NOTE
NOTE
NOTE
Configuring the Primary and Secondary Security Server
Configuring the Primary Security Server
The host/<fqdn> principal is not automatically added to the principal database during security server software installation; you must manually add the host/<fqdn> principal using the kadminl_ui or kadminl command.
You must log on as a root user, on the primary security server, to add the host/<fqdn> principal to the database.
HP recommends that you create a host/<fqdn> principal and extract its service key using the ktutil command. To do this, type the following command at the prompt:
# kadminl
The host/<fqdn> is added to the principal database, along with a random key. The random key is added to the service key table. To verify that these operations are successful, use the
Propagation is disabled if you select LDAP as your backend database. Check with your LDAP administrator, for more information about propagation of information on the LDAP Server.
Start the Kerberos DaemonsYou can use the krbsetup tool to start the following Kerberos daemons:
•kdcd
•kadmind
You cannot use the krbsetup tool to start the kpropd daemon. Start the kpropd daemon manually.
Chapter 7 | 99 |