|
|
| Propagation |
|
|
| Monitoring Propagation |
|
| • | admin_acl_file |
|
| • | password.policy |
|
| • | kpropd.ini |
Step | 3. | Make an archive of the principal.* files on the secondary server | |
Step | 4. | Remove the Kerberos Server software on the secondary server | |
Step | 5. | Install the Kerberos Server software on the former secondary server. | |
|
| Do not create the database during installation. | |
Step | 6. | Restore the principal.* database files archived in Step 3 | |
Step | 7. | Restore the original files retrieved from the primary server in Step 2. | |
|
| Note that these same files were created during installation (Step 5), so | |
|
| you will be overwriting them when you restore the original files | |
Step | 8. | Reboot the system, and restart the kdcd, kadmind, and kpropd daemons. | |
Restarting Services
It is a good idea to restart each of the services occasionally. Once a month is adequate, unless you have noted problems and want to restart more frequently. To start a server:
• Run this command as root:
# /sbin/init.d/krbsrv start
# /opt/krb5/sbin/kpropd
Cleaning the Temp Directory
Remove any files beginning with krb5_ that are older than a week. If the tmp partition is allowed to reach hundred percent utilization, the system will no longer be able to write cache files, and the services will begin to fail. Also check the /var/tmp directory for adequate space.
If files beginning with rc_ are growing large, stop the servers, either by executing /sbin/init.d/krbsrv stop as root, remove files beginning with rc_, and then restart the servers by executing
/sbin/init.d/krbsrv start /opt/krb5/sbin/kpropd
Chapter 7 | 237 |