Configuring the Primary and Secondary Security Server
Configuring the Primary Security Server
Step | 4. | Use the Edit>Edit Administrative Permissions menu to assign ALL |
|
| administrative permissions to the principal. |
Step | 5. | On the Attributes tab, clear the Require Password Change checkbox |
|
| to disable the password change requirement. |
|
| You can also disable the password change requirement by setting the |
|
| NoReqChangePwd setting in the principal’s password policy file to 1. |
|
|
|
NOTE |
| By default, the principal account requires a password change at the first |
|
| logon. However, kadmin does not permit password changes, unless you |
|
| have explicit permissions to change your password. |
|
|
|
Step | 6. | Save your changes and close the HP Kerberos Administrator. |
|
| For more information on using the HP Kerberos Administrator, see “HP |
|
| |
|
| To Add an Administrative Principal Through the Command Line |
|
| Following steps show how to add an administrative principal through the |
|
| |
Step | 1. | Run the kadmin |
Step | 2. | Add a new principal to the default realm using the following syntax: |
|
| command: add |
|
| Name of Principal to add: admin |
Enter password:password
Enter policy name (Press enter key to apply default policy): Principal added
For more information on assigning administrative privileges to principals, see “Manual Administration Using kadmin” on page 202.
Create the host/<fqdn> Principal and Extracting the Service KeyTo allow principal database propagation, the primary security server must have a host/<fqdn> principal and the service key for this principal must be extracted to the service key table file of the server.
98 | Chapter 7 |