[878] in Kerberos
Re: Kerberos Difficulties
daemon@ATHENA.MIT.EDU (Tai Jin)
Thu Feb 22 15:27:49 1990
From: Tai Jin <tai@IAG.HP.COM>
To: ctt.bellcore.com!lunt@BELLCORE.BELLCORE.COM
Cc: kerberos@ATHENA.MIT.EDU
In-Reply-To: (Steve Lunt's message of 22 Feb 90 19:41:23 GMT <20243@bellcore.bellcore.com>
Do you know what is wrong here? I was able to get a ticket from the Kerberos
server (as evidenced from the output of klist), but kpasswd seems not to be
able to connect to that server. Is there some other server I need to define
somewhere?
I don't know about your kpasswd problem. I've modified kadmin to
allow users to change their passwords instead of using kpasswd.
1. The operation guide neglected to inform me that, apparently (after pouring
through source code), you need to create a "changepw" principal via kdb_edit
in order to use kpasswd. The error message caused by this was not
indicative of the problem.
The changepw principal should have been created by kdb_init.
2. There is no utility to list all entries in the Kerberos master database (a
sort of /usr/etc/kdb_list). I have written one, using kdb_edit and
kdb_util as models.
You can say "kdb_util dump file" and look at the file.
3. There is no utility to delete an entry from the Kerberos master database (a
sort of /usr/etc/kdb_del).
You can say "kdb_util dump file; edit file; kdb_util load file". I do
this in a script.
...tai
