[OpenAFS] Principal afs@A.COM vs. afs/a.com@A.COM ?

Alexander Lazarević alexander@lazarevic.de
Wed, 1 Feb 2012 08:03:29 +0100


--f46d04083a6375257b04b7e1ae13
Content-Type: text/plain; charset=UTF-8

2012/1/31 Derrick Brashear <shadow@gmail.com>

> If you do decide to change principal names (and afs/cell@ is
> recommaned) know that you just need to rename the principal in your
> KDC.
> The key will stay the same, and the AFS KeyFile doesn't care about the
> principal name, only the key itself... which won't have changed.
>

Derrick, thanks for that suggestion. Unfortunately I wasn't able to find a
"rename principal" in my KDC (1.9 from the ubuntu package). I just created
a new principal, extracted the key and plugged it into the fileservers. I
guess that was a little more work, but worked as well.

Alex

--f46d04083a6375257b04b7e1ae13
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: quoted-printable

2012/1/31 Derrick Brashear <span dir=3D"ltr">&lt;<a href=3D"mailto:shadow@g=
mail.com">shadow@gmail.com</a>&gt;</span><br><div class=3D"gmail_quote"><bl=
ockquote class=3D"gmail_quote" style=3D"margin:0 0 0 .8ex;border-left:1px #=
ccc solid;padding-left:1ex">

If you do decide to change principal names (and afs/cell@ is<br>
recommaned) know that you just need to rename the principal in your<br>
KDC.<br>
The key will stay the same, and the AFS KeyFile doesn&#39;t care about the<=
br>
principal name, only the key itself... which won&#39;t have changed.<br></b=
lockquote><div><br>Derrick, thanks for that suggestion. Unfortunately I was=
n&#39;t able to find a &quot;rename principal&quot; in my KDC (1.9 from the=
 ubuntu package). I just created a new principal, extracted the key and plu=
gged it into the fileservers. I guess that was a little more work, but work=
ed as well.<br>

<br>Alex<br></div></div>

--f46d04083a6375257b04b7e1ae13--