Sun Microsystems, Inc.
spacerspacer
spacer   www.sun.com docs.sun.com | | |  
spacer
black dot
   
A   B   C   D   E   F   G   H   I   J   K   L   M   N   O   P   Q   R   S   T   U   V   W   X   Y   Z
    
 
System Administration Commandskprop(1M)


NAME

 kprop - Kerberos database propagation program

SYNOPSIS

 /usr/lib/kprop [-d] [-f file] [-p port-number] [-r realm] [-s keytab] [host]

DESCRIPTION

 

kprop is a command-line utility used for propagating a Kerberos database from a master KDC to a slave KDC. This command must be run on the master KDC. See the Solaris System Administration Guide, Vol. 6 on how to set up periodic propagation between the master KDC and slave KDCs.

To propagate a Kerberos database, the following conditions must be met:

  • The slave KDCs must have an /etc/krb5/kpropd.acl file that contains the principals for the master KDC and all the slave KDCs.
  • A keytab containing a host principal entry must exist on each slave KDC.
  • The database to be propagated must be dumped to a file using kdb5_util(1M).

OPTIONS

 

-d
Enable debug mode. Default is debug mode disabled.
-f file
File to be sent to the slave KDC. Default is the /var/krb5/slave_datatrans file.
-p port-number
Propagate port-number. Default is port 754.
-r realm
Realm where propagation will occur. Default realm is the local realm.
-s keytab
Location of the keytab. Default location is /etc/krb5/krb5.keytab.

OPERANDS

 

The following operands are supported:

host
Name of the slave KDC.

EXAMPLES

 Example 1. Propagating the Kerberos Database
 

The following example propagates the Kerberos database from the /tmp/slave_data file to the slave KDC london. The machine london must have a host principal keytab entry and the kpropd.acl file must contain an entry for the all the KDCs.
 
# kprop -f /tmp/slave_data london

FILES

 
/etc/krb5/kpropd.acl
List of principals of all the KDCs; resides on each slave KDC.
/etc/krb5/krb5.keytab
Keytab for Kerberos clients.
/var/krb5/slave_datatrans
Kerberos database propagated to the KDC slaves.

ATTRIBUTES

 

See attributes(5) for descriptions of the following attributes:

ATTRIBUTE TYPEATTRIBUTE VALUE
AvailabilitySUNWkdcu

SEE ALSO

 

kpasswd(1), gkadmin(1M), kadmind(1M), kadmin.local(1M), kdb5_util(1M), kadm5.acl(4), kdc.conf(4), attributes(5), SEAM(5)

Solaris System Administration Guide, Security Services


SunOS 5.9Go To TopLast Changed 17 Aug 2001

 
      
      
Copyright 2002 Sun Microsystems, Inc. All rights reserved. Use is subject to license terms.