kprop(1M)
NAME
kprop - Kerberos database propagation program
SYNOPSIS
/usr/lib/kprop [-d] [-f file] [-p port-number] [-r realm]
[-s keytab] [host]
DESCRIPTION
kprop is a command-line utility used for propagating a Ker-
beros database from a master KDC to a slave KDC. This com-
mand must be run on the master KDC. See the Solaris System
Administration Guide, Vol. 6 on how to set up periodic pro-
pagation between the master KDC and slave KDCs.
To propagate a Kerberos database, the following conditions
must be met:
o The slave KDCs must have an /etc/krb5/kpropd.acl file
that contains the principals for the master KDC and
all the slave KDCs.
o A keytab containing a host principal entry must exist
on each slave KDC.
o The database to be propagated must be dumped to a file
using kdb5_util(1M).
OPTIONS
The following options are supported:
-d Enable debug mode. Default is debug mode disabled.
-f file
File to be sent to the slave KDC. Default is the
/var/krb5/slave_datatrans file.
-p port-number
Propagate port-number. Default is port 754.
-r realm
Realm where propagation will occur. Default realm is
the local realm.
-s keytab
Location of the keytab. Default location is
/etc/krb5/krb5.keytab.
OPERANDS
The following operands are supported:
host Name of the slave KDC.
EXAMPLES
Example 1: Propagating the Kerberos Database
The following example propagates the Kerberos database from
the /tmp/slave_data file to the slave KDC london. The
machine london must have a host principal keytab entry and
the kpropd.acl file must contain an entry for the all the
KDCs.
# kprop -f /tmp/slave_data london
FILES
/etc/krb5/kpropd.acl
List of principals of all the KDCs; resides on each
slave KDC.
/etc/krb5/krb5.keytab
Keytab for Kerberos clients.
/var/krb5/slave_datatrans
Kerberos database propagated to the KDC slaves.
ATTRIBUTES
See attributes(5) for descriptions of the following attri-
butes:
____________________________________________________________
| ATTRIBUTE TYPE | ATTRIBUTE VALUE |
|_____________________________|_____________________________|
| Availability | SUNWkdcu |
|_____________________________|_____________________________|
SEE ALSO
kpasswd(1), gkadmin(1M), kadmind(1M), kadmin.local(1M),
kdb5_util(1M), kadm5.acl(4), kdc.conf(4), attributes(5),
SEAM(5)
System Administration Guide: Security Services
Man(1) output converted with
man2html