i'm replacing the NIS with LDAP and Kerberos, the question is , is there any way to automate the creation of the principals? do i have to add a pricipal for each user in my current system or there is a tool (like ldap migration) that can do that?
thanks a lot
The pam module you may be interested in is pam_krb5_migrate, you may also want to take alook at nis to ldap scripts.Youll need to use the scripts then manualy go through each user pointing the password field to kerberos as well as inputing the kerberos user name.
Then onece ye done that use pam_krb5_module on all the clients to migrate NIS passwords to kerberos. When the user logs on there credentials will be added to the kerberos relm. retire NIS once all accounts have been transferd