Propagation
Setting Up Propagation
| Setting Up Propagation |
| Once your primary and secondary servers are installed and configured, |
| you must propagate principal database information from the primary |
| server to all secondary servers. |
| Before you can configure propagation, each secondary server must have |
| an existing principal database to act as a container for the information |
| being propagated to the server. The principal database is created during |
| installation. |
| Each security server must also have a stashed master key. If you created |
| the database during installation, the key is automatically stashed in the |
| /opt/krb5/.k5.REALM file. If you created the database after installation |
| using kdb_create, verify that you stashed the key using either the |
| kdb_create |
| To aid in propagation configuration, the mkpropcf tool has been provided |
| that reads the Kerberos configuration file, krb.conf, and constructs the |
| required propagation settings. |
| The primary security server component contains three daemons. These |
| daemons need to be started and stopped at various times throughout |
| propagation. |
| During initial propagation of the principal database to all secondary |
NOTE | |
| servers, the |
| once initial propagation has been completed, the |
| irrelevant. |
|
|
224 | Chapter 7 |