Propagating the Kerberos Server

Monitoring Propagation

Step

3. Restart the daemons on both the primary and secondary security

 

servers.

Step

4. To compare the files for discrepancies, copy the files to a common location

 

and execute the following command at the HP-UX prompt:

 

#

 

diff primary.db secondary.db > diffs_p.db

 

The diff command creates a file, diffs_p.db, which lists each principal

 

entry on the primary database that does not match an entry on the

 

secondary principal database. For more information on the diff

 

command, type man 1 diff at the HP-UX command prompt.

 

Restarting Propagation Using a Simple Process

 

To restart the kpropd, you can follow either a simple process of

 

restarting the daemons, or a more complex process in which you also

 

create a new propagation queue file and perform a full dump.

 

To stop and restart the propagation daemons, complete the following

 

steps:

Step

1. On the secondary security server, kill kpropd and execute the following

 

command at the HP-UX prompt:

 

# /opt/krb5/sbin/kpropd

Step

2. On the primary security server, kill kpropd and execute the following

 

command at the HP-UX prompt:

 

# /opt/krb5/sbin/kpropd

 

 

Restarting Propagation Using the Full Dump Method

 

 

You can also restart propagation by clearing the propagation directory

 

 

and restarting kpropd, which starts a full dump of the database to all

 

 

secondary security servers.

 

 

To initiate a full database dump to all the secondary security servers,

 

 

complete the following steps on the primary security server:

Step

1.

Stop the propagation daemon by running the kill command.

Step

2.

Remove the propagation queue files by running the following command:

268

Chapter 9

Page 268
Image 268
HP UX Kerberos Data Security Software manual Restarting Propagation Using a Simple Process