[36752] in Kerberos
RE: Renaming principals causes them to disappear
daemon@ATHENA.MIT.EDU (Paul B. Henson)
Tue Feb 3 22:01:01 2015
From: "Paul B. Henson" <henson@acm.org>
To: "'Greg Hudson'" <ghudson@mit.edu>, <kerberos@mit.edu>
In-Reply-To: <54D11F70.6010001@mit.edu>
Date: Tue, 3 Feb 2015 19:00:33 -0800
Message-ID: <077301d04026$c02e9e80$408bdb80$@acm.org>
MIME-Version: 1.0
Content-Language: en-us
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu
> From: Greg Hudson
> Sent: Tuesday, February 03, 2015 11:20 AM
>
> I have duplicated this problem; rename_principal breaks all the time
> with LDAP, but works with BDB. This has likely been the case since
Hmm, that's a bummer, I was just about to avail of rename_principal
functionality with an LDAP backend as part of a realm rename we have coming
up :(. I was planning to rename everything and then rename it back in order
to hardcode the correct salt before changing the realm name and avoid having
to reset passwords. Given this bug, I guess I would have to dump the
database, load it into bdb, do the renames, dump it again, and then load it
back into ldap?
Can you think of any easier way to store the correct salt with a principal
before a realm rename?
Thanks.
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
