Filter
Top Products
Configuring the Primary and Secondary Security Server
Configuring the Secondary Security Servers with LDAP
Chapter 7 105
Configuring the Secondary Security Servers
with LDAP
You can now configure the secondary security servers. Assuming that
you are setting up the primary security server so that you can easily
switch the primary security server with one of the secondary security
servers, you must perform each of the steps on the primary security
server as well as on the secondary security server.
All secondary security servers require the following basic configuration
tasks:
• Copying the Kerberos configuration files.
• Creating a stash file using the kdb_stash utility.
Copying the Kerberos Configuration File
Each secondary security server must have a copy of the Kerberos
configuration files (krb.conf)from the primary security server. The
krb.conf file is located at:
/opt/krb5/krb.conf
Following lists the default configuration files required on the secondary
security server:
• krb.conf
• krb.realms
• krb5_ldap.conf
• krb5_schema.conf
• krb5_map.conf
Creating a stash file using the kdb_stash utility
You must create a stash file using the kdb_stash utility. This utility
stores the master key in a stash file that the Kerberos server accesses
when the security server daemons start up. You must specify the same