|
|
|
|
|
|
|
|
|
|
|
|
| home | help | back | first | fref | pref | prev | next | nref | lref | last | post |
Message-ID: <550E30F4.8010609@mit.edu> Date: Sat, 21 Mar 2015 23:03:16 -0400 From: Greg Hudson <ghudson@mit.edu> MIME-Version: 1.0 To: HARMAN <punjabibecks@gmail.com>, Kerberos Mailing List <kerberos@mit.edu> In-Reply-To: <CADJErsT0Hg5g1LB8+p531tONCU+sXwdCnft5PZMsJ0WZpROMRg@mail.gmail.com> Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: kerberos-bounces@mit.edu On 03/21/2015 10:28 PM, HARMAN wrote: > I started xinetd service, and tried propagating database (without starting > kpropd, as I have not configured incremental propagation), and it gave me > an error: > kprop: Connection refused while connecting to server I couldn't figure out what's wrong here. kpropd ought to be able to run out of inetd or a similar service if you aren't doing incremental propagation. > 2. Do we need to add Kerberos Administration Server (admin_server) for > slave KDC in krb5.conf? OR In other words, can we have more than one > admin_server properties configured in krb5.conf? Not presently. The kadmin client code currently only handles one server hostname. > 3. Can we start Kerberos Administration Server on a slave KDC machine, as > specified in MIT documentation? Yes, but it might not be a good idea--any changes made through a slave's kadmind service will be overwritten by the next propagation. > I tried starting Kerberos Administration Server (kadmind) on my new master > and I got an error: > Error. This appears to be a slave server, found kpropd.acl That error is coming from Red Hat's system scripts, not from kadmind itself. ________________________________________________ Kerberos mailing list Kerberos@mit.edu https://mailman.mit.edu/mailman/listinfo/kerberos
|
|
|
|
|
|
|
|
|
|
|
|
| home | help | back | first | fref | pref | prev | next | nref | lref | last | post |