Linux and UNIX Man Pages

Linux & Unix Commands - Search Man Pages

kprop(1m) [x11r4 man page]

kprop(1M)						  System Administration Commands						 kprop(1M)

NAME
kprop - Kerberos database propagation program SYNOPSIS
/usr/lib/krb5/kprop [-d] [-f file] [-p port-number] [-r realm] [-s keytab] [host] DESCRIPTION
kprop is a command-line utility used for propagating a Kerberos database from a master KDC to a slave KDC. This command must be run on the master KDC. See the Solaris System Administration Guide, Vol. 6 on how to set up periodic propagation between the master KDC and slave KDCs. To propagate a Kerberos database, the following conditions must be met: o The slave KDCs must have an /etc/krb5/kpropd.acl file that contains the principals for the master KDC and all the slave KDCs. o A keytab containing a host principal entry must exist on each slave KDC. o The database to be propagated must be dumped to a file using kdb5_util(1M). OPTIONS
The following options are supported: -d Enable debug mode. Default is debug mode disabled. -f file File to be sent to the slave KDC. Default is the /var/krb5/slave_datatrans file. -p port-number Propagate port-number. Default is port 754. -r realm Realm where propagation will occur. Default realm is the local realm. -s keytab Location of the keytab. Default location is /etc/krb5/krb5.keytab. OPERANDS
The following operands are supported: host Name of the slave KDC. EXAMPLES
Example 1: Propagating the Kerberos Database The following example propagates the Kerberos database from the /tmp/slave_data file to the slave KDC london. The machine london must have a host principal keytab entry and the kpropd.acl file must contain an entry for the all the KDCs. # kprop -f /tmp/slave_data london FILES
/etc/krb5/kpropd.acl List of principals of all the KDCs; resides on each slave KDC. /etc/krb5/krb5.keytab Keytab for Kerberos clients. /var/krb5/slave_datatrans Kerberos database propagated to the KDC slaves. ATTRIBUTES
See attributes(5) for descriptions of the following attributes: +-----------------------------+-----------------------------+ | ATTRIBUTE TYPE | ATTRIBUTE VALUE | +-----------------------------+-----------------------------+ |Availability |SUNWkdcu | +-----------------------------+-----------------------------+ SEE ALSO
kpasswd(1), svcs(1), gkadmin(1M), inetadm(1M), inetd(1M), kadmind(1M), kadmin.local(1M), kdb5_util(1M), svcadm(1M), kadm5.acl(4), kdc.conf(4), attributes(5), smf(5), SEAM(5) System Administration Guide: Security Services NOTES
The kprop service is managed by the service management facility, smf(5), under the service identifier: svc:/network/security/krb5_prop:default Administrative actions on this service, such as enabling, disabling, or requesting restart, can be performed using svcadm(1M). Responsibil- ity for initiating and restarting this service is delegated to inetd(1M). Use inetadm(1M) to make configuration changes and to view config- uration information for this service. The service's status can be queried using the svcs(1) command. SunOS 5.10 4 Nov 2004 kprop(1M)

Check Out this Related Man Page

kprop(1M)						  System Administration Commands						 kprop(1M)

NAME
kprop - Kerberos database propagation program SYNOPSIS
/usr/lib/krb5/kprop [-d] [-f file] [-p port-number] [-r realm] [-s keytab] [host] DESCRIPTION
kprop is a command-line utility used for propagating a Kerberos database from a master KDC to a slave KDC. This command must be run on the master KDC. See the Solaris System Administration Guide, Vol. 6 on how to set up periodic propagation between the master KDC and slave KDCs. To propagate a Kerberos database, the following conditions must be met: o The slave KDCs must have an /etc/krb5/kpropd.acl file that contains the principals for the master KDC and all the slave KDCs. o A keytab containing a host principal entry must exist on each slave KDC. o The database to be propagated must be dumped to a file using kdb5_util(1M). OPTIONS
The following options are supported: -d Enable debug mode. Default is debug mode disabled. -f file File to be sent to the slave KDC. Default is the /var/krb5/slave_datatrans file. -p port-number Propagate port-number. Default is port 754. -r realm Realm where propagation will occur. Default realm is the local realm. -s keytab Location of the keytab. Default location is /etc/krb5/krb5.keytab. OPERANDS
The following operands are supported: host Name of the slave KDC. EXAMPLES
Example 1: Propagating the Kerberos Database The following example propagates the Kerberos database from the /tmp/slave_data file to the slave KDC london. The machine london must have a host principal keytab entry and the kpropd.acl file must contain an entry for the all the KDCs. # kprop -f /tmp/slave_data london FILES
/etc/krb5/kpropd.acl List of principals of all the KDCs; resides on each slave KDC. /etc/krb5/krb5.keytab Keytab for Kerberos clients. /var/krb5/slave_datatrans Kerberos database propagated to the KDC slaves. ATTRIBUTES
See attributes(5) for descriptions of the following attributes: +-----------------------------+-----------------------------+ | ATTRIBUTE TYPE | ATTRIBUTE VALUE | +-----------------------------+-----------------------------+ |Availability |SUNWkdcu | +-----------------------------+-----------------------------+ SEE ALSO
kpasswd(1), svcs(1), gkadmin(1M), inetadm(1M), inetd(1M), kadmind(1M), kadmin.local(1M), kdb5_util(1M), svcadm(1M), kadm5.acl(4), kdc.conf(4), attributes(5), smf(5), SEAM(5) System Administration Guide: Security Services NOTES
The kprop service is managed by the service management facility, smf(5), under the service identifier: svc:/network/security/krb5_prop:default Administrative actions on this service, such as enabling, disabling, or requesting restart, can be performed using svcadm(1M). Responsibil- ity for initiating and restarting this service is delegated to inetd(1M). Use inetadm(1M) to make configuration changes and to view config- uration information for this service. The service's status can be queried using the svcs(1) command. SunOS 5.10 4 Nov 2004 kprop(1M)
Man Page