https://community.cloudera.com/t5/Support-Questions/kerberos-High-Availability/m-p/46987#M41156 <P>Hello Azim,</P><P>&nbsp;</P><P>If you are using MIT Kerberos, you would configure one or more slave KDCs. &nbsp; See "Install the slave KDCs" under the MIT Kerberos Documentation: &nbsp;<A href="https://web.mit.edu/kerberos/krb5-latest/doc/admin/install_kdc.html" target="_blank">https://web.mit.edu/kerberos/krb5-latest/doc/admin/install_kdc.html</A></P><P>&nbsp;</P><P>You will need to run the kprop&nbsp;command in a cron to synchronize the master with the slave KDCs.</P><P>&nbsp;</P><P>Update the /etc/krb5.conf file on your hosts to include the additional KDCs for your realm. &nbsp;Example:</P><P>&nbsp;</P><P><FONT face="courier new,courier">[realms]</FONT><BR /><FONT face="courier new,courier">&nbsp; &nbsp; EXAMPLE.REALM = {</FONT><BR /><FONT face="courier new,courier">&nbsp; &nbsp; &nbsp; &nbsp; kdc =&nbsp;kdc1.example.com</FONT><BR /><FONT face="courier new,courier">&nbsp; &nbsp; &nbsp; &nbsp; kdc =&nbsp;kdc2.example.com</FONT><BR /><FONT face="courier new,courier">&nbsp; &nbsp; &nbsp; &nbsp; kdc = kdc3.example.com:750</FONT><BR /><FONT face="courier new,courier">&nbsp; &nbsp; &nbsp; &nbsp; admin_server =&nbsp;kdc1.example.com</FONT><BR /><FONT face="courier new,courier">&nbsp; &nbsp; &nbsp; &nbsp; master_kdc =&nbsp;kdc1.example.com</FONT></P><P><FONT face="courier new,courier">&nbsp; &nbsp; }</FONT></P><P>&nbsp;</P><P>&nbsp;</P><P><FONT face="arial,helvetica,sans-serif"><SPAN>Kerberos does not support load balancing. &nbsp;If a timeout occurs connecting to the first KDC in the list, the next KDC will be tried.</SPAN></FONT></P> Thu, 03 Nov 2016 15:59:30 GMT denloe 2016-11-03T15:59:30Z