kerberos server replication

chechu chechu chechuironman at hotmail.com
Wed Oct 18 16:50:16 EDT 2006


hi
I have two server , both working kdc right. The master (shogun) the
slave (shinobi). I use debian and teh domain is IRONMAN.ES The
replication doesn't work. I followed the next steps:

I created the file /etc/krb5kdc/kpropd.acl in the slave with:

host/shogun.ironman.es at IRONMAN.ES
host/shinobi.ironman.es at IRONMAN.ES

I add in the master server the next(kadmin.local):



addprinc -randkey host/shogun.ironman.es

addprinc -randkey host/shinobi.ironman.es

ktadd host/shogun.ironman.es

ktadd host/shinobi.ironman.es

In the server i did:

scp /etc/krb5.keytab shinobi:/etc

and finally i did:

kdb5_util dump /var/Kerberos/krb5kdc/slave_datatrans

I didn't get any error untill here but when i did:

kprop -f /var/Kerberos/krb5kdc/slave_datatrans shinobi.ironman.es
> /dev/null

i got this error:

kprop: Connection refused in call to connect while opening connection to
shinobi.ironman.es

The /var/log/kerberos/krb5kdc.log from the master shoows:

Oct 18 22:45:39 shogun krb5kdc[6080](info): AS_REQ (7 etypes {18 17 16
23 1 3 2}) 192.168.2.3: ISSUE: authtime 1161204339, etypes {rep=16
tkt=16 ses=16}, host/shogun.ironman.es at IRONMAN.ES for
host/shinobi.ironman.es at IRONMAN.ES

anyone can help me...

thanks







More information about the Kerberos mailing list