Administering the Kerberos Server
The kadmin and kadminl UtilitiesThe kadmin and kadminl UtilitiesThe kadmin and kadminl Kerberos
The kadmin utility is the remote Kerberos client. It resides on the secondary security servers and client systems. The kadminl utility is the local client; it resides on the primary security server and is intended for use by individuals with root access privileges. You can use kadmin to remotely maintain the database on the primary security server from the local workstation.
Alternatively, you can also use the GUI administrative utility kadmin_ui for remote administration and kadminl_ui for local administration.
Before you log on to the remote administrator from a secondary security server or use a client, add the administrative principal to the database on the primary security server.
To log on to the remote administrator, kadmin, use a principal account that has an entry in admin_acl_file. For complete access to all functions, use an unrestricted administrative principal account with the
*permission in admin_acl_file. The account must have at least the inquire privileges. For more information on administrative permissions, see “The admin_acl_file File” on page 113.
For more information on the kadmin option, type man 1 kadmin at the
130 | Chapter 8 |