DOC HOME SITE MAP MAN PAGES GNU INFO SEARCH PRINT BOOK
 

(heimdal.info) Slave Servers

Info Catalog (heimdal.info) Testing clients and servers (heimdal.info) Setting up a realm (heimdal.info) Incremental propagation
 
 Slave servers, Incremental propagation, Testing clients and servers, Setting up a realm
 =======================================================================================
 
 It is desirable to have at least one backup (slave) server in case the
 master server fails. It is possible to have any number of such slave
 servers but more than three usually doesn't buy much more redundancy.
 
 All Kerberos servers for a realm shall have the same database so that
 they present the same service to all the users.  The `hprop' program,
 running on the master, will propagate the database to the slaves,
 running `hpropd' processes.
 
 Every slave needs a database directory, the master key (if it was used
 for the database) and a keytab with the principal `hprop/HOSTNAME'.
 Add the principal with the `ktutil' command and start `propd', as
 follows:
 
      slave# ktutil get -p foo/admin hprop/`hostname`
      slave# mkdir /var/heimdal
      slave# hpropd
 
 The master will use the principal `kadmin/hprop' to authenticate to the
 slaves.  This principal should be added when running `kadmin -l init'
 but if you do not have it in your database for whatever reason, please
 add it with `kadmin -l add'.
 
 Then run `hprop' on the master:
 
      master# hprop slave
 
 This was just an on-hands example to make sure that everything was
 working properly.  Doing it manually is of course the wrong way and to
 automate this you will want to start `hpropd' from `inetd' on the
 slave(s) and regularly run `hprop' on the master to regularly propagate
 the database.  Starting the propagation once an hour from `cron' is
 probably a good idea.
 
Info Catalog (heimdal.info) Testing clients and servers (heimdal.info) Setting up a realm (heimdal.info) Incremental propagation
automatically generated byinfo2html