Propagating the Kerberos Server
The kpropd.ini File
primary_realm=DEFAULT_REALM
Specifies the default realm of the primary security server.
If the krb.conf file does not exist, the DEFAULT REALM is assigned the uppercase equivalent of the domain name.
realms=[allrealm1[, realm2][,...]]
Specifies the realms whose records are propagated to the secondary security servers. The default value, all, propagates principal records from all realms to all security servers.
service_name=service_principal_name
Specifies the name of the service principal with access to the propagation system on the local security server, where service_principal_name is the name of the service principal. The default value is host/fqdn@REALM, where fqdn is the FQDN of the host, and REALM is the realm name of the host.
The [secsrv_name] SectionThe secsrv_name section is the FQDN of the security server specific to this section.
Following are the options in the [secsrv_name] section:
| parent=fqdn | Specifies the parent security server of the secsvr_name |
|
| in the propagation hierarchy, where fqdn is the FQDN |
|
| of the parent server. Every security server except the |
|
| primary security server must have only one parent |
|
| server. The primary security server has no parent |
|
| server. |
|
|
|
NOTE | You cannot override the interval, service_name, or | |
|
| primary_realm values that you set in the |
|
| [default_values] section. |
|
|
|
254 | Chapter 9 |