You can run both services in parallel, but users who change their passwords while both systems are active will only affect one database and not the other.Do I need to switch from kaserver to kerberos 5 in one go or can I use both for some time and the clients take the one they best fit in?
It would be far better to run 'fakeka' (which is included in the debian krb5-kdc package) to provide kaserver services (authentication, but not password changes or other 'read-write' operations) using the kerberos 5 authentication database.
p7sq8lnbxqvPW.p7s
Description: S/MIME cryptographic signature