Is there an easy way to rename a realm? I have a simple Kerberos setup I use for testing. It's isolated to just one KDC and a few client systems.
I'd like to rename the realm (from TEST.ORG -> TEST.LAN), but was wondering if there's a relatively easy way to do this, other then manually starting over. And, given the size of my setup, perhaps that is the easiest. At a minimum, I realize the krb5.conf file and any application keytabs will need to be changed on each client and (I assume) the following will need to be changed on the KDC: /etc/krb5.conf /etc/krb5.keytab /var/kerberos/krb5kdc/.k5.TEST.ORG /var/kerberos/krb5kdc/kdc.conf /var/kerberos/krb5kdc/kadm5.acl /var/kerberos/krb5kdc/kadm5.keytab /var/kerberos/krb5kdc/principal /var/kerberos/krb5kdc/principal.kadm5 It appears I may be able to use kdb5_util (dump->destroy->create->load), but I'm not so sure about the order of things or what I will need to modify. eg, do I need to manually change/recreate kadm5.acl, kadm5.keytab and the stash file or will the "create" do that for me? ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
