On 03/21/2015 10:28 PM, HARMAN wrote: > I started xinetd service, and tried propagating database (without starting > kpropd, as I have not configured incremental propagation), and it gave me > an error: > kprop: Connection refused while connecting to server
I couldn't figure out what's wrong here. kpropd ought to be able to run out of inetd or a similar service if you aren't doing incremental propagation. > 2. Do we need to add Kerberos Administration Server (admin_server) for > slave KDC in krb5.conf? OR In other words, can we have more than one > admin_server properties configured in krb5.conf? Not presently. The kadmin client code currently only handles one server hostname. > 3. Can we start Kerberos Administration Server on a slave KDC machine, as > specified in MIT documentation? Yes, but it might not be a good idea--any changes made through a slave's kadmind service will be overwritten by the next propagation. > I tried starting Kerberos Administration Server (kadmind) on my new master > and I got an error: > Error. This appears to be a slave server, found kpropd.acl That error is coming from Red Hat's system scripts, not from kadmind itself. ________________________________________________ Kerberos mailing list Kerberos@mit.edu https://mailman.mit.edu/mailman/listinfo/kerberos