Re: heimdal -> MIT kdc migration Was: August 2025 stabilization week

Reply: Cy Schubert : "Re: heimdal -> MIT kdc migration Was: August 2025 stabilization week"
In reply to: Gleb Smirnoff : "heimdal -> MIT kdc migration Was: August 2025 stabilization week"
Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: Rick Macklem <rick.macklem_at_gmail.com>
Date: Tue, 26 Aug 2025 16:56:10 UTC

On Tue, Aug 26, 2025 at 8:31 AM Gleb Smirnoff <glebius@freebsd.org> wrote:
>
> On Tue, Aug 26, 2025 at 08:13:26AM -0700, Rick Macklem wrote:
> R> Ok. If you install FreeBSD-13.5 and then "pkg install heimdal", you get a
> R> working Heimdal-7.8 in ports.
> R>
> R> Now, I have another challenge. Fixing the master passwords.
> R> I'll work on it later to-day.
Ok, I finally got the database to move over, (using Heimdal-7.8) but
the passwords didn't work.
kinit would complain that the password was wrong before it even prompted
for the password.

Doing a change_password in kadmin.local made it work, but changing
everyone's password would be a pain.

rick

>
> I have applied two commits from Heimdal from 2012 that add 'kadmin dump -f MIT'
> feature to our base heimdal and polished them to compile.  So far it doesn't
> work yet, either create an empty dump or create a core dump, instead of
> database dump :) I'll see how difficult it is going to further resolve that to
> a working condition. If I succeed, then having 'dump -f MIT' in base without
> any ports would be the best solution.  Can also be merged to FreeBSD 14.4.
>
> --
> Gleb Smirnoff