[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Converting kaserver DB to Heimdal
On Tue, 7 Oct 2003, Love wrote:
> Alf Wachsmann <alfw@SLAC.Stanford.EDU> writes:
> > While converting all our administration tools, we have discovered that
> > the time a principal changed his/her/its password is _not_ carried over
> > from the kaserver DB. This seems by design after looking at the
> > hprop/hpropd source code.
> >
> > Is there a way of preserving this time stamp in the conversion?
>
> So this might do it. The principal should be optional, but I don't know if
> all code handles that. I don't have a kaserver setup, so it might be easier
> for you to test then me.
Love,
the situation is not that simple. Your patch will dump out the
necessary date filed but "hpropd" still throws it away,
There needs to be an according patch for (I guess) "entry2string_int()"
in lib/hdb/print.c.
-- Alf.
> --- kdc/hprop.c 19 Sep 2003 00:16:11 -0000
> +++ kdc/hprop.c 7 Oct 2003 18:56:50 -0000
> @@ -397,6 +397,12 @@
> + 24 * 60 * 60 * ent->pw_expire;
> }
>
> + if(ntohl(ent->pw_change) != NEVERDATE && ntohl(ent->pw_change) != 0xffffffff) {
> + ALLOC(hdb.modified_by);
> + hdb.modified_by->time = ntohl(ent->pw_change);
> + hdb.modified_by->principal = NULL;
> + }
> +
> ret = krb5_make_principal(pd->context, &hdb.created_by.principal,
> v4_realm,
> "kadmin",
>
>
-----------------------------------------------------------------------
Alf Wachsmann | e-mail: alfw@slac.stanford.edu
SLAC Computing Service | Phone: +1-650-926-4802
2575 Sand Hill Road, M/S 97 | FAX: +1-650-926-3329
Menlo Park, CA 94025, USA | Office: Bldg. 50/323
-----------------------------------------------------------------------
http://www.slac.stanford.edu/~alfw (PGP)
-----------------------------------------------------------------------