Jump to content United States-English
HP.com Home Products and Services Support and Drivers Solutions How to Buy
» Contact HP
More options
HP.com home
 Kerberos Server Version 3.12 Administrator's Guide: HP-UX 11i v3 > Chapter 8 Administering the Kerberos Server

Creating an Administrative Principal
» 

Technical documentation

Complete book in PDF
» Feedback
Content starts here

 » Table of Contents

 » Glossary

 » Index

spacerspacerspacer
spacer
spacer
  		 
 

You can use the HP Kerberos Administrator window to create an administrative principal. When you create a principal and assign the administrative permissions to it, the principal is stored in admin_acl_file located on the primary security server. For more information on admin_acl_file, see “The admin_acl_file File”.

HP recommends that you assign the /admin instance to a principal that is an administrator. Therefore, a user can have one or more of the following principal accounts:

  • One or more principals with non administrative permissions for daily authentication.

  • One principal account with the /admin instance that has administrative permissions

.

NOTE: The /admin principal of the user must have a different password than the password for other principal accounts of the user. This provides additional security during administrative tasks.

To create an administrative principal, complete the following steps:

  1. In the HP Kerberos Administrator window, select the Realm in which you want to create an administrative account.

  2. Click New to display the Principal Information window as shown in Figure 8-2 “Principal Information Window”.

  3. Enter the identifier/admin@REALM of the administrative principal in the Principal field.

  4. In the General tab, the default ticket information for the administrative principal already exists. You may change this information or retain the old values.

  5. Click Apply to display the Change Password window as shown in Figure 8-3 “Change Password Window”.

  6. Enter the password information and click OK in the Change Password window. Do not select the Generate Random Key option.

  7. In the Attributes tab, select the attributes for the administrative principal. Select the Require Preauthentication attribute if the administrative principal requires a hardware authentication device.

  8. If necessary, click Apply.

  9. Select Principal Information>Edit>Edit Administrative Permissions to display the Administrative Permissions window as shown in Figure 8-4 “Administrative Permissions Window”.

    Figure 8-4 Administrative Permissions Window

    Administrative Permissions Window

    Select the permissions for the administrative principal.

  10. Click *All to select all the permissions and click OK.

  11. Click OK to save all the values to the database and to close the Principal Information window, or click Cancel to close the Principal Information window without saving the values to the database.



Adding Principals to the Database
  		 


Searching for a Principal  
Printable version
Privacy statement Using this site means you accept its terms Feedback to webmaster
© 2007 Hewlett-Packard Development Company, L.P.