--- HOWTO.orig	2021-03-08 06:36:31.408220869 -0500
+++ HOWTO.md	2021-03-08 06:44:26.483900189 -0500
@@ -93,7 +93,7 @@
      # Primary daemon configuration
      PrimaryHost        =   "mngt" ;
      PrimaryPort        =   12345 ;
-     PrimaryPrincipal   =   "host/mngt.realm.a/REALM.A";
+     PrimaryPrincipal   =   "host/mngt.realm.a@REALM.A";
      # Enable/Disable NAT traversal support (yes/no)
      # this value must be the same on every nodes
      NAT                =   yes ;
@@ -138,17 +138,17 @@
 
     # cat /etc/auks/auksd.acl
     rule {
-            principal = ^host/mngt.realm.a/REALM.A$ ;
+            principal = ^host/mngt.realm.a@REALM.A$ ;
             host = * ;
             role = admin ;
     }
     rule {
-            principal = ^host/compute.realm.a/REALM.A$ ;
+            principal = ^host/compute.realm.a@REALM.A$ ;
             host = * ;
             role = admin ;
     }
     rule {
-            principal = ^[[:alnum:]]*/REALM.A$ ;
+            principal = ^[[:alnum:]]*@REALM.A$ ;
             host = * ;
             role = user ;
     }
@@ -169,7 +169,7 @@
      # Primary daemon configuration
      PrimaryHost        =   "mngt" ;
      PrimaryPort        =   12345 ;
-     PrimaryPrincipal   =   "host/mngt.realm.a/REALM.A";
+     PrimaryPrincipal   =   "host/mngt.realm.a@REALM.A";
      # Enable/Disable NAT traversal support (yes/no)
      # this value must be the same on every nodes
      NAT                =   yes ;
@@ -203,7 +203,7 @@
 	An empty file lets the aukspriv service act with default value that
 	correspond to doing a kinit using /etc/krb5.keytab periodically and store
 	the result in the root credential cache. This is the intended behavior
-	for ou scenario.
+	for our scenario.
 
       - component starts and tests
 
@@ -258,7 +258,7 @@
      # Primary daemon configuration
      PrimaryHost        =   "mngt" ;
      PrimaryPort        =   12345 ;
-     PrimaryPrincipal   =   "host/mngt.realm.a/REALM.A";
+     PrimaryPrincipal   =   "host/mngt.realm.a@REALM.A";
      # Enable/Disable NAT traversal support (yes/no)
      # this value must be the same on every nodes
      NAT                =   yes ;
@@ -348,7 +348,7 @@
      # Primary daemon configuration
      PrimaryHost        =   "mngt" ;
      PrimaryPort        =   12345 ;
-     PrimaryPrincipal   =   "host/mngt.realm.a/REALM.A";
+     PrimaryPrincipal   =   "host/mngt.realm.a@REALM.A";
      # Enable/Disable NAT traversal support (yes/no)
      # this value must be the same on every nodes
      NAT                =   yes ;
@@ -390,7 +390,7 @@
 	An empty file lets the aukspriv service act with default value that
 	correspond to doing a kinit using /etc/krb5.keytab periodically and store
 	the result in the root credential cache. This is the intended behavior
-	for ou scenario.
+	for our scenario.
 
       - component starts and tests