Propagation
Configuring for
Multiple Primary Servers That Support A Single
Realm
You must have one Primary Server for each realm, if you have a
You cannot propagate changes from one Primary Server to another. You can only propagate changes from a Primary Server to a Secondary Server. Therefore, when you have multiple Primary Servers supporting only a single database, you are not required to change your propagation configuration from the single realm scheme.
Adding More Realms to a
Before you can begin adding realms to a database, you must have the basic infrastructure completed. This means you must:
•Install the Primary Security Server and create the database.
•Install each Secondary Server and create their respective databases.
•Create the first administrative principal, and to this principal assign permissions for all realms.
In the following section, we assume that you have not yet configured propagation before you start adding realms.
To add realms to the database, you can authenticate from a client using the administrative principal account and run the Remote Administrator, kadmin_ui, or you can log on to the Primary Security Server and run the Local Administrator, kadminl_ui.
Once you are running Administrator, add additional realms using the Realms tab. For more information on creating realms, refer to“Realms Tab” on page 163.
Once all realms are added to the database, you must decide on the
Secondary Servers that will support the multiple realms.
Database Propagation for
If you plan to support more than one realm in a single principal database on a Primary Security Server and you plan to propagate only selected realms to certain Secondary Security Servers, you must perform additional steps when you configure propagation.
240 | Chapter 7 |