/var/log/kadmind.log

[libdefaults]
 default_realm = EXAMPLE.COM
 dns_lookup_realm = true
 dns_lookup_kdc = true

#[realms]
# EXAMPLE.COM = {
#  kdc = host.example.com:88
#  admin_server = host.example.com:749
#  default_domain = example.com
# }

[domain_realm]
 .example.com = EXAMPLE.COM
 example.com = EXAMPLE.COM

[kdc]
 profile = /var/kerberos/krb5kdc/kdc.conf

[appdefaults]
 pam = {
   debug = false
   ticket_lifetime = 36000
   renew_lifetime = 36000
   forwardable = true
   krb4_convert = false
   validate = true
 }