If both are Heimdal, then I’ve done: kadmin -l dump —decrypt | grep ‘^principal’ >xfr.file kadmin -l merge xfr.file
If it’s between implementations, then the only general solution is to independently create them with a password (a really long/good password). I’ve written no code, but I’ve generally advocated the creation of a keytab import capability as a solution to this problem. If that’s been done, then I’d be interested in which implementations it’s been done with. > On Sep 16, 2016, at 2:48 AM, Victor Sudakov <[email protected]> wrote: > > Dear Colleagues, > > I would like to copy some user principals from one realm to another > while retaining their keys/passwords. Which is the correct way to do > it a) within one multi-realm KDC b) between two KDCs? > > -- > Victor Sudakov, VAS4-RIPE, VAS47-RIPN > sip:[email protected] Personal email. [email protected]
