[3415] in Kerberos
Re: removing users from the kerberos database
daemon@ATHENA.MIT.EDU (John Hascall)
Wed Jun 15 22:44:20 1994
To: kerberos@MIT.EDU
Date: 15 Jun 1994 20:36:18 GMT
From: john@iastate.edu (John Hascall)
<mtrehan@indyunix.iupui.edu> wrote:
}I tried to remove some users from my kerberos database. The kdb_util dump
}completed successfully. After cleaning up the file, I issued kdb_util load
}and it seemed to be successful. Next I tried to test it by using kinit, and
}it could not find the principal. I took kerberos and kadmind down, thinking
}perhaps this will put everything back in sync, but, now kerberos refuses to
}come up.
}
}I get the following error:
}
}verify_master_key: Kerberos error on master key version lookup, 0 found.
Sounds to me like you deleted the line which looks like this:
K M 255 1 1 0 f9ffcbe8 a1b1e1f0 200001010459 199005230232 db_creation *
This is a big no-no..
If it is not in one of your dump files it can be recreated by
creating a new DB (with a different name) and dumping it --
*if* somebody still remembers the initial master password string
-- which you should have sealed in a vault some place...).
John
--
John Hascall ``An ill-chosen word is the fool's messenger.''
Systems Software Engineer
Project Vincent
Iowa State University Computation Center + Ames, IA 50011 + 515/294-9551
