Propagation

kpropd.ini

NOTE

Intervals less than 15s could generate too much

 

network traffic during peak authentication times.

 

 

key_exp=n[smhd] Specifies the length of time a session key is valid, where n, indicates the number of seconds, minutes, hours, or days.

The default is value six hours (6h). The default unit is hours.

max_cache=n[KM] Specifies the maximum size that each security server’s cache file (prop_hostname) can reach before it is deleted, where n, indicates the number of bytes, kilobytes, or megabytes. A deleted cache file instigates a full database propagation when the connection is re-established.

The default value is 1024K. The default unit is bytes.

max_retry_delay=n[smhd] When kpropd attempts to establish a connection with a secondary server and the attempt fails, kpropd waits for a period of time called the retry delay, initially set for one minute. With each subsequent time out, the retry delay doubles. The max_retry_delay then, is the maximum interval between retries that kpropd should wait before it terminates its attempt to establish a connection with a secondary server and log the failure to the system log.

net_timeout=n[smhd] Specifies the length of time the propagation system waits for a response from any security server before terminating the connection, where n, indicates the number of seconds, minutes, hours, or days. When a timeout occurs, all propagating records are cached into the prop_hostname file associated with the target server; when a connection to the server is re-established, records in the cache file are then propagated.

The default value is 30 seconds (30s). The default unit is seconds.

Chapter 7

219

Page 219
Image 219
HP UX Kerberos Data Security Software manual