Installing, Configuring and Administering the Kerberos Server V 2.0 on HP-UX 11i
Configuration
Configuring The Secondary Security Servers
Chapter 590
Create a host/<fqdn> Principal and Extract Its Key
To allow principal database propagation, each Secondary Server must
contain a host/<fqdn> principal. Also, the key for this principal must be
extracted to that server’s service key table file.
Creating a host/<fqdn> principal and extracting its key is performed on
a Secondary Server the same way it is performed on a Primary Server.
Refer to “Create The host/<fqdn> principal And Extract Its Service Key”
on page 82 under the Primary Security Server section for complete
instructions.
You do not need to be logged on as a root user to perform these steps on
a Secondary Server. Instead, you must run kadmin and logon using the
administrative principal name and password when prompted for this
information.
Each KDC needs a host service principal in the Kerberos database. You
can create these from any host, once the kadmind daemon is running.