|
| Propagating the Kerberos Server |
|
| Monitoring Propagation |
Step | 4. | Remove the Kerberos server software on the secondary security server. |
Step | 5. | Install the Kerberos server software on the previous secondary security |
|
| server. Do not create the database during installation. |
Step | 6. | Restore the principal.* database files archived in step 3. |
Step | 7. | Restore the original files retrieved from the primary security server in |
|
| step 2. These are the same files that were created during installation in |
|
| step 5. Therefore, you will be overwriting them when you restore the |
|
| original files. |
Step | 8. | Reboot the system, and restart the kdcd, kadmind, and kpropd daemons. |
HP recommends that you restart the services occasionally. It is sufficient to restart the services once a month, unless you have noted problems and want to restart more frequent.
To start a service, run the following commands as a root user:
# /sbin/init.d/krbsrv start
# /opt/krb5/sbin/kpropd
Cleaning the Temp DirectoryRemove files beginning with krb5_ that are older than a week. If you allow the tmp partition to reach 100 percent utilization, the system is unable to write cache files, and the services begin to fail. In addition, check the /var/tmp directory for adequate space.
If the number of files beginning with rc_ are increasing, stop the servers, either by executing the /sbin/init.d/krbsrv stop command as a root user or removing files beginning with rc_. Restart the servers using the following commands:
/sbin/init.d/krbsrv start /opt/krb5/sbin/kpropd
You can execute all these commands with shell scripts or cron jobs.
Chapter 9 | 271 |