Filter
Top Products
Configuring the Primary and Secondary Security Server
Configuring the Primary Security Server
Chapter 796
Configuring the Primary Security Server
The following sections describe the initial configuration tasks you need
to perform to get your primary and secondary security server up and
running.
The primary security server requires the following basic configuration
tasks:
1. Execute the krb5_encrypt command to generate the master key.
NOTE If you have opted to configure your Kerberos with LDAP as the
backend, specify the master key, generated by executing the
krb5_encrypt command, in the proxy_user field in the
krb5_ldap.conf file.
2. “Create the Principal Database After Installation” on page 96
3. “Add an Administrative Principal” on page 97
4. “Create the host/<fqdn> Principal and Extracting the Service Key”
on page 98
5. “Start the Kerberos Daemons” on page 99
6. “Define Secondary Security Server Network Locations” on page 100
Create the Principal Database After Installation
If you choose not to create the principal database during installation,
create it before configuring the security server. To create the principal
database, execute the following command:
kdb_create -s
NOTE The kdb_create command uses the 3DES encrypted database by
default.