jimzah/openafs
1
0
Fork 0
mirror of https://git.openafs.org/openafs.git synced 2025-01-19 15:30:14 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
8817308a87
openafs/doc/man-pages/pod5/kaserver.DB0.pod
Russ Allbery af1dbcf0c9 Add warnings for Authentication Server commands 
For each command only useful with the Authentication Server, add
warnings that the Authentication Server is obsolete and will be
removed in a future version of OpenAFS.  Encourage people who care
to update uss to work with a modern Kerberos KDC, recommend kinit
and aklog or klog.krb5 over klog, and warn that klog will be of
limited use without an Authentication Server.

Change-Id: Idc78ba548134b83ac1eea0fb81a5bc38a431bb38
Reviewed-on: http://gerrit.openafs.org/2052
Reviewed-by: Derrick Brashear <shadow@dementia.org>
Tested-by: Derrick Brashear <shadow@dementia.org>
2010-05-31 20:40:58 -07:00

49 lines
1.9 KiB
Plaintext
Raw Blame History

=head1 NAME
kaserver.DB0, kaserver.DBSYS1 - The Authentication Database and associated log
=head1 DESCRIPTION
The F<kaserver.DB0> file contains the Authentication Database, which
records server encryption keys and an encrypted form of all user
passwords. The Authentication Server (B<kaserver> process) uses the
information in the database to enable secured communications between AFS
server and client processes.
The F<kaserver.DBSYS1> file is a log file in which the Authentication
Server logs each database operation before performing it. When an
operation is interrupted, the Authentication Server replays the log to
complete the operation.
Both files are in binary format and reside in the F</usr/afs/db> directory
on each of the cell's database server machines. When the Authentication
Server starts or restarts on a given machine, it establishes a connection
with its peers and verifies that its copy of the database matches the copy
on the other database server machines. If not, the Authentication Servers
call on AFS's distributed database technology, Ubik, to distribute to all
of the machines the copy of the database with the highest version number.
Always use the commands in the kas suite to administer the Authentication
Database. It is advisable to create an archive copy of the database on a
regular basis, using a tool such as the UNIX B<tar> command.
=head1 CAUTIONS
The Authentication Server is obsolete and is provided only for sites that
need to use it while preparing for a migration to Kerberos KDC. It will be
removed in a future version of OpenAFS.
=head1 SEE ALSO
L<kadb_check(8)>,
L<kas(8)>,
L<kaserver(8)>
=head1 COPYRIGHT
IBM Corporation 2000. <http://www.ibm.com/> All Rights Reserved.
This documentation is covered by the IBM Public License Version 1.0. It was
converted from HTML to POD by software written by Chas Williams and Russ
Allbery, based on work by Alf Wachsmann and Elizabeth Cassell.
Reference in New Issue View Git Blame Copy Permalink