Andrew Deason <[email protected]> writes: > For Kerberos, if you're using about MIT or Heimdal, this may be > difficult, since usually the keys for user principals are all salted > with the realm name. In the past I believe doing this was considered > impossible to do with existing code, but maybe things have improved. > This is more appropriate for the relevant Kerberos list, but someone may > respond here further anyway.
Heimdal at least can indicate the salt that's used in the database entry, and I believe that makes realm renaming work properly without changing the keys. However, I can't find any documentation of exactly how to do it. -- Russ Allbery ([email protected]) <http://www.eyrie.org/~eagle/> _______________________________________________ OpenAFS-info mailing list [email protected] https://lists.openafs.org/mailman/listinfo/openafs-info
