System Administration Guide: Security Services

Configuring the Kerberos Service (Task Map)

Parts of the configuration process depend on other parts and must be done in a specific order. These procedures often establish services that are required to use the Kerberos service. Other procedures are not dependent on any order, and can be done when appropriate. The following task map shows a suggested order for a Kerberos installation.



For Instructions 

1. Plan for your Kerberos installation. 

Lets you resolve configuration issues before you start the software configuration process. Planning ahead saves you time and other resources in the long run. 

Chapter 22, Planning for the Kerberos Service

2. (Optional) Install NTP. 

Configures the Network Time Protocol (NTP) software, or another clock synchronization protocol. In order for the Kerberos service to work properly, the clocks on all systems in the realm must be synchronized. 

Synchronizing Clocks Between KDCs and Kerberos Clients

3. Configure the KDC servers. 

Configures and builds the master KDC and the slave KDC servers and the KDC database for a realm. 

Configuring KDC Servers

4. (Optional) Increase security on the KDC servers. 

Prevents security breaches on the KDC servers. 

How to Restrict Access to KDC Servers

5. (Optional) Configure swappable KDC servers. 

Makes the task of swapping the master KDC and a slave KDC easier. 

How to Configure a Swappable Slave KDC