Heimdal -> MIT K5 migration
hozer at drgw.net
Mon Jun 17 19:53:00 EDT 2002
On Mon, Jun 17, 2002 at 05:47:41PM -0500, Steve Langasek wrote:
> Hi Troy,
> On Mon, Jun 17, 2002 at 05:21:07PM -0500, Troy Benjegerdes wrote:
> > I am evaluating whether to run Heimdal KDC's or MIT KDC's..
> > It looks like migrating from a MIT KDC to heimdal is relatively easy (the
> > heimdal hprop can take an MIT dump file)
> > But what about the reverse? Is there any way to convert a Heimdal KDC to
> > an MIT KDC?
> > I am also interested in hearing anyone's suggestions about which K5
> > implementation to use.
> I'm sure you'll get other recommendations according to the preferences
> of each of the respondents. Personally, though I admire how far the
> Heimdal team have come, I think it's hard to ignore the head start
> advantage the MIT implementation enjoys, and I've found it very easy to
> integrate with my Operating System of Choice. Actually, it helps that
> my OS of Choice comes with packages hand-made by someone very close to
> MIT KRB5 development. <shrug>
> Never having gone so far as to fully populate a Heimdal KDC with
> principals I wanted to keep, I have no idea what the migration path to
> an MIT KDC looks like.
> Steve Langasek
> postmodern programmer
As near as I can tell, there isn't one, and even people that want to go
MIT->Heimdal only show up every couple of months.
On another note, I currently have a MIT K5 (1.2.2) KDC, with lots of
active principals. Since OpenBSD (my OS choice for the a replace KDC
machine) has heimdal integrated, I am looking to see if I can convert the
KDC to heimdal easily. And once converted, I don't want to be stuck with
I also seem to be having issues with the database master key. I am able to
sucessfully get all the principals from the MIT KDC to the Heimdal KDC,
but when using the heimdal KDC, none of the passwords worked.
I have tried with and without using the stash file from the MIT KDC
(hprop's -m option). Is the stash file endian dependent?
Troy Benjegerdes | master of mispeeling | 'da hozer' | hozer at drgw.net
-----"If this message isn't misspelled, I didn't write it" -- Me -----
"Why do musicians compose symphonies and poets write poems? They do it
because life wouldn't have any meaning for them if they didn't. That's
why I draw cartoons. It's my life." -- Charles Schulz
More information about the krbdev