Installing, Configuring and Administering the Kerberos Server V 2.0 on HP-UX 11i
Administration
Manual Administration Using kadmin
Chapter 6170
Manual Administration Using kadmin
The Command-Line-Administrator is the program used to administer
the principal database. It allows principals with administrative
privileges to maintain the principal database using this command line
tool. Each user, client or service that is authenticated by the security
server must be included in the principal database.
There are two different versions of this program, namely,
• Local Command-Line-Administrator, kadmin
• Remote Command-Line-Administrator, kadminl
The Local Command-Line-Administrator, kadminl, is available only on
the Primary Security Server. The Remote Command-Line-Administrator,
kadmin, can be installed on Secondary Security Servers and clients to
permit remote administration of the prinicpal database.
Location
Local Administrator on the primary security server:
opt/krb5/admin/kadminl
Remote Administrator on secondary security servers and clients:
/opt/krb5/bin/kadmin
NOTE You must add the first administrative principal on the Local
Administrator, kadminl, located on the primary server before you can log
on to the Remote Command-Line-Administrator, kadmin from a
secondary server or client.
You can use the kadmin to:
• Add, modify, inquire or delete principals
• Change the password of an existing principal
• Extract a key for an existing prinicpal
• Extract service principal information to the service key table