[6976] in Kerberos
Re: a few EASY questions, for once :)
daemon@ATHENA.MIT.EDU (Forrest J. Fisher)
Mon Apr 1 17:46:43 1996
Date: Mon, 1 Apr 1996 14:23:05 -0800 (PST)
From: "Forrest J. Fisher" <forrestf@destiny.esd105.wednet.edu>
To: sysop@megahits.com
Cc: kerberos@MIT.EDU
In-Reply-To: <1.5.4b13.32.19960401154319.002c637c@megahits.com>
On Mon, 1 Apr 1996 sysop@megahits.com wrote:
> a few relatively simple questions. (the setup is CNS V4 on linux 1.2.13)
>
> After running and quitting the kadmin program, it leaves behind "residue" in
> the form of a line which can be found by doing a ps -aux, looking very
> similar to this:
> --
> root 4968 0.0 0.0 173 0 ? Z Mar 30 0:00 (kadmind) <zombie>
> --
> Over time, and after using kadmin on a fairly consistent basis, these zombie
> processes start to pile up. Is there any way to get rid of them, or ensure
> that they don't exist to begin with?
>
I have no idea, haven't had that problem.
> also - is there a way to get a list of all the people we have "ank'd" with
> kadmin?
>
Yes,
Look for a program called "kdb_util", it's probably in an area like:
/usr/local/kerberos/etc
Then, give the command: kdb_util dump test
This will "dump" the entire contents of your database into a text file
called "test". Then use any text editor to view or edit this file. This
is the only way to remove users BTW. By deleting the entire line for a
user, that person will be removed from the database. Save the file.
Then, use the command: kdb_util load test
This will return the updated "test" file back into the database. That
should do it. If you didn't change the "test file, there is no need to
"load" it back in. But, you probably should delete the test file for
security reasons.
> last but not least - we are an ISP using kerberos to authenticate modem
> access requests over frame relays via a xyplex terminal server - is there a
> way to list who is online at the current time? Or rather, who is using the
> system, much like a unix "who" command?
>
In order to do this you need to telnet to your xyplex box, probably into
port 2000, maybe port 23. Once connected and at the xyplex prompt, you
can give the "who" command and see who is online. But you can do this
whether you are running kerberos or not.
I hope this helps!
Forrest J. Fisher :-{)
Director, Educational Technology Support Center
Educational Service District 105 - 33 South 2nd Avenue
Yakima, Washington 98902 (509) 454-3134
Out of the computer, down the Ethernet, through the Hub, over to the
router, down the T1, past the firewall.... nothin' but Net.
