Unix‎ > ‎Solaris‎ > ‎Solaris man pages‎ > ‎1m‎ > ‎

kprop


NAME
     kprop - Kerberos database propagation program

SYNOPSIS
     /usr/lib/krb5/kprop [-d] [-f file] [-p port-number]
         [-r realm] [-s keytab] [host]


DESCRIPTION
     kprop is a command-line utility used for propagating a  Ker-
     beros  database  from a master KDC to a slave KDC. This com-
     mand must be run on the master KDC. See the  Solaris  System
     Administration  Guide, Vol. 6 on how to set up periodic pro-
     pagation between the master KDC and slave KDCs.


     To propagate a Kerberos database, the  following  conditions
     must be met:

         o    The slave KDCs must  have  an  /etc/krb5/kpropd.acl
              file  that  contains  the principals for the master
              KDC and all the slave KDCs.

         o    A keytab containing a  host  principal  entry  must
              exist on each slave KDC.

         o    The database to be propagated must be dumped  to  a
              file using kdb5_util(1M).

OPTIONS
     The following options are supported:

     -d

         Enable debug mode. Default is debug mode disabled.


     -f file

         File to be  sent  to  the  slave  KDC.  Default  is  the
         /var/krb5/slave_datatrans file.


     -p port-number

         Propagate port-number. Default is port 754.


     -r realm

         Realm where propagation will occur. Default realm is the
         local realm.

     -s keytab

         Location   of   the   keytab.   Default   location    is
         /etc/krb5/krb5.keytab.


OPERANDS
     The following operands are supported:

     host

         Name of the slave KDC.


EXAMPLES
     Example 1 Propagating the Kerberos Database


     The following example propagates the Kerberos database  from
     the  /tmp/slave_data  file  to  the  slave  KDC  london. The
     machine london must have a host principal keytab  entry  and
     the  kpropd.acl  file  must contain an entry for the all the
     KDCs.


       # kprop -f /tmp/slave_data london



FILES
     /etc/krb5/kpropd.acl

         List of principals of all  the  KDCs;  resides  on  each
         slave KDC.


     /etc/krb5/krb5.keytab

         Keytab for Kerberos clients.


     /var/krb5/slave_datatrans

         Kerberos database propagated to the KDC slaves.


ATTRIBUTES
     See attributes(5) for descriptions of the  following  attri-
     butes:



     ____________________________________________________________
    |       ATTRIBUTE TYPE        |       ATTRIBUTE VALUE       |
    |_____________________________|_____________________________|
    | Availability                | SUNWkdcu                    |
    |_____________________________|_____________________________|


SEE ALSO
     kpasswd(1), svcs(1),  gkadmin(1M),  inetadm(1M),  inetd(1M),
     kadmind(1M),  kadmin.local(1M),  kdb5_util(1M),  svcadm(1M),
     kadm5.acl(4), kdc.conf(4), attributes(5), kerberos(5)










Man pages from Solaris 10 Update 8. See docs.sun.com and www.oracle.com for further documentation and Solaris information.
Comments