Installing Slave KDC
Monica Lau
mllau2002 at yahoo.com
Thu Jul 11 17:51:56 EDT 2002
Hi all,
Thanks for your responses! I was finally able to set up the slave KDC!! :-) Here's what happened: My master KDC is named "mlau" (machine's hostname), and my slave KDC is named "LynxOS" (machine's hostname). When I tried to propagate the database to the slave KDC, I got this error message in the krb5kdc.log file:
Jul 11 14:14:49 mlau krb5kdc[18](info): AS_REQ (1 etypes {1}) (Master KDC's IP)(88):
CLIENT_NOT_FOUND: host/mlau at REALMNAME for host/lynxos at REALMNAME, Client
not found in Kerberos database
I already have the principals host/mlau and host/LynxOS in the database, but I noticed that Kerberos is case-sensitive, so I changed the principal to host/lynxos. Then the propagation worked!
However, now, I want to change the kdc names to "kdcmaster" and "kdcslave." I added these names to the /etc/hosts file, updated krb5.conf file, and I wiped out the database to start all over again (removed principal* files, keytab files, log files, killed the krb5kdc and kadmind processes). I added the principals host/kdcmaster and host/kdcslave, but when I tried to propagate the database, I got the same error message above in the log files. Why is this? Is there something that I've forgotten to update? Why does it keep asking for the principals host/mlau and host/lynxos?
Furthermore, why doesn't the kadm5.acl file get propagated over to the slave KDC?
Again, thank you very much for your time and help.
Regards,
Monica
---------------------------------
Do You Yahoo!?
New! SBC Yahoo! Dial - 1st Month Free & unlimited access
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.mit.edu/pipermail/kerberos/attachments/20020711/96577c92/attachment.htm
More information about the Kerberos
mailing list