Migrating database to LDAP (kldap)

Andreas Ntaflos daff at pseudoterminal.org
Sat Aug 27 19:08:36 EDT 2011


Hello all,

we have Kerberos 1.8.1 (Ubuntu 10.04) using the default database
configuration (i.e. db2, /var/lib/kerberos) working fine alongside
OpenLDAP, saslauthd (so that authentication against LDAP seamlessly goes
against Kerberos) and PAM (and other things).

I was now wondering if it is possible to migrate the current Kerberos
database to LDAP (with the kldap driver), without having to recreate the
whole realm and every principal and reset every password. It is also
important that saslauthd continues working.

Is there a migration strategy or best practice I can follow? Or is the
whole thing impossible to do?

Thanks,

Andreas

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: OpenPGP digital signature
Url : http://mailman.mit.edu/pipermail/kerberos/attachments/20110828/ca73d262/attachment.bin


More information about the Kerberos mailing list