Manualshelf

Installing, Configuring and Administering the Kerberos Server V 2.0 on HP-UX 11i

ManualsBrandsHP ManualsSoftwareHP-UX Kerberos Data Security Software
221222223224225226227228229230
Propagation
Monitoring Propagation
Chapter 7 229
Monitoring Propagation
It is important to monitor database propagation between servers on a
regular basis. Monitoring helps identify two potential problems:
Primary-secondary link failure
Stalled propagation
Monitoring requires examining the log file and the propagation queue
files.
When propagation problems occur, the copies of the database on the
secondary servers can become out of sync with the database on the
primary server. See “Comparing the Database to its Copies” on page 231,
for more information on detecting and resolving an out-of-sync condition.
Refer to Chapter 9, “Troubleshooting,” on page 259, for more information
to resolve any problem you may encounter.
Monitoring the Log File
The log file can be useful in identifying a failed secure connection
between the primary and secondary server for propagation. Problems
that occur during propagation of data or when establishing a secure link
between servers for propagation are reported to the syslog.
Errors generated by the propagationdaemon, propd, are identified in the
syslog messages by their unique header, $KPROPD. You can create a cron
job to parse the log file at regular intervals and notify the security
administrator or system owner, for example, via paging or e-mail, when a
critical error message is found.
Critical Error Messages
The following error messages indicate critical problems. For information
about resolving the problems, see the “Propagation Failure” on page 235,
section.
Authentication failed: hostname server error: error_name
Can’t find kpropd.ini registry key/file.
[hostname of peer] Can’t establish secure connection for
propagation (errno=error_name); connect delay is seconds sec