[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: How to use kadmind
Leif Johansson <firstname.lastname@example.org> writes:
> However, I am at a loss as to what I have to do to get kadmin to
> work; in mit k5 (or so I have heard ;-) there are acl files
> controlling who has the right to do what in kadmin and there is a
> special keytab-file used with kadmind.
Extract the kadmin/admin key from your database and put it in a keytab
someplace. If that keytab isn't /etc/krb5.keytab, you'll have to use
the --keytab option with kadmind.
In the acl-file (normally /var/heimdal/kadmind.acl) you put whoever
you want to access the administration server:
where flags is some combination of `change-password' (or `cpw'),
`list', `delete', `modify', `add', `get', or `all'. Some examples: