Migrating from Kerberos Server Version 3.0 to Version 3.12

If you want to use the Kerberos server with LDAP as the backend database, migrate your existing Kerberos server to Kerberos server v3.0.

Use the krb_2_ldap utility to migrate information of the previous version of the Kerberos server to the LDAP database. The krb_2_ldap utility performs the following tasks, while migrating information:

Converts each entry of the version 2.0 or 3.0 dumpfile to ldif file entry. The new entries are dumped into an LDIF file.
Logs any log messages or errors and displays it in stdout format.

Complete the following steps to migrate from Kerberos server v3.0 to v3.12:

Dump the database on the v3.0 server.
On the Kerberos server v3.0, dump the database with the default dump version. The dump file must contain the default header, “kdb5_util load_dump version 5.0”.
# kdb_dump -f /opt/krb5/dumpfilev3.12

Use the krb_2_ldap utility to create the LDIF file.

# krb_2_ldap -d <dump filename> -l <ldif filename>

You must manually edit the LDIF file.
Uncomment the first two lines of the LDIF file. Replace the DN name and the changetype, if necessary.
Load the LDIF file using the following command:
/opt/ldapux/bin/ldapmodify -d “cn=amathew” -w eso! -h <hostname> -p <port number> -f <ldif filename>

On successful completion, the following message is displayed:

Load Successful

Now, the migration process of the principal information is completed.

Migrating from Kerberos Server Version 3.0 to Version 3.12

Technical documentation

» Table of Contents

» Glossary

» Index