[OpenAFS] Password transition to krb5 - your methods?
Jeff Blaine
jblaine@kickflop.net
Thu, 25 Oct 2007 11:28:33 -0400
You had me wondering.
The only reference to afs2k5db I could find in source was
src/packaging/RedHat/openafs.spec.in
Which then leads me to:
Are the RedHat builds getting preferential treatment with
regard to this? Is there a reason? What's up?
Steve Devine wrote:
> Steve Devine wrote:
>> Jeff Blaine wrote:
>>> Steve Devine wrote:
>>>> Jeff Blaine wrote:
>>>>> I realize there's not a conversion process to get AFS krb4
>>>>> principal passwords into krb5-land.
>>>>>
>>>>> What approaches have you all taken in order to make the
>>>>> kaserver -> krb5 KDC transition as painless as possible
>>>>> to users?
>>>>>
>>>>> Thanks for any insight/tips.
>>>> This is not so.
>>>> From my notes :
>>>> ***********************************
>>>> afs2k5db /usr/afs/db/kaserver.DB0 >all.out
>>>> then edit the all.out file:
>>>> Remove line for AuthServer , krbtgt, and afs
>>>> Be sure and leave in first line ( kdb5_util load_dump version 4)
>>>> Then load em all in.
>>>> kdb5_util load -update all.out
>>>> (Leave verbose switch out it will just slow you down.)
>>>> ********************************
>>>
>>> I assume that's a Heimdal installation?
>> No we are using MIT kerberos.
>>>
>>> I should have clarified in the original post: MIT Kerberos.
>>>
>>> Or is everyone using Heimdal with OpenAFS?
>>>
>>> _______________________________________________
>>> OpenAFS-info mailing list
>>> OpenAFS-info@openafs.org
>>> https://lists.openafs.org/mailman/listinfo/openafs-info
>>
>>
> Sorry I forgot this doesn't come with Mit Kerberos .. you need to get
>
> afs-krb5 and build it against your kerberos libs.
> Google is your friend.
> /sd
>
>