allows the Kerberos key distribution center (KDC) database administrator to perform utility functions on the database.

The operation must be one of the following:

load

initializes the KDC database with the records described by the text contained in the file filename . Any existing database is overwritten.

dump

dumps the KDC database into a text representation in the file filename .

slave_dump

performs a database dump like the dump operation, and additionally creates a semaphore file signalling the propagation software that an update is available for distribution to slave KDC databases.

merge

merges in the entries from filename into the database.

new_master_key

prompts for the old and new master key strings, and then dumps the KDC database into a text representation in the file filename . The keys in the text representation are encrypted in the new master key.

convert_old_db

prompts for the master key string, and then dumps the KDC database into a text representation in the file filename . The existing database is assumed to be encrypted using the old format (encrypted by the key schedule of the master key); the dumped database is encrypted using the new format (encrypted directly with master key).

verify_master_key: Invalid master key, does not match database.

The master key string entered was incorrect.

/var/kerberos/principal.pag Ns No , /var/kerberos/principal.dir

DBM files containing database

filename Ns .ok

semaphore file created by slave_dump .