Let's make sure I am not missing something basic: I do this when setting up a kdc with master key: mkdir /var/heimdal kstash kadmin -l init REALM kadmin -l add myself kadmin -l add --random host/kdc.my.domain Sounds ok? MVH leifj