The following section describes the database administration
procedures.
Dumping a Kerberos Database to
a File |
 |
You can use the kdb5_util command on a KDC to dump a Kerberos database into a file.
The general syntax is:
kdb5_util dump [-old] [-b6] [-ov] [-verbose] [filename [principals....]]
The kdb5_util dump command has the following options:
- -old
causes the dump to be in the earlier dump format
in previous Kerberos version.
- -b6
causes the dump to be in the Kerberos 5 Beta 6 format.
- -ov
causes the dump to be in ovsec_adm_export format.
- -verbose
causes the name of each principal and policy to
be printed as it is dumped.
Given below is an example of a kdb5_util dump:
shell% kdb5_util dump <dumpfile>
shell%
Shell% kdb5_util dump -verbose dumpfile
kadmin/admin@FINANCE.BAMBI.COM
krbtgt/FINANCE.BAMBI.COM@FINANCE.BAMBI.COM
kadmin/history@FINANCE.BAMBI.COM
K/M@FINANCE.BAMBI.COM
kadmin/changepw@FINANCE.BAMBI.COM
shell% |
When you specify the principals you want to dump, you must
use the full principal, as in the following example:
shell% kdb5_util dump dumpfile K/M@FINANCE.BAMBI.COM
shell% |
If you do not specify the full principal, the principals that
do not match in the database will not be dumped.
shell% kdb5_util dump -verbose dumpfile K/M kadmin/admin
shell% |
If you do not specify a dump file, kdb5_util will dump the database to the standard output.
|
| |
|
 | NOTE: The directory where the kdb5_util will dump the database must have restricted access to
it. |
|
| |
|
Printable version
