Propagating the Kerberos Server
The kpropd.ini File
Specifies the length of time for which a session key is valid, where n indicates the number of seconds, minutes, hours, or days.
The default is value 6 hours.
max_cache=n[KM]
Specifies the maximum size that each cache file of the security server (prop_hostname) can reach before it is deleted, where n indicates the number of bytes, kilobytes, or megabytes. A deleted cache file initiates a full database propagation when the connection is
The default value is 1024 kilobytes.
max_retry_delay=n[smhd]
When kpropd attempts to establish a connection with a secondary security server and the attempt fails, kpropd waits for a period of time called the retry delay, initially set for 1 minute. With each subsequent timeout, the retry delay doubles. The max_retry_delay is the maximum interval between retries that kpropd must wait before it terminates its attempt to establish a connection with a secondary security server and logs the failure to the system log.
net_timeout=n[smhd]
Specifies the length of time the propagation system waits for a response from any security server before terminating the connection, where n indicates the number of seconds, minutes, hours, or days. When a timeout occurs, all propagating records are cached into the prop_hostname file associated with the target server. When a connection to the server is
The default value is 30 seconds.
port=port_name Specifies the communication port over which the database is propagated. The value can be a
Chapter 9 | 253 |