After long and continued use, the principal database on the
primary security server can grow large due to unused space. When
you delete a principal, the space that the record had occupied is
not removed. Instead, the space is reserved and marked as available.
Therefore, after extensive use, the database can grow very large.
You can correct this by loading all existing principals into a new
database.
To create a new database and load existing records on the
primary security server, log on as a root user and complete the
following steps:
Stop the services and daemons by executing
the following command:
# /sbin/init.d/krbsrv stop |
Make an archive of the principal.* files found on the primary security server.
Dump the database by running the following command at
the HP-UX command prompt:
# /opt/krb5/admin/kdb_dump -f /tmp/filename |
Delete the old database by running the following command
at the HP-UX command prompt:
# rm /opt/krb5/principal* |
Create a new database using the same master password
and encryption type as when the database was originally created
by executing the following command:
# /opt/krb5/admin/kdb_create -s -e enctype |
Load the dump file by running the following command
at the HP-UX command prompt:
# /opt/krb5/admin/kdb_load -f /tmp/filename |
Restart the services and daemons by running the following
command at the HP-UX command prompt:
/sbin/init.d/krbsrv start |
Remove the /tmp/filename file after you have verified that the new database
is functioning without problems.
Printable version
