system-config/playbooks/roles/kerberos-kdc
2021-03-22 22:56:26 +00:00
..
files kerberos-kdc: role to manage Kerberos KDC servers 2021-03-17 08:30:52 +11:00
tasks Merge "kerberos-kdc: quote some integers to avoid string/int confusion" 2021-03-22 22:56:26 +00:00
templates kerberos-kdc: role to manage Kerberos KDC servers 2021-03-17 08:30:52 +11:00
README.rst kerberos-kdc: role to manage Kerberos KDC servers 2021-03-17 08:30:52 +11:00

Configure a Kerberos KDC server

All KDC servers (primary and replicas) should be in a common kerberos-kdc group that defines kerberos_kdc_realm and kerberos_kdc_master_key.

The kerberos-kdc-primary group should have a single primary KDC host. It will be configured to replicate its database to hosts in the kerberos-kdc-replica group.

Hosts in the kerberos-kdc-replica group will be configured to receive updates from the kerberos-kdc-primary host.

The role should be run twice; once limited to the primary group and then a second time limited to the secondary group.

Role Variables

The realm for all KDC servers.

The master key written into the stash file for each KDC, which allows them to auth.