Installing, Configuring and Administering the Kerberos Server V 2.0 on HP-UX 11i
Propagation
Setting Up Propagation
Chapter 7224
Setting Up Propagation
Once your primary and secondary servers are installed and configured,
you must propagate principal database information from the primary
server to all secondary servers.
Before you can configure propagation, each secondary server must have
an existing principal database to act as a container for the information
being propagated to the server. The principal database is created during
installation.
Each security server must also have a stashed master key. If you created
the database during installation, the key is automatically stashed in the
/opt/krb5/.k5.REALM file. If you created the database after installation
using kdb_create, verify that you stashed the key using either the
kdb_create -s or kdb_stash.
To aid in propagation configuration, the mkpropcf tool has been provided
that reads the Kerberos configuration file, krb.conf, and constructs the
required propagation settings.
The primary security server component contains three daemons. These
daemons need to be started and stopped at various times throughout
propagation.
NOTE During initial propagation of the principal database to all secondary
servers, the start-up order of the services/daemons is critical. However,
once initial propagation has been completed, the start-up order is
irrelevant.