[3310] in Kerberos
Re: admin_acl.* files
daemon@ATHENA.MIT.EDU (John Hascall)
Fri May 20 12:49:13 1994
To: kerberos@MIT.EDU
Date: 20 May 1994 15:42:42 GMT
From: john@iastate.edu (John Hascall)
Arthur Houle 904-487-8677 <HOULEA@mail.firn.edu> wrote:
} I just shot myself in the foot! I had one implementation of
}kerberos on a Sun operating. But, we needed a durable system with two
}servers. So I made kerberos on a second Sun identical to the first.
Kerberos servers do not "peer-to-peer". One is the
master and the rest are slaves.
}After searching around in the code, I realized that
}/kerberos/admin_acl.get, .add, and .mod are necessary but I can't figure
}out how to re-create them. :( I need help in getting this operational
}again.
They are just text files with lines like:
john.admin@IASTATE.EDU
(our 3 are all hard links to the same file, BTW)
}Also, how does one coordinate the database of names & passwords between two
}kerberos servers that serve the same realm, or is this completely
}automatic?
You use "kprop" (typically via krb_push from cron).
John
--
John Hascall ``An ill-chosen word is the fool's messenger.''
Systems Software Engineer
Project Vincent
Iowa State University Computation Center + Ames, IA 50011 + 515/294-9551
