Paul Robert Marino wrote:
> have you looked at using aliases?
Never even heard of them. I'm using Heimdal 1.1.0, probably aliases
are not there yet.
--
Victor Sudakov, VAS4-RIPE, VAS47-RIPN
sip:suda...@sibptus.tomsk.ru
I’ve done it with cross-realm principals so I needed to keep the realm intact.
I’m assuming, now, that *you* want to move smith@REALM.A to smith@REALM.B
without changing the password. The standard password-string-to-key algorithm
uses the realm name as salt in the algorithm, so that may not work
have you looked at using aliases?
in hemdal you can create aliases for principals as other principals
even in other realms.
it works well with a few exceptions.
1) you can only use kpasswd on the original principal or you get an error
2) kadmin has some order of operations issues with it if you use
Hi!
v...@mpeks.tomsk.su:
> This won't work withing a multi-realm KDC because I need to copy, not
> rename.
Hmm What if you
1) "export" the existing ones to an xfr file (as described)
2) Rename the ones that are still in the database to the new realm name.
(This gives you the new realm name, b
>>
>> you need to use rename inside kadmin, so import w/o the sed and
>> the rename. This makes sure the salt is updated, your sed
>> statement doesn't do that.
>
> This won't work withing a multi-realm KDC because I need to copy, not
> rename.
your sed trick will only work for keys not s
Love H??rnquist ??strand wrote:
> > I would like to copy some user principals from one realm to another
> > while retaining their keys/passwords. Which is the correct way to do
> > it a) within one multi-realm KDC b) between two KDCs?
> >
> > If both are Heimdal, then I???ve do
16 sep. 2016 kl. 22:07 skrev Victor Sudakov :Henry B (Hank) Hotz, CISSP wrote:I would like to copy some user principals from one realm to anotherwhile retaining their keys/passwords. Which is the correct way to doit a) within one multi-realm KDC b) between two KDCs?If both are Heimdal, then I???ve
Henry B (Hank) Hotz, CISSP wrote:
> > I would like to copy some user principals from one realm to another
> > while retaining their keys/passwords. Which is the correct way to do
> > it a) within one multi-realm KDC b) between two KDCs?
> If both are Heimdal, then I???ve done:
>
> kadmin -l dump
If both are Heimdal, then I’ve done:
kadmin -l dump —decrypt | grep ‘^principal’ >xfr.file
kadmin -l merge xfr.file
If it’s between implementations, then the only general solution is to
independently create them with a password (a really long/good password). I’ve
written no code, but I’ve gener
Dear Colleagues,
I would like to copy some user principals from one realm to another
while retaining their keys/passwords. Which is the correct way to do
it a) within one multi-realm KDC b) between two KDCs?
--
Victor Sudakov, VAS4-RIPE, VAS47-RIPN
sip:suda...@sibptus.tomsk.ru
10 matches
Mail list logo
