Leonard J. Peirce
Tue, 26 Mar 2002 13:06:23 -0800
This is V5 1.2.2 running on Solaris 8.... We're seeing something very strange on our KDC. We have approximately 46,000 total principals. When we propagate (kdb5_util dump) or do getprincs in kadmin to get a list of all principal names the resulting output (in both cases) is missing over half of the principals that we know are in the database. Our slave server is pretty much useless at this point until we get this working again.
The really odd part is that the principals that don't show up are in the database and continue to work fine. Users can get tickets, use them for rlogin/telnet/ftp, and change their passwords. We can do getprinc for any one of the missing entries and they show up just fine. But running getprincs to list the entire database or kdb5_util dump both fail to list them. BTW, I tried using kdb5_util dump dump.out <principal> to dump a single principal and didn't get the principal dumped. Instead, it appeared to dump just the policies that we have defined. Am I misreading the man page? I had hoped to be able to dump each individual principal, append to a file, and possibly reload the database. Any suggestions on troubleshooting this? Could it be a buffer being over- run someplace? Any help would, of course, be greatly appreciated. -- Leonard J. Peirce Email: [EMAIL PROTECTED] UNIX System Manager Western Michigan University Office of Information Technology Kalamazoo, MI 49008 Phone: (616) 387-5430 ________________________________________________ Kerberos mailing list [EMAIL PROTECTED] http://mailman.mit.edu/mailman/listinfo/kerberos