[1180] in Kerberos_V5_Development
Re: kadm5 (ovsec_kadm) api, version 2
daemon@ATHENA.MIT.EDU (Barry Jaspan)
Wed May 15 14:10:52 1996
Date: Wed, 15 May 1996 14:08:14 -0400
From: "Barry Jaspan" <bjaspan@MIT.EDU>
To: jik@annex-1-slip-jik.cam.ov.com
Cc: krbdev@MIT.EDU, secure@cam.ov.com
In-Reply-To: <199605151758.RAA25990@jik.israel.net> (message from Jonathan Kamens on Wed, 15 May 1996 17:58:00 GMT)
What does ovsec_kadm_flush do?
ovsec_kadm_flush flushes all outstanding databases changes to disk;
basically it closes and re-opens the databases. The current OV server
violates abstraction barriers by calling the krb5_db and adb_close
functions directly which is no longer possible in krb5.5+. I had to
write this function to get the admin server to work in krb5.5+.
One of the big features we dropped from the first version of the API
was retrieving lists of users, preferably using some sort of
wildcarding.
I implemented this before leaving OV (ovsec_kadm_get_principals,
ovsec_kadm_get_policies). The CLI (which OV ships as secure_admin_cli
in the unsupported directory) provides it; the GUI did not when I
left, I don't know if the new Authenticate/SecureMax GUI does.
Barry
