Re: How to migrate from MIT krb5 -> Heimdal?

[Howard Chu <hyc@highlandsun.com>]

Michael B Allen wrote:
> On Tue, 23 Jan 2007 14:14:34 -0800
> David Wolfskill <dhw@mail-abuse.org> wrote:
>
>   
>> Is there a way to copy the salient information from the MIT krb5 KDC to
>> a shiny new Heimdal KDC in such a way that the Heimdal KDC can then
>> actually use the information to create or validate tickets?
>>     
>
> I don't use KDCs for anything but testing my products so take what I
> say with a grain of salt but if you're using "standard" keytab files
> my understanding is that Heimdal and MIT are completely compatible. You
> may want to make sure Heimdal is configured to support all the enctypes
> used in your current files but otherwise I would just try to create a
> standard Heimdal KDC, import the keytab with ktutil and go.
>   

The KDC database is not stored in keytab files. You need to use 
"kdb5_util dump" on the MIT KDC to get a dump file and then import that 
into Heimdal.  Search the archives of this mailing list for details, 
it's been discussed many times before.

-- 
  -- Howard Chu
  Chief Architect, Symas Corp.  http://www.symas.com
  Director, Highland Sun        http://highlandsun.com/hyc
  OpenLDAP Core Team            http://www.openldap.org/project/