Filter
Top Products
Administering the Kerberos Server
Setting Administrative Permissions
Chapter 8188
Setting Administrative Permissions
Use the HP Kerberos Administrator window to assign administrative
permissions to users. When you assign administrative permissions to a
principal, the principal and its permissions are saved to
admin_acl_file located on the primary security server.
HP recommends that you add the /admin instance to a principal to
identify a principal as an administrator. The /admin instance of the user
must have a password different from the password for other instances,
thus providing additional security during administrative tasks. To
perform administrative tasks, you must log on to the HP Kerberos
Administrator with the admin principal, for instance,
user/admin@REALM.
To set administrative permission, complete the following steps:
Step 1. In the HP Kerberos Administrator window, choose the Principals tab
and select the realm where the principal is located.
Step 2. Click List All or Search to find the principal for which you want to
assign administrative permissions. For more information on how to
search a principal, see “Searching for a Principal” on page 149.
Step 3. Click Edit to display the Principal Information window (Figure 8-2).
Step 4. Choose the Principal Information>Edit, and choose the Edit
Administrative Permissions option to display the Administrative
Permissions window (Figure 8-11).
Step 5. In the Administrative Permissions window, select the appropriate
permissions for the principal. You can assign permission for the principal
for all realms or only for the realm where the principal resides.
To enable a principal to run the remote or local administrative utility,
you must enable the Inquire About Principals option. For more
information, see “Administrative Permissions” on page 189.
Step 6. Click OK to save the permissions to admin_acl_file.