Filter
Top Products
Migrating to a Newer Version of the Kerberos Server
Migrating from Kerberos Server Version 3.0 to Version 3.1
Chapter 3 49
Migrating from Kerberos Server Version 3.0 to
Version 3.1
If you want to use the Kerberos server with LDAP as the backend
database, migrate your existing Kerberos server to Kerberos server v3.0.
Use the krb_2_ldap utility to migrate information of the previous
version of the Kerberos server to the LDAP database. The krb_2_ldap
utility performs the following tasks, while migrating information:
• Converts each entry of the version 2.0 or 3.0 dumpfile to ldif file
entry. The new entries are dumped into an LDIF file.
• Logs any log messages or errors and displays it in stdout format.
Complete the following steps to migrate from Kerberos server v3.0 to
v3.1:
Step 1. Dump the database on the v3.0 server.
On the Kerberos server v3.0, dump the database with the default dump
version. The dump file must contain the default header, “kdb5_util
load_dump version 5.0”.
# kdb_dump -f /opt/krb5/dumpfilev3.1
Step 2. Use the krb_2_ldap utility to create the LDIF file.
# krb_2_ldap -d <dump filename> -l <ldif filename>
Step 3. You must manually edit the LDIF file.
Uncomment the first two lines of the LDIF file. Replace the DN name and
the changetype, if necessary.
Step 4. Load the LDIF file using the following command:
/opt/ldapux/bin/ldapmodify -d “cn=amathew” -w eso! -h
<hostname> -p <port number> -f <ldif filename>
On successful completion, the following message is displayed:
Load Successful
Now, the migration process of the principal information is completed.