[28889] in Kerberos
Moving kerberos infrastructure
daemon@ATHENA.MIT.EDU (Jason L Tibbitts III)
Wed Dec 12 01:07:54 2007
To: kerberos@mit.edu
From: Jason L Tibbitts III <tibbs@math.uh.edu>
Date: 12 Dec 2007 00:07:03 -0600
Message-ID: <ufawsrkigzc.fsf@epithumia.math.uh.edu>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu
I know just enough about Kerberos to screw things up badly, and I'm
faced with my krb infrastructure running on hardware that is getting
old enough to start having issues. I have plenty of admin experience
but for some reason I can never manage to wrap my head around all of
the Kerberos intricacies at once.
What I need to do is move both my primary and secondary KDCs to
different machines. Not necessarily both at the same time, mind you,
but everything does need to move eventually. I'm pretty sure I can
move the secondary without totally hosing everything but I'm not at
all sure how to move the primary. Does anyone have any handy pointers
to documentation on doing this, or any tips?
Both servers are running MIT krb5 1.3.6. Nothing special as far as I
know. The clients have the servers listed by DNS alias in krb5.conf;
I'm not using SRV records but at least things aren't listed by IP.
- J<
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
