HP UX Kerberos Data Security Software manual 81

Configuration

Add An Administrative Principal

To enable authentication, you must disable the password change requirement when you create the administrative principal account.

If you are using the kadminl_ui, go to the Attributes tab on the Principal Information Window and clear the Require Password Change checkbox. If you are using kadminl, use the mod command and set nopwchg to indicate no password change is required.

You can also disable the password change requirement by setting the NoReqChangePwd setting in the principal’s password policy file to 1.

Refer to “Administrator” on page 114, for more information on using the Administrator.

To add an administrative principal using the Remote Command-Line-Administrator

1.Run Command-Line-Administrator,kadmin

2.Add a new principal to the default realm using the following syntax:

command: add

Name of Principal to add: admin

Enter password:password

Re-enter password for verification:password

Principal added

Refer to “Manual Administration Using kadmin” on page 170, for more information on assigning administrative privileges to principals.