Unix‎ > ‎Solaris‎ > ‎Solaris man pages‎ > ‎1m‎ > ‎


     kprop - Kerberos database propagation program

     /usr/lib/krb5/kprop [-d] [-f file] [-p port-number]
         [-r realm] [-s keytab] [host]

     kprop is a command-line utility used for propagating a  Ker-
     beros  database  from a master KDC to a slave KDC. This com-
     mand must be run on the master KDC. See the  Solaris  System
     Administration  Guide, Vol. 6 on how to set up periodic pro-
     pagation between the master KDC and slave KDCs.

     To propagate a Kerberos database, the  following  conditions
     must be met:

         o    The slave KDCs must  have  an  /etc/krb5/kpropd.acl
              file  that  contains  the principals for the master
              KDC and all the slave KDCs.

         o    A keytab containing a  host  principal  entry  must
              exist on each slave KDC.

         o    The database to be propagated must be dumped  to  a
              file using kdb5_util(1M).

     The following options are supported:


         Enable debug mode. Default is debug mode disabled.

     -f file

         File to be  sent  to  the  slave  KDC.  Default  is  the
         /var/krb5/slave_datatrans file.

     -p port-number

         Propagate port-number. Default is port 754.

     -r realm

         Realm where propagation will occur. Default realm is the
         local realm.

     -s keytab

         Location   of   the   keytab.   Default   location    is

     The following operands are supported:


         Name of the slave KDC.

     Example 1 Propagating the Kerberos Database

     The following example propagates the Kerberos database  from
     the  /tmp/slave_data  file  to  the  slave  KDC  london. The
     machine london must have a host principal keytab  entry  and
     the  kpropd.acl  file  must contain an entry for the all the

       # kprop -f /tmp/slave_data london


         List of principals of all  the  KDCs;  resides  on  each
         slave KDC.


         Keytab for Kerberos clients.


         Kerberos database propagated to the KDC slaves.

     See attributes(5) for descriptions of the  following  attri-

    |       ATTRIBUTE TYPE        |       ATTRIBUTE VALUE       |
    | Availability                | SUNWkdcu                    |

     kpasswd(1), svcs(1),  gkadmin(1M),  inetadm(1M),  inetd(1M),
     kadmind(1M),  kadmin.local(1M),  kdb5_util(1M),  svcadm(1M),
     kadm5.acl(4), kdc.conf(4), attributes(5), kerberos(5)

Man pages from Solaris 10 Update 8. See docs.sun.com and www.oracle.com for further documentation and Solaris information.