Administering the Kerberos Server
Setting Administrative Permissions
|
| Setting Administrative Permissions |
|
| Use the HP Kerberos Administrator window to assign administrative |
|
| permissions to users. When you assign administrative permissions to a |
|
| principal, the principal and its permissions are saved to |
|
| admin_acl_file located on the primary security server. |
|
| HP recommends that you add the /admin instance to a principal to |
|
| identify a principal as an administrator. The /admin instance of the user |
|
| must have a password different from the password for other instances, |
|
| thus providing additional security during administrative tasks. To |
|
| perform administrative tasks, you must log on to the HP Kerberos |
|
| Administrator with the admin principal, for instance, |
|
| user/admin@REALM. |
|
| To set administrative permission, complete the following steps: |
Step | 1. | In the HP Kerberos Administrator window, choose the Principals tab |
|
| and select the realm where the principal is located. |
Step | 2. | Click List All or Search to find the principal for which you want to |
|
| assign administrative permissions. For more information on how to |
|
| search a principal, see “Searching for a Principal” on page 149. |
Step | 3. | Click Edit to display the Principal Information window (Figure |
Step | 4. | Choose the Principal Information>Edit, and choose the Edit |
|
| Administrative Permissions option to display the Administrative |
|
| Permissions window (Figure |
Step | 5. | In the Administrative Permissions window, select the appropriate |
|
| permissions for the principal. You can assign permission for the principal |
|
| for all realms or only for the realm where the principal resides. |
|
| To enable a principal to run the remote or local administrative utility, |
|
| you must enable the Inquire About Principals option. For more |
|
| information, see “Administrative Permissions” on page 189. |
Step | 6. | Click OK to save the permissions to admin_acl_file. |
188 | Chapter 8 |