kdb5_util dump on host1 && kdb5_util load on host2

[Turbo Fredriksson]

        Please keep any further discussion on the Kerberos list!

>>>>> "Alfred" == Alfred Hovdestad <alfred.hovdestad at usask.ca> writes:

    Alfred> I am trying to dump our Kerberos database on one server,
    Alfred> and reload it on another with a different realm.  I can
    Alfred> edit the dump file and rename the principle, but when I
    Alfred> reload the kerberos database, I get

    Alfred> kinit(v5): Password incorrect while getting initial
    Alfred> credentials

I don't THINK this is possible. In a couple of the columns, you have
an encoded string, I _THINK_ that the realm is located there as well...

    Alfred> I tried the method that you used to load the databaes on
    Alfred> another server, but I still get the same errors.  When you
    Alfred> loaded the database, did you remove the K/M and kadmin/*
    Alfred> entries, or did you leave them in?  Did you do a full
    Alfred> reload, or a load -update?

    Alfred> 2. Load the database dump a. kdb5_util load krb5-20020522
    Alfred> => krb5-20020522 is the dump file

Since my two new Kerberos server is to REPLACE my current one (I'm
moving the Kerberos servers of the user server) I keep EVERYTHING
as the original (ie, keeping the K/M and kadmin/* principals).

Now, since I'm moving my Kerberos database from a Intel PC to a Sun
SPARC (same OS - Debian GNU/Linux - though) I had to extract the
stash file from the database (a PC and a SPARC have different byte
order). And I've done a FULL load every time to be sure they are
EXACTLY like the original db.
-- 
South Africa NSA Panama security North Korea pits munitions Semtex
Kennedy arrangements ammunition KGB supercomputer critical president
[See http://www.aclu.org/echelonwatch/index.html for more about this]