Multiple KDCs with OpenLDAP
Oliver Loch
grimeton at gmx.net
Thu May 24 06:46:16 EDT 2012
Hello,
I'm playing with OpenLDAP and MIT Kerberos storing the kerberos database in the DIT and one question came up I can't find an answer for:
Do I need to use the kprop tool if I want to run more than one KDC for the same realm or can both KDCs just access the same database inside the DIT of OpenLDAP at the same time?
The setup is a multi master setup, so I have two OpenLDAP masters that allow write access to the DIT at the same time.
The idea is to run two KDCs that each connect to one of the OpenLDAP masters and are using the same database without the need of kprop.
Thanks!
KR,
Oliver
More information about the Kerberos
mailing list