[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Looking for docs on MIT master KDC -> Heimdal slave KDC replication

On Thu, Mar 17, 2005 at 12:53:25AM +0100, Love H?rnquist ?strand wrote:
> Version 4 is the format of the mit dump heimdal understands. Apperently
> there is a new version 5, it seems to have appeared with MIT kerberos 1.3.
> You can force "kdb5_util dump" to use the old format by using option -b7

Aha! That both cleared up most of the problem and helped me to
understand the issue. Thank you.

> The diffrence seems to be dumping with policy info or not.

I'm very interested in what you said here. The version 4 dumpfile
includes a single line with policy information (defining policy
"default", on line 40 of the dump). The hprop seems to be choking on

[root@surya ~/bin]# hprop --source=mit-dump \
 --database=/root/kerberos/slave_datatrans \
 --keytab=/etc/krb5.keytab.hprop utu.seekingfire.prv
hprop: line 40: not a principal

Should it be able to cope with policy information? If not, is there a
better way to handle it other than running my dump through a pipe to
filter out policy lines before hprop'ing them?

Thanks for your help,


[It] contains "vegetable stabilizer" which sounds ominous. How unstable
are vegetables? 
    - A.S.R. quote (Jeff Zahn)

PGP signature