Hello Rick, I think there is no back end store. All the principals are created by running add princ command. All the data rest within the Kerberos. Is there no way I can retrieve it to other Kerberos master server?
Sent from my iPhone > On Sep 18, 2014, at 2:11 AM, "Rick van Rein" <r...@openfortress.nl> wrote: > > Hello Vanna, > > If your backend store is LDAP, I would expect it to be portable. You can > actually try that by having multiple KDCs use the same LDAP, because the KDC > has readonly access. You could temporarily shut down the write actions > during the transition (kadmin, kpasswd) but even there I doubt it would be > problematic, as LDAP makes atomic object updates and Kerberos contains its > data in single objects. > > For other backends I don’t know — maybe a transition to LDAP first, but I > don’t know if that’s documented anywhere. > > Does this help? > > Cheers, > -Rick ________________________________________________ Kerberos mailing list Kerberos@mit.edu https://mailman.mit.edu/mailman/listinfo/kerberos
