The Kerberos database is the backbone of Kerberos and must be maintained properly. This section provides some procedures for administering the Kerberos database, such as backing up and restoring the database, setting up incremental or parallel propagation, and administering the stash file. The steps to initially set up the database are in MIT Kerberos Installation Guide.
If your KDC database was created on a server that was running an old release, converting the database enables you to take advantage of the improved database format.
Before You Begin
Use this procedure only if the database is using an older format.
On the KDC master, you must assume the root role. For more information, see Using Your Assigned Administrative Rights in Securing Users and Processes in Oracle Solaris 11.3.
kdc1# svcadm disable network/security/krb5kdc kdc1# svcadm disable network/security/kadmin
kdc1# mkdir /var/krb5/tmp kdc1# chmod 700 /var/krb5/tmp
kdc1# kdb5_util dump /var/krb5/tmp/prdb.txt
kdc1# cd /var/krb5 kdc1# mv princ* tmp/
kdc1# kdb5_util load /var/krb5/tmp/prdb.txt
kdc1# svcadm enable -r network/security/krb5kdc kdc1# svcadm enable -r network/security/kadmin