Node:Restoring a Kerberos Database from a Dump File, Next:, Previous:Dumping a Kerberos Database to a File, Up:Global Operations on the Kerberos Database



Restoring a Kerberos Database from a Dump File

To restore a Kerberos database dump from a file, use the kdb5_util load command on one of the KDCs. The syntax is:

     kdb5_util load [-old] [-b6] [-b7] [-ov] [-verbose]
     [-update] [-hash] dumpfilename dbname [admin_dbname]
     

The kdb5_util load command takes the following options:

-old
requires the dump to be in the Kerberos 5 Beta 5 and earlier dump format ("kdb5_edit load_dump version 2.0").
-b6
requires the dump to be in the Kerberos 5 Beta 6 format ("kdb5_edit load_dump version 3.0").
-b7
requires the dump to be in the Kerberos 5 Beta 7 format ("kdb5_edit load_dump version 4").
-ov
requires the dump to be in ovsec_adm_export format.
-verbose
causes the name of each principal and policy to be printed as it is loaded.
-update
causes records from the dump file to be updated in or added to the existing database. This is useful in conjunction with an ovsec_adm_export format dump if you want to preserve per-principal policy information, since the current default format does not contain this data.
-hash
causes the database to be stored as a hash rather than a binary tree.

For example:

     shell% kdb5_util load dumpfile principal
     shell%
     
     shell% kdb5_util load -update dumpfile principal
     shell%
     

If the database file exists, and the -update flag was not given, kdb5_util will overwrite the existing database.