If both are Heimdal, then I’ve done:

kadmin -l dump —decrypt | grep ‘^principal’ >xfr.file
kadmin -l merge xfr.file

If it’s between implementations, then the only general solution is to 
independently create them with a password (a really long/good password). I’ve 
written no code, but I’ve generally advocated the creation of a keytab import 
capability as a solution to this problem. If that’s been done, then I’d be 
interested in which implementations it’s been done with.

> On Sep 16, 2016, at 2:48 AM, Victor Sudakov <v...@mpeks.tomsk.su> wrote:
> 
> Dear Colleagues,
> 
> I would like to copy some user principals from one realm to another
> while retaining their keys/passwords. Which is the correct way to do
> it a) within one multi-realm KDC b) between two KDCs?
> 
> -- 
> Victor Sudakov,  VAS4-RIPE, VAS47-RIPN
> sip:suda...@sibptus.tomsk.ru

Personal email.  hbh...@oxy.edu



Reply via email to