[Freeipa-users] Migrate KRB DB hashes to IPA LDAP
Simo Sorce
simo at redhat.com
Mon Oct 13 21:05:22 UTC 2014
On Mon, 13 Oct 2014 17:30:58 +0200
Andreas Ladanyi <andreas.ladanyi at kit.edu> wrote:
> On my old system from which i migrated the users/group accounts uses
> the Kerberos own DB without LDAP for the principals.
>
> I could dump the master key :
>
> kdb5_util dump filename K/M at REALM
>
> Now i have a lot of numbers in the dumpfile. Which number belongs to
> which LDAP attribute in the (test) FreeIPA 389 LDAP System (Simon
> called it a throwaway system :-) )
>
> I dont know the data structure of the KRB own DB.
And you shouldn't really care, you should use the kdb5 utils to load
back the dumped DB, provided you first create all users and hosts and
services via the freeipa tools.
Simo.
--
Simo Sorce * Red Hat, Inc * New York
More information about the Freeipa-users
mailing list