Filter
Top Products
Configuring the Primary and Secondary Security Server
Configuring the Primary Security Server
Chapter 7 97
If you are using Kerberos server v2.0 or v3.0, and want to migrate the
principal database to Kerberos server v3.1, see Chapter 3, “Migrating to
a Newer Version of the Kerberos Server,” on page 41.
Add an Administrative Principal
Use the HP Kerberos Administrator (kadminl_ui) instead of the
command-line administrator (kadminl) to add the principal account. For
more information on using the HP Kerberos Administrator and the
command-line administrator, see “The kadmin and kadminl Utilities” on
page 130.
Though it is possible to use the kadmin option to create an
administrative principal, you cannot use kadmin to assign
administrative privileges. If you want to use the kadmin utilities to
manage your administrative principals, use a text editor to add the
required entries to the file.
NOTE You must log on as a root user, on the primary security server, to add an
administrative principal.
For the first administrative principal, HP recommends that you assign
all permissions, indicated by * in admin_acl_file. For more
information, see “The admin_acl_file File” on page 113.
You can add an administrative principal through the HP Kerberos
Administrator GUI, or through the command-line interface.
To add an Administrative Principal Using the HP Kerberos
Administrator
Following steps show you how to add an administrative principal using
the HP Kerberos Administrator:
Step 1. Invoke the HP Kerberos Administrator using the command kadminl_ui.
Step 2. Add a new principal to the default realm using the following syntax:
# identifier/admin@DEFAULT_REALM
Step 3. Assign the password.