The OpenNET Project / Index page

[ новости /+++ | форум | теги | ]

Интерактивная система просмотра системных руководств (man-ов)

 ТемаНаборКатегория 
 
 [Cписок руководств | Печать]

kadmind (8)
  • kadmind (1) ( Solaris man: Команды и прикладные программы пользовательского уровня )
  • >> kadmind (8) ( FreeBSD man: Команды системного администрирования )

    • BSD mandoc
    HEIMDAL  

    NAME

    kadmind

 - server for administrative access to Kerberos database

 

    SYNOPSIS

    [-c file --config-file= file ] [-k file --key-file= file ] [--keytab= keytab ] [-r realm --realm= realm ] [-d | --debug ] [-p port --ports= port ] [--no-kerberos4 ]  

    DESCRIPTION

    listens for requests for changes to the Kerberos database and performs these, subject to permissions. When starting, if stdin is a socket it assumes that it has been started by inetd(8), otherwise it behaves as a daemon, forking processes for each new connection. The --debug option causes to accept exactly one connection, which is useful for debugging.

    If built with krb4 support, it implements both the Heimdal Kerberos 5 administrative protocol and the Kerberos 4 protocol. Password changes via the Kerberos 4 protocol are also performed by kadmind but the kpasswdd(8) daemon is responsible for the Kerberos 5 password changing protocol (used by kpasswd(1))

    This daemon should only be run on the master server, and not on any slaves.

    Principals are always allowed to change their own password and list their own principal. Apart from that, doing any operation requires permission explicitly added in the ACL file /var/heimdal/kadmind.acl The format of this file is: principal rights [principal-pattern ]

    Where rights is any (comma separated) combination of:

    And the optional principal-pattern restricts the rights to operations on principals that match the glob-style pattern.

    Supported options:

    -c file --config-file= file
    location of config file
    -k file --key-file= file
    location of master key file
    --keytab= keytab
    what keytab to use
    -r realm --realm= realm
    realm to use
    -d --debug
    enable debugging
    -p port --ports= port
    ports to listen to. By default, if run as a daemon, it listens to ports 749, and 751 (if Kerberos 4 support is built and enabled), but you can add any number of ports with this option. The port string is a whitespace separated list of port specifications, with the special string ``+'' representing the default set of ports.
    --no-kerberos4
    make ignore Kerberos 4 kadmin requests.

     

    FILES

    /var/heimdal/kadmind.acl  

    EXAMPLES

    This will cause to listen to port 4711 in addition to any compiled in defaults:

    This acl file will grant Joe all rights, and allow Mallory to view and add host principals. 

    joe/admin@EXAMPLE.COM      all
mallory/admin@EXAMPLE.COM  add,get  host/*@EXAMPLE.COM
     

    SEE ALSO

    kpasswd(1), kadmin(8), kdc(8), kpasswdd(8)

     

    Index

    NAME
    SYNOPSIS
    DESCRIPTION
    FILES
    EXAMPLES
    SEE ALSO

    Поиск по тексту MAN-ов: 




    Партнёры:
    PostgresPro
    Inferno Solutions
    Hosting by Hoster.ru
    Хостинг:

    Закладки на сайте
    Проследить за страницей     		Created 1996-2024 by Maxim Chirkov
    Добавить, Поддержать, Вебмастеру