How to quickly get a snapshot of the Heimdal DB file
Henry B (Hank) Hotz, CISSP
hbhotz at oxy.edu
Sun Apr 2 21:48:50 CEST 2017
This is the one I’ve always used.
You can grep out specific entries and hand-edit them if you need to make changes not otherwise supported by the admin interface. Also you can use this method to move full-strength cross-realm keys between installations.
It’s also a great way to undo an otherwise-dangerous experiment. ;-)
> On Apr 2, 2017, at 10:44 AM, Roland C. Dowdeswell <Roland.Dowdeswell at twosigma.com> wrote:
> On Sat, Apr 01, 2017 at 04:59:56PM -0700, Adam Lewenberg wrote:
>> I am looking for a quick way to get a snapshot of the Kerberos
>> database file.
> In addition to the other methods suggested already, you could just:
> $ kadmin -l dump <file>
> which can be later loaded with:
> $ kadmin -l load <file>
> Or one could even grep the entries out that you wish to restore and pass
> them to:
> $ kadmin -l merge <file>
> if, say, you wanted to revert some entries to the dump file that you
> created using the cronjob that we all generally have in place.
> Roland C. Dowdeswell
Personal email. hbhotz at oxy.edu
More information about the Heimdal-discuss