Kerberos policy replication
Martin Hovmöller
martin.hovmoller at nordnet.se
Mon Sep 10 11:36:56 EDT 2007
Hi,
My kerberos policies are not replicated along with the kerberos database
from the master to the slave KDC.
If I add a policy on the slave however, it is removed on the next
replication.
Why is it behaving like this, and how can I fix it?
The only clue I can find is in /var/kerberos/krb5kdc/from_master on the
slave. The last two lines are:
policy default 0 7776000 6 2 10 4
policy noexpiry 0 0 1 1 1 5
default and noexpiry are the policies I've set up on the master, so it
does indeed look like they are sent to the slave, but not inserted into
the database somehow.
--
Martin Hovmöller
More information about the Kerberos
mailing list