/usr/sbin/kproplog [-h | -e num]
The kproplog displays the contents of the Kerberos principal update log to standard output. This command can be used to keep track of the incremental updates to the principal database, which is enabled by default. The /var/krb5/principal.ulog file contains the update log maintained by the kadmind(1M) process on the master KDC server and the kpropd(1M) process on the slave KDC servers. When updates occur, they are logged to this file. Subsequently any KDC slave configured for incremental updates will request the current data from the master KDC and update their principal.ulog file with any updates returned.
The kproplog command can only be run on a KDC server by someone with privileges comparable to the superuser. It will display update entries for that server only.
If no options are specified, the summary of the update log is displayed. If invoked on the master, all of the update entries are also displayed. When invoked on a slave KDC server, only a summary of the updates are displayed, which includes the serial number of the last update received and the associated time stamp of the last update.
The following options are supported:
Update Entry Update serial # : 4 Update operation : Add Update principal : test@EXAMPLE.COM Update size : 424 Update committed : True Update time stamp : Fri Feb 20 23:37:42 2004 Attributes changed : 6 Principal Key data Password last changed Modifying principal Modification time TL data
See attributes(5) for descriptions of the following attributes:
|ATTRIBUTE TYPE||ATTRIBUTE VALUE|
|October 29, 2015||OmniOS|