MyWebUniversity.com Home Page
 



OpenSolaris man pages main menu 


System Administration Commands                          kprop(1M)



NAME
     kprop - Kerberos database propagation program

SYNOPSIS
     /usr/lib/krb5/kprop [-d] [-f file] [-p port-number]
          [-r realm] [-s keytab] [host]


DESCRIPTION
     kprop is a command-line utility used for propagating a  Ker-
     beros  database  from a master KDC to a slave KDC. This com-
     mand must be run on the master KDC. See the  Solaris  System
     Administration  Guide, Vol. 6 on how to set up periodic pro-
     pagation between the master KDC and slave KDCs.


     To propagate a Kerberos database, the  following  conditions
     must be met:

         o    The slave KDCs must  have  an  /etc/krb5/kpropd.acl
              file  that  contains  the principals for the master
              KDC and all the slave KDCs.

         o    A keytab containing a  host  principal  entry  must
              exist on each slave KDC.

         o    The database to be propagated must be dumped  to  a
              file using kdb5util(1M).

OPTIONS
     The following options are supported:

     -d                Enable debug mode. Default is  debug  mode
                       disabled.


     -f file           File to be sent to the slave KDC.  Default
                       is the /var/krb5/slavedatatrans file.


     -p port-number    Propagate  port-number.  Default  is  port
                       754.


     -r realm          Realm  where   propagation   will   occur.
                       Default realm is the local realm.


     -s keytab         Location of the keytab.  Default  location
                       is /etc/krb5/krb5.keytab.





SunOS 5.11          Last change: 14 Nov 2005                    1






System Administration Commands                          kprop(1M)



OPERANDS
     The following operands are supported:

     host    Name of the slave KDC.


EXAMPLES
     Example 1 Propagating the Kerberos Database


     The following example propagates the Kerberos database  from
     the  /tmp/slavedata  file  to  the  slave  KDC  london. The
     machine london must have a host principal keytab  entry  and
     the  kpropd.acl  file  must contain an entry for the all the
     KDCs.


       # kprop -f /tmp/slavedata london



FILES
     /etc/krb5/kpropd.acl         List of principals of  all  the
                                  KDCs;  resides  on  each  slave
                                  KDC.


     /etc/krb5/krb5.keytab        Keytab for Kerberos clients.


     /var/krb5/slavedatatrans    Kerberos database propagated to
                                  the KDC slaves.


ATRIBUTES
     See attributes(5) for descriptions of the  following  attri-
     butes:



     
           ATRIBUTE TYPE               ATRIBUTE VALUE       
    
     Availability                 SUNWkdcu                    
    


SEE ALSO
     kpasswd(1), svcs(1),  gkadmin(1M),  inetadm(1M),  inetd(1M),
     kadmind(1M),  kadmin.local(1M),  kdb5util(1M),  svcadm(1M),
     kadm5.acl(4),   kdc.conf(4),   attributes(5),   kerberos(5),
     smf(5)



SunOS 5.11          Last change: 14 Nov 2005                    2






System Administration Commands                          kprop(1M)























































SunOS 5.11          Last change: 14 Nov 2005                    3
OpenSolaris man pages main menu
Contact us      |       About us      |       Term of use      |       Copyright © 2000-2010 MyWebUniversity.com ™