<P>Hi all,
<P>Thanks for your responses! I was finally able to set up the slave KDC!! :-) Here's what happened: My master KDC is named "mlau" (machine's hostname), and my slave KDC is named "LynxOS" (machine's hostname). When I tried to propagate the database to the slave KDC, I got this error message in the krb5kdc.log file:
<P>Jul 11 14:14:49 mlau krb5kdc[18](info): AS_REQ (1 etypes {1}) (Master KDC's IP)(88):<BR>CLIENT_NOT_FOUND: <A href="http://us.f202.mail.yahoo.com/ym/Compose?To=host/mlau@SJ.SYMBOL.COM" target=_blank>host/mlau@</A>REALMNAME for <A href="http://us.f202.mail.yahoo.com/ym/Compose?To=host/lynxos@SJ.SYMBOL.COM" target=_blank>host/lynxos@REALMNAME</A>, Client<BR>not found in Kerberos database
<P>I already have the principals host/mlau and host/LynxOS in the database, but I noticed that Kerberos is case-sensitive, so I changed the principal to host/lynxos. Then the propagation worked!
<P>However, now, I want to change the kdc names to "kdcmaster" and "kdcslave." I added these names to the /etc/hosts file, updated krb5.conf file, and I wiped out the database to start all over again (removed principal* files, keytab files, log files, killed the krb5kdc and kadmind processes). I added the principals host/kdcmaster and host/kdcslave, but when I tried to propagate the database, I got the same error message above in the log files. Why is this? Is there something that I've forgotten to update? Why does it keep asking for the principals host/mlau and host/lynxos?
<P>Furthermore, why doesn't the kadm5.acl file get propagated over to the slave KDC?
<P>Again, thank you very much for your time and help.
<P>Regards,
<P>Monica
<P> </P><p><br><hr size=1><b>Do You Yahoo!?</b><br>
New! <a href="http://pa.yahoo.com/*http://rd.yahoo.com/sbcyahoo/consumer/evt=640/*http://sbc.yahoo.com" target="_blank">SBC Yahoo! Dial</a> - 1st Month Free & unlimited access