[OpenAFS] Password transition to krb5 - your methods?

Steve Devine sdevine@msu.edu
Thu, 25 Oct 2007 11:08:17 -0400


Steve Devine wrote:
> Jeff Blaine wrote:
>> Steve Devine wrote:
>>> Jeff Blaine wrote:
>>>> I realize there's not a conversion process to get AFS krb4
>>>> principal passwords into krb5-land.
>>>>
>>>> What approaches have you all taken in order to make the
>>>> kaserver -> krb5 KDC transition as painless as possible
>>>> to users?
>>>>
>>>> Thanks for any insight/tips.
>>> This is not so.
>>>  From my notes :
>>> ***********************************
>>> afs2k5db /usr/afs/db/kaserver.DB0 >all.out
>>> then edit the all.out file:
>>> Remove line for AuthServer , krbtgt, and afs
>>> Be sure and leave in first line ( kdb5_util load_dump version 4)
>>> Then load em all in.
>>> kdb5_util load -update all.out
>>> (Leave verbose switch out it will just slow you down.)
>>> ********************************
>>
>> I assume that's a Heimdal installation?
> No we are using MIT kerberos.
>>
>> I should have clarified in the original post: MIT Kerberos.
>>
>> Or is everyone using Heimdal with OpenAFS?
>>
>> _______________________________________________
>> OpenAFS-info mailing list
>> OpenAFS-info@openafs.org
>> https://lists.openafs.org/mailman/listinfo/openafs-info
>
>
Sorry I forgot this doesn't come with Mit Kerberos .. you need to get

afs-krb5 and build it against your kerberos libs.
Google is your friend. 

/sd


-- 
Steve Devine
Network Storage & Printing
Academic Computing & Network Services
Michigan State University

506 Computer Center
East Lansing, MI 48824-1042
1-517-432-7327

Baseball is ninety percent mental; the other half is physical.
- Yogi Berra