[3412] in Kerberos
Re: removing users from the kerberos database
daemon@ATHENA.MIT.EDU (mtrehan@indyunix.iupui.edu)
Wed Jun 15 15:38:10 1994
From: mtrehan@indyunix.iupui.edu
To: kerberos@MIT.EDU
Date: Wed, 15 Jun 1994 13:58:28 -0500 (EST)
> HELP!
>
> I tried to remove some users from my kerberos database. The kdb_util dump
> completed successfully. After cleaning up the file, I issued kdb_util load
> and it seemed to be successful. Next I tried to test it by using kinit, and
> it could not find the principal. I took kerberos and kadmind down, thinking
> perhaps this will put everything back in sync, but, now kerberos refuses to
> come up.
>
> I get the following error:
>
> verify_master_key: Kerberos error on master key version lookup, 0 found.
>
> I tried to load back the original file dumped by kdb_util dump, and I
> still get this error.
>
I found the answer to my question I posted earlier. In case anyone is
interested, the answer is that the line similar to the one below, was
deleted from the flat file.
K M 255 1 1 0 12312312 12312312 200001010459 199406151820 db_creation *
I found this by dumping an empty database (right after running kdb_init)
to a file. There are four lines that are required. As a warning to others
who are getting ready to experiment with deleting from a kerberos database,
DO NOT delete lines containing the text "db_creation".
The four lines begin as shown below:
changepw kerberos 255 1 1 0 ...
krbtgt REALM 255 1 1 0 ...
default * 255 1 1 0 ...
K M 255 1 1 0 ...
--
*******************************************************************
Manjit S. Trehan mtrehan@iupui.edu (317) 274-0837
Indiana UNIXversity Purdue UNIXversity at Indianapolis (IUPUI)
*******************************************************************
