|
Home
Search all pages
Subjects
By activity
Professions, Sciences, Humanities, Business, ...
User Interface
Text-based, GUI, Audio, Video, Keyboards, Mouse, Images,...
Text Strings
Conversions, tests, processing, manipulation,...
Math
Integer, Floating point, Matrix, Statistics, Boolean, ...
Processing
Algorithms, Memory, Process control, Debugging, ...
Stored Data
Data storage, Integrity, Encryption, Compression, ...
Communications
Networks, protocols, Interprocess, Remote, Client Server, ...
Hard World
Timing, Calendar and Clock, Audio, Video, Printer, Controls...
File System
Management, Filtering, File & Directory access, Viewers, ...
|
|
|
RocketLink!--> Man page versions:
OpenBSD
KADMIND(8) KADMIND(8)
NAME
kadmind - Kerberos database administration daemon
SYNOPSIS
kadmind [ -n ] [ -h ] [ -r realm ] [ -f filename ] [ -d
dbname ] [ -a acldir ]
DESCRIPTION
kadmind is the network database server for the Kerberos
password-changing and administration tools.
Upon execution, it prompts the user to enter the master
key string for the database.
If the -n option is specified, the master key is instead
fetched from the master key cache file.
If the -r realm option is specified, the admin server will
pretend that its local realm is realm instead of the
actual local realm of the host it is running on. This
makes it possible to run a server for a foreign kerberos
realm.
If the -f filename option is specified, then that file is
used to hold the log information instead of the default.
If the -d dbname option is specified, then that file is
used as the database name instead of the default.
If the -a acldir option is specified, then acldir is used
as the directory in which to search for access control
lists instead of the default.
If the -h option is specified, kadmind prints out a short
summary of the permissible control arguments, and then
exits.
When performing requests on behalf of clients, kadmind
checks access control lists (ACLs) to determine the autho-
rization of the client to perform the requested action.
Currently three distinct access types are supported:
Addition (.add ACL file). If a principal is on this
list, it may add new principals to the database.
Retrieval (.get ACL file). If a principal is on this
list, it may retrieve database entries. NOTE:
A principal's private key is never returned by
the get functions.
Modification
(.mod ACL file). If a principal is on this
list, it may modify entries in the database.
MIT Project Athena Kerberos Version 4.0 1
KADMIND(8) KADMIND(8)
A principal is always granted authorization to change its
own password.
FILES
/var/log/admin_server.log
Default log file.
/etc/kerberosIV Default access control list directory.
admin_acl.{add,get,mod}
Access control list files (within the
directory)
/etc/kerberosIV/principal.pag, /etc/kerberosIV/princi-
pal.dir
Default DBM files containing database
/etc/kerberosIV/master_key
Master key cache file.
SEE ALSO
kerberos(1), kpasswd(1), kadmin(8), acl_check(3)
AUTHORS
Douglas A. Church, MIT Project Athena
John T. Kohl, Project Athena/Digital Equipment Corporation
MIT Project Athena Kerberos Version 4.0 2
Source: OpenBSD 2.6 man pages. Copyright: Portions are copyrighted by BERKELEY
SOFTWARE DESIGN, INC., The Regents of the University of California, Massachusetts
Institute of Technology, Free Software Foundation, FreeBSD Inc., and others. |
(Corrections, notes, and links courtesy of RocketAware.com)
![[Detailed Topics]](/inbndsm.gif)
FreeBSD Sources for kadmind(8)
OpenBSD sources for kadmind(8)
![[Overview Topics]](/outbndsm.gif)
Up to: Kerberos authentication
RocketLink!--> Man page versions:
OpenBSD
Rapid-Links:
Search | About | Comments | Submit Path: RocketAware > man pages >
kadmind.8/
RocketAware.com is a service of Mib Software
Copyright 1999, Forrest J. Cavalier III. All Rights Reserved.
We welcome submissions and comments
|
