Installing, Configuring and Administering the Kerberos Server V 2.0 on HP-UX 11i
Propagation
kpropd.ini
Chapter 7 221
child[n]=fqdn Specifies secsrv_name’s child security server in the
propagation hierarchy, where fqdn is the fully qualified
domain name of the child server. A security server can
have zero or more child servers.
If more than one child server receives propagated
records from secsrv_name, include a complete child
configuration line for each additional child, where each
child is uniquely numbered with the suffix n, beginning
with child1.
NOTE You cannot override the interval, service_name, or
primary_realm values that you set in the
[default_values] section.
Examples
The sample [default_values] section below lists the default values
mkpropcf might create using information from the krb.conf file on a
primary security server that supports REALM1 as its default realm. The
propagation hierarchy that kpropd creates is derived from the security
servers that support the default realm.
The sample [secsrv_name] sections below illustrates a propagation
hierarchy where secsrv1 is the primary security server and the parent of
one secondary server, secsrv2. In addition, secsrv2 is the parent of the
secsrv3 and secsrv4 secondary servers.
secsrv1 and secsrv2 support two realms - REALM1 and REALM2. secsrv3
only supports REALM1, while secsrv4 only supports REALM2. All servers
have a host/fqdn principal in REALM1. The Kerberos configuration files on
all servers contain the following entries:
REALM1
REALM1 secsrv1.company.com admin server
REALM2 secsrv1.company.com admin server
REALM1 secsrv1.company.com
REALM2 secsrv2.company.com
REALM2 secsrv2.company.com
REALM1 secsrv3.company.com
REALM2 secsrv4.company.com