If both are Heimdal, then I’ve done:
kadmin -l dump —decrypt | grep ‘^principal’ >xfr.file
kadmin -l merge xfr.file
If it’s between implementations, then the only general solution is to
independently create them with a password (a really long/good password). I’ve
written no code, but I’ve generally advocated the creation of a keytab import
capability as a solution to this problem. If that’s been done, then I’d be
interested in which implementations it’s been done with.
> On Sep 16, 2016, at 2:48 AM, Victor Sudakov <v...@mpeks.tomsk.su> wrote:
> Dear Colleagues,
> I would like to copy some user principals from one realm to another
> while retaining their keys/passwords. Which is the correct way to do
> it a) within one multi-realm KDC b) between two KDCs?
> Victor Sudakov, VAS4-RIPE, VAS47-RIPN
Personal email. hbh...@oxy.edu