Propagation

Monitoring Propagation

Step

1.

On a secondary server, stop the daemons and then from the

 

 

/opt/krb5/admin directory, run the kdb_dump utility using the following

 

 

syntax:

 

 

# /opt/krb5/admin/kdb_dump -f /tmp/secondary.db

Step

2.

From the primary server, stop the daemons and then repeat the

 

 

procedure:

 

 

# /opt/krb5/admin/kdb_dump -f /tmp/primary.db

Step

3.

Restart the daemons on both the primary and the secondary.

Step

4.

To compare the files for discrepancies, copy the files to the same location

 

 

and use the diff command:

 

 

diff primary.db secondary.db > diffs_p.db

 

 

The diff command creates a file, diffs_p.db, that lists each principal

 

 

entry on the primary database that does not match an entry on the

 

 

secondary principal database. For more information on the diff

 

 

command, type man diff on your HP-UXcommand prompt.

 

Restarting Propagation Using the Simple Process

 

To restart the Prop daemon, you can follow either a simple process of

 

restarting the daemons, or a more complex process in which you also

 

create a new propagation queue file and perform a full dump. This

 

section describes the simple process.

 

To stop and restart the propagation daemons:

Step

1. On the secondary server(s), kill the kpropd and execute the following

 

command:

 

# /opt/krb5/sbin/kpropd

Step

2. On the primary server, kill the kpropd and execute the following

 

command:

 

# /opt/krb5/sbin/kpropd

234

Chapter 7

Page 234
Image 234
HP UX Kerberos Data Security Software manual Restarting Propagation Using the Simple Process, Step