Migration

Step-wise Procedure For Migration

 

 

Step-wise Procedure For Migration

 

 

Given below is a step-wise procedure to migrate from version 1.0 to

 

 

version 2.0 of the Kerberos Server.

 

 

The lines beginning with => is a continuation with the previous line.

NOTE

 

 

 

 

Step

1.

Dump the database on the version 1.0 Server

 

 

On the Kerberos Server version 1.0, dump the database with the

 

 

default dump version. The dump file must contain the default header,

 

 

kdb5_util load_dump version 5

 

 

# kdb5_util dump /opt/krb5/dumpfilev1.0

Step

2.

Stop the version 1.0 Kerberos daemons

Step

3.

Install the Kerberos Server version 2.0 on your system

Step

4.

Migrate version 1.0 dump file to version 2.0 dump file.

 

 

Run the kdb_migrate tool to generate the version 2.0 dump file

 

 

# kdb_migrate -i /opt/krb5/dumpfilev1.0 -o

 

 

=>

/tmp/kdb_migrate.log

 

 

=>

/opt/krb5/dumpfilev2.0 -p /opt/krb5/polv2 -1

 

 

If the /var/adm/krb5/krb5kdc/kdc.conf file does not exist and,

 

 

the master key name is not the default (K/M) then it needs to be

 

 

 

specified as an argument in kdb_migrate, by specifying the -M

 

 

 

option.

 

 

the encryption type will be the encryption type of the master

 

 

 

principal obtained from the dumpfilev1.0, if the -eoption is not

 

 

 

specified.

If the /etc/krb5.conf file does not exist, the migration process fails.

Chapter 3

45

Page 45
Image 45
HP UX Kerberos Data Security Software manual Step-wise Procedure For Migration