Make IPA defaults converge with current AD ones

Julien Rische requested to merge ipadev into master

In order to align the behaviour of the Kerberos configuration for IPAdev with the current AD one, I disabled rDNS resolution.

After running some tests with the 1.3-1 version, I also realised the dns_lookup_realm = true parameter superfluous, since domain to realm fallback mechanism (realm_try_domains = true) was enough.

The dns_lookup_kdc parameter was moved to realm definitions, since the global one is not necessary anymore if dns_lookup_realm is disable. Also this is more in accordance with the modular configuration approach.

The ticket and renewal lifetimes were also update to match AD's ones.

Merge request reports