Installing, Configuring and Administering the Kerberos Server V 2.0 on HP-UX 11i
Administration
Administrative Permissions
Chapter 6162
• Restricted administrator in both This Realm and
All Realms fields - Restricts actions on
admin_acl_file entries that belong to any realm
supported by the primary security server.
Administrative principals who have the Restricted
Administrator modifiers are not restricted from
managing principals that are not included in the
admin_acl_file.
The Restricted Administrator modifier setting does not
override the Modify Administrative Permissions
setting; that is, an administrative principal with both
the Modify Administrative Permissions and the
Restricted Administrator settings enabled can change
principal settings in the admin_acl_file, including their
own.
The Restricted Administrator modifier setting also
does not override the Edit Group Default setting; so an
administrative principal with both these settings
enabled can edit the values of the default group
principal.
Edit Group Select this box to allow the user to edit the default
Defaults values stored in the default group for the realm. Edits
to the default principal are made through the Group
Information window.
Modify Select this box to allow the user to modify
Administrative administrative permissions for other users. Changes
Permissions are made on the Administrative Permissions
window.
All button The Administrative Permissions window features two
All buttons,
• one for the designated principal in all realms
• the other for the designated principal in the
specified realm
Click either button, respectively, to assign all
administrative permissions for the principal in all
realms or this realm only.