Administering the Kerberos Server
The kadmind CommandThe kadmind CommandThe kadmind command starts the administrative server. This administrative server runs on the Kerberos server that stores the Kerberos principal database. The kadmind command accepts password change requests and remote requests to administer the information in the Kerberos principal database.
Table
Table | Configuration Files Required for kadmind | |
|
|
|
| File Name | Description |
|
|
|
| /opt/krb5/krb.conf | This is the Kerberos configuration |
|
| file that contains configuration |
|
| information for the Kerberos server. |
|
| For more information, see “The |
|
| |
|
|
|
| /opt/krb5/krb.realms | This is the Kerberos realms file that |
|
| maps host names to their realm |
|
| names. For more information, see |
|
| |
|
|
|
| /opt/krb5/admin_acl_file | This is the access control list (ACL) |
|
| of kadmind that lists the various |
|
| principals along with their |
|
| respective permissions. For more |
|
| information, see “The admin_acl_file |
|
| |
|
|
|
| /opt/krb5/password.policy | This is the file that controls the |
|
| password policy for all the |
|
| principals. For more information, |
|
| |
|
| |
|
|
|
112 | Chapter 8 |