[1550] in Kerberos_V5_Development
Re: kdc.conf [realms] section
daemon@ATHENA.MIT.EDU (Barry Jaspan)
Tue Aug 13 12:03:34 1996
Date: Tue, 13 Aug 1996 12:03:06 -0400
From: "Barry Jaspan" <bjaspan@MIT.EDU>
To: raeburn@cygnus.com
Cc: krbdev@MIT.EDU
In-Reply-To: <tx1hgq8ov4l.fsf@cygnus.com> (message from Ken Raeburn on 12 Aug
1996 22:50:18 -0400)
One occurs to me right away -- one server acting as slave for one
realm and master KDC/admin server for another.
Hmmm. When would this arrangement actually be used?
* take kadmind offline for each kprop run; dump the database, merge, reload
Perhaps I'm missing something obvious, but I don't see why you would
have to take kadmind offline for this operation. "dump, merge,
reload" is in fact the solution I would recommend for this
arrangement.
We would have to make sure that kadmind would not get confused when
another realm's data appeared in its database, of course. But we did
actually have multiple realms in our OV KDC (granted we didn't use any
but one of them very often) and didn't notice any problems.
Barry
