Kerberos policy replication

Martin Hovmöller martin.hovmoller at nordnet.se
Mon Sep 10 11:36:56 EDT 2007


Hi,

My kerberos policies are not replicated along with the kerberos database
from the master to the slave KDC.
If I add a policy on the slave however, it is removed on the next
replication.

Why is it behaving like this, and how can I fix it?
The only clue I can find is in /var/kerberos/krb5kdc/from_master on the
slave. The last two lines are:
policy  default 0       7776000 6       2       10      4
policy  noexpiry        0       0       1       1       1       5

default and noexpiry are the policies I've set up on the master, so it
does indeed look like they are sent to the slave, but not inserted into
the database somehow.

--
Martin Hovmöller



More information about the Kerberos mailing list