Jump to content United States-English
HP.com Home Products and Services Support and Drivers Solutions How to Buy
» Contact HP
More options
HP.com home
 Kerberos Server Version 3.12 Administrator's Guide: HP-UX 11i v3 > Chapter 8 Administering the Kerberos Server

The kadmin and kadminl Utilities
» 

Technical documentation

Complete book in PDF
» Feedback
Content starts here

 » Table of Contents

 » Glossary

 » Index

spacerspacerspacer
spacer
spacer
  		 
 

The kadmin and kadminl Kerberos command-line administrative utilities provide a unified administration interface for the Kerberos database. Kerberos administrators use these utilities to create new users and services for the primary database, and to modify information for the existing entries in the database. You can use these utilities to maintain the Kerberos principals and service key tables (v5srvtab).

The kadmin utility is the remote Kerberos client. It resides on the secondary security servers and client systems. The kadminl utility is the local client; it resides on the primary security server and is intended for use by individuals with root access privileges. You can use kadmin to remotely maintain the database on the primary security server from the local workstation.

Alternatively, you can also use the GUI administrative utility kadmin_ui for remote administration and kadminl_ui for local administration.

Before you log on to the remote administrator from a secondary security server or use a client, add the administrative principal to the database on the primary security server.

To log on to the remote administrator, kadmin, use a principal account that has an entry in admin_acl_file. For complete access to all functions, use an unrestricted administrative principal account with the * permission in admin_acl_file. The account must have at least the inquire privileges. For more information on administrative permissions, see “The admin_acl_file File”.

For more information on the kadmin option, type man 1 kadmin at the HP-UX prompt.

Administration Utilities

Table 8-4 “Administration Utilities” describes the administrative utilities that you can use to administer the Kerberos database.

Table 8-4 Administration Utilities

Name

Description
kadminl_uiThe local graphical interface that runs on the primary security server.
kadminlThe local command-line administrator that runs on the primary security server.
kadmin_uiThe remote GUI that can only be run by administrative principals with the required permissions. It runs on all secondary security servers and any client system where the utility is installed.
kadmin

The remote command-line administrator that can only be run by administrative principals with the required permissions. It runs on all secondary security servers and on any client system where the utility is installed.

krb5_encrypt

The krb5_encrypt tool encrypts the password with the master key that is located in the stash file.

 

NOTE: You cannot use the command-line administrator to control administrative permissions, maximum ticket lifetimes and renew times or the addition of new realms. Therefore, HP recommends that you use the GUI administrative utility for all administrative purposes.


Principals
  		 


HP Kerberos Administrator  
Printable version
Privacy statement Using this site means you accept its terms Feedback to webmaster
© 2007 Hewlett-Packard Development Company, L.P.