Filter
Top Products
Propagating the Kerberos Server
Setting Up Propagation
Chapter 9260
3. From the primary security server /opt/krb5/install directory, run
the following command:
# mkpropcf
This creates the kpropd.ini file, which defines your propagation
hierarchy.
NOTE If you do not want to use the default hierarchy structure (a two-tier
system), you must edit the kpropd.ini file to implement your
preferred hierarchy. For more information on this file, see “The
kpropd.ini File” on page 251.
4. Copy the kpropd.ini file to the secondary security server.
5. If you have configured a multitiered hierarchy, that is, if you have
secondary security servers that act as propagation parent servers,
copy the configuration file of the primary security server to each
secondary security server.
Step 2. On the primary security server, add the admin principal and extract the
service key by using the following command:
# /opt/krb5/admin/kadminl -R <admin/principal name> <passwd>
Step 3. Extract the propagation principal on the primary security server, using
the following command:
# /opt/krb5/admin/kadminl -R ext <service principal name>
By default, host/fqdn@REALM is added.
Step 4. Kill all the running daemons on the secondary security server, and
extract the service key by using the following commands:
# /sbin/init.d/krbsrv stop
# /opt/krb5/bin/kadmin <admin/principal> -R ext <service princ
ipal name>