require full path (not bare file) for perl scripts It is considered a security flaw to rely on current workingdir, and recent versions of perl therefore need ./ prefix to explicitly state when ok to load from same dir
comply with Kerberos schema (not deprecated krb-kdc schema) migrate_passwd.pl generates ldif with incompatible kerberos attributes according to related kerberos schema from package krb5-kdc-ldap. Ldif import will fail, due to invalid objectclass combination and invalid kerberos attribute krb5PrincipalName. . migrate_passwd.pl should use "auxiliary" objectClass krbPrincipalAux instead of krb5Principal and attribute krbPrincipalName instead of krb5PrincipalName.
