Manualshelf

Installing, Configuring and Administering the Kerberos Server V 2.0 on HP-UX 11i

ManualsBrandsHP ManualsSoftwareHP-UX Kerberos Data Security Software
41424344454647484950
Migration
Step-wise Procedure For Migration
Chapter 346
The password of the master key can also be changed while executing the
migration tool. The tool will prompt you for a password change. If you
want to change the password, type yes at the command prompt. If you do
not want to change the password, type no at the command prompt.
NOTE The same password has to be used while creating the minimal database
for version 2.0 of the Kerberos Server, as described in Step 5.
The Policy information is available in /opt/krb5/polv2 and the logs will
be available in /tmp/kdb_migrate.log directory.
Step 5. Configure the Kerberos Server V 2.0
This can either be done manually or by using the krbsetup tool.
The following values need to be the same in both the versions of the
Kerberos Server:
realm name
master key name
The master key password should be identical to the one that was used in
version 1.0. This is applicable if you have not opted to change the
password, as mentioned in Step 4. If you have changed the password, the
same new password has to be used while creating the Kerberos Server
version 2.0 database.
If the -e option is used to change the master key encryption type from
version 1.0 to version 2.0, in Step 4, then the same new encryption type
has to be used for the master key while creating the database in version
2.0.
If the -e option is not specified, in Step 4, then the encryption type with
which the version 2.0 database is created should be the same as the one
specified while creating the version 1.0 database. Refer to the kdc.conf
manpage, master_key_entry, for more details.
# krbsetup
This is an interactive tool that will prompt you for the required
parameters. Refer to the krbsetup (1M) manpage or
Auto-Configuration of the Security Server” on page 64, for more details.