How to quickly get a snapshot of the Heimdal DB file

Adam Lewenberg adamhl at stanford.edu
Sun Apr 2 16:37:23 CEST 2017



On 4/1/2017 5:52 PM, Nico Williams wrote:
> On Sat, Apr 01, 2017 at 04:59:56PM -0700, Adam Lewenberg wrote:
>> I am looking for a quick way to get a snapshot of the Kerberos database
>> file.
>>
>> The most obvious way to do this would be to shutdown the kerberos service,
>> copy the file, and restart the service. This could be done on one of the
>> replicas, perhaps one that does not get actual authentication requests.
>
> You can use the lock sub-command of kadmin -l, copy the HDB, and then
> unlock.

I don't see that command in the man page. Is that a new command (we are 
still running Heimdal 1.5.2)?

Adam Lewenberg

>
> You could also setup a hidden slave on the same host as the master, then
> stop that ipropd-slave to take a snapshot of its HDB.
>
> Nico
>



More information about the Heimdal-discuss mailing list