All, The kerberos 5 upgrade went well yesterday. We now have a Kerberos 5 database in production. Thanks to all of you who tested and helped out. Just some details for those of you who want to use the K5 database. (No changes are required for legacy afs systems.) afsdb0.cl.msu.edu is still the main database, it runs the Kerberos database as well as the remaining afs databases. afsdb1.cl.msu.edu is the backup Kerberos database (sometimes referred to as the slave database) If afsdb0 is offline for any reason authentication will continue but since the backup database is read-only users can't be added or passwords reset. The database is propagated hourly. You must list afsdb1 in your config files in order to make the backup database available to your systems (Kerberos 4 and 5 only). I am including a suggested krb5.conf file. ############################## [libdefaults] default_realm = MSU.EDU clockskew = 300 [realms] MSU.EDU = { kdc = afsdb0.cl.msu.edu kdc = afsdb1.cl.msu.edu admin_server = afsdb0.cl.msu.edu:749 kpasswd_server = afsdb0.cl.msu.edu default_domain = MSU.EDU } ################################### Here is a sample krb.conf file (for k4 compatability) ################################### MSU.EDU MSU.EDU afsdb0.cl.msu.edu admin server MSU.EDU afsdb1.cl.msu.edu ################################# /sd -- Steve Devine Storage Systems Academic Computing & Network Services Michigan State University 301 Computer Center East Lansing, MI 48824-1042 1-517-432-7327 Baseball is ninety percent mental; the other half is physical. - Yogi Berra