HP UX Kerberos Data Security Software manual 175

Administration

Manual Administration Using kadmin

[-p keytype] Defines the key type for the primary key, and extracts it to the service key table file. Supported values for keytype are 1 for DES type and 5 for 3DES type.

[-a keytype] Defines the key type for the secondary key and extracts it to the service key table file.

Supported values for keytype are 0 for no secondary key, 1 for DES and 5 for 3DES.

[principal] Specifies an alternate principal to extract other than the default host/fqdn@REALM principal.

For example, ext finance@BAMBI.COM

After ext executes, it prompts you for the service key table file name. The default file name is /krb5/v5srvtab.

List the Attributes of a Principal

The inq command lists the various attributes of the specified principal, if it does exist. If the principal is not in the database, kadmin informs you.

The general syntax for listing the various attributes of the specified principal:

command: inq

For example, to list the attributes of the principal “admin”, you would do the following:

command: inq

Name of Principal: admin

Modifying a Principal

To modify attributes of a principal in the database, use the kadmin mod command. The parameter type needs to be also specified. Given below is a list of the parameters that can be modified.

Attributes (attr) Specify properties associated with the principal. To view a list of attributes from the command line, type the following and then press ENTER:

Command: attr

Attribute (or quit): ?