Migrating from Apple OpenDirectory?
Love Hörnquist Åstrand
lha at kth.se
Tue Apr 20 23:45:40 MDT 2010
20 apr 2010 kl. 23:40 skrev Michael Wood:
> Damn. Forgot to copy the list again. Sorry.
>
> On 20 April 2010 13:09, Love Hörnquist Åstrand <lha at kth.se> wrote:
>>
>> 20 apr 2010 kl. 11:56 skrev Michael Wood:
>>
>>>>
>>>> Once you have the data in the dump format, this may be easy to parse, or
>>>> else it may be better to read it using Heimdal tools somehow.
>>>
>>> The dump format looks trivial to parse, but I don't know yet which
>>> field is the arcfour-hmac-md5 hash or what the other hashes are and
>>> whether or not they're needed.
>>
>> Heimdal dump format is documented here:
>>
>> http://www.h5l.org/manual/HEAD/krb5/krb5_fileformats.html
>
> Thanks, but it's actually the "kdb5_util load_dump version 4" format
> that I need the documentation for. This is what I get when I dump the
> MIT Kerberos database on OS X. I suppose I should just load that into
> Heimdal and then dump it so I can make use of the link above :)
You can dump the database directly and load it into Heimdal
http://www.h5l.org/manual/HEAD/info/heimdal/Migration.html#Migration
10 Migration
10.1 Migration from MIT Kerberos to Heimdal
hpropd can read MIT Kerberos dump, the format is the same as used in mit-kerberos 1.0b7, and to dump that format use the following command: `kdb5_util dump -b7'.
To load the MIT Kerberos dump file, use the following command:
`/usr/heimdal/libexec/hprop --database=dump-file --master-key=/var/db/krb5kdc/mit_stash --source=mit-dump --decrypt --stdout | /usr/heimdal/libexec/hpropd --stdin'
More information about the samba-technical
mailing list