Prepare Kerberos authentication-enabled clusters for replication
Before you create replication policies between clusters that use Kerberos authentication, you must prepare the source and destination clusters.
-
On the hosts in the destination cluster, ensure that the
krb5.conf file (typically located at
/etc/kbr5.conf
) on each host has the following information: -
On the destination cluster, perform the following steps to add the realm of the
source cluster to the Trusted Kerberos Realms
configuration property:
- Go to the page.
- Search for the Trusted Kerberos Realms property, and enter the source cluster realm.
- Click Save Changes.
- Go to the page.
-
Search for the Domain Name(s) field, and enter any domain or
host names you want to map to the destination cluster KDC. Add as many entries as you
need. The entries in this property are used to generate the
domain_realm
section in krb5.conf file. -
If
domain_realm
is configured in the Advanced Configuration Snippet (Safety Valve) for remaining krb5.conf property, remove the entries for it. - Click Save Changes.