Changing host name and address
Booker C. Bense
bbense at networking.stanford.edu
Thu Feb 7 09:49:59 EST 2002
On Wed, 6 Feb 2002, Thomas Huang wrote:
>
> Hi,
>
> My group is planning to relocate our KDC host. This also means changing
> the IP address and the host name.
- Changing the IP address is a minor problem. Depending on your
setup users may need to get new tgt's after the swap.
- Changing the hostname is a slightly bigger one. Depending on
your foresight in making CNAME records of the names in krb5.conf you
might have a minor or a big problem. If I were you I'd really
try and set things up so you don't have to change the DNS
name from what's in the krb5.conf files you've distributed.
> Do we need to recreate the host key
> after the relocation?
- You need to create a new host/new.dns.name keytab for
the KDC and you'll need to change acl's on slave kdc's.
> Will we have to reconfigure the existing KDC after
> the relocation (i.e. dumping and reloading the database)?
>
- It wouldn't be a bad idea to do this anyway, in case
something goes wrong. But if you don't change the software
you shouldn't need to reload the database.
- Booker C. Bense
More information about the Kerberos
mailing list