Installing, Configuring and Administering the Kerberos Server V 2.0 on HP-UX 11i
Propagation
Setting Up Propagation
Chapter 7226
# mkpropcf
This creates the kpropd.ini file, which defines your propagation
hierarchy.
NOTE If you do not want to use the default hierarchy structure (a two-tier
system) you must edit the kpropd.ini file to contain your preferred
hierarchy. Refer to “kpropd.ini” on page 217, for more details on this
file.
4. Copy the kpropd.ini file to the secondary server.
5. If you have configured a multi-tiered hierarchy; that is, you have
secondary servers that act as propagation parent servers, copy the
primary server’s configuration file to each secondary server.
Step 2. On the Primary Server, add the admin principal and extract the service
key
1. Add the admin principal on the primary server, using the following
command:
# /opt/krb5/admin/kadminl -R <admin/principal name>
<passwd>
2. Extract the propagation principal on the primary server, using the
command given below. By default, host/fqdn@REALM is added.
# /opt/krb5/admin/kadminl -R ext <service principal
name>
Step 3. Kill all the running daemons on the primary server and start the kdcd
and kadmind daemons
1. Kill the daemons on the primary server, using the following
command:
# /sbin/init.d/krbsrv stop
2. Restart the kdcd and kadmind daemons, using the following
command:
# /sbin/init.d/krbsrv start