Kerberos Server Version 3.12 Administrator's Guide
Propagating the Kerberos Server
The kpropd.ini File
Chapter 9252
Sections
The kpropd.ini file stores configuration parameters required for
propagation. This file contains the following sections:
•The [default_values] section controls the various global
propagation properties. The listed values apply to all security servers
unless you override the defaults by specifying different values in the
[secsrv_name] section for a given security server.
•The [secsrv_name] section lists each security server in accordance
with your propagation hierarchy. The listed values apply only to the
specified server, where secsrv_name is the fully qualified domain
name (FQDN) of the security server. You must configure the
[secsrv_name] section for each security server in your realm in order
to identify its parent-child relationships in the propagation hierarchy
and override one or more default values for a given server. This is an
optional parameter.
Following is a brief description of the kpropd.ini file sections:
The [default_values] Section
You cannot override the interval, service_name, or primary_realm
values that you set in the [default_values] section. In other words, the
values you set for these parameters in the [default_values] section
override any other value you assign to them in the subsequent
[secsrv_name] sections.
Following are the options in the [default_values] section:
interval = n [s|m|h|d]
Specifies how often to propagate database changes to
the other security servers, where n indicates the
number of seconds, minutes, hours, or days. The
default value is 15 seconds.
NOTE Intervals less than 15 seconds may generate a lot of
network traffic during peak authentication.
key_exp=n[s|m|h|d]