Filter
Top Products
Administering the Kerberos Server
Manual Administration Using kadmin
Chapter 8208
[principal] Specifies an alternate principal to extract other than
the default host/fqdn@REALM principal, for example,
ext finance@BAMBI.COM
After ext executes, it prompts you for the service key table file name.
The default file name is /krb5/v5srvtab.
Listing the Attributes of a Principal
The inq command lists the attributes of the principal, if it exists. The
kadmin utility displays the following message if the principal does not
exist in the database:
Principal does not exist
The general syntax for listing the attributes of the principal is as follows:
command: inq
For example, to list the attributes of the principal admin, type kadmin at
the HP-UX prompt, and specify the inq command and the name of the
principal. Following is a sample output for the inq command:
command: inq
Name of Principal: admin
Modifying a Principal
To modify attributes of a principal in the database, use the kadmin mod
command. In addition to the name of the principal, you must also specify
the type of parameter.
You can modify the following parameters:
attr Specifies properties associated with the principal.
fcnt Specifies the number of failed authentication attempts
allowed for a principal. The number must be an integer
between 0 and 255.
vno Specifies the key version number. The number must be
an integer between 0 and 255. When you create a
principal, its key version number (vno) is 1 and the
version number automatically increments by one each
time the key is changed.