Propagation

kpropd.ini

As the krb.conf file cannot describe a propagation hierarchy where secondary servers themselves have secondary servers, you must edit the kpropd.ini file to support such relationships.

[default_values] interval=15s key_exp=6h max_cache=1024K max_retry_delay=1h net_timeout=30s port=kerberos-adm primary_realm=REALM1 realms=all service_name=host [sersrv1]

child = secsrv2 [secsrv2] child1 = secsrv3 child = secsrv4 parent = secsrv1 [secsrv3]

parent = secsrv2, realms = REALM1 [secsrv4]

parent = secsrv2, realms = REALM2

222

Chapter 7

Page 221 Page 223
Page 222
Image 222
HP UX Kerberos Data Security Software manual 222
Page 221 Page 223
Top Page Image Contents