On Wed, 2011-07-27 at 05:28 -0700, Anubha Gupta wrote: > Is it possible to change the master key of a realm when LDAP is used > as the database server? The stash file is not present since LDAP is > used. Appreciate any help on this.
The standard kldap driver still uses the stash file to hold the master key as far as I know. you can use kdb5_dump to dump and change the passwords and load them back with older releases. In 1.9 it should be possible to change keys while keeping the database online by storing both the old and the new master key in the new keytab format stash file. Simo. -- Simo Sorce * Red Hat, Inc * New York ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
