Creating a principal using the kadmin C API
Greg Hudson
ghudson at mit.edu
Fri Apr 8 00:35:29 EDT 2022
On 4/7/22 16:19, Lars Francke wrote:
> We tried to use kadm5_create_principal_3 and kadm5_randkey_principal_3 but
> we seem to be running into an issue. Ideally we'd like to call this
> function with a handle (+ context) with an in-memory krb5.conf but that
> does not seem to work so we create the files and refer to them in the
> profile but kadmin still seems to load (is this related to the
> "alt_profile"?) a file from a default location which means it'll use the
> wrong connection details.
krb5_init_context_profile() lets you supply a profile object. If this
is created with profile_init_path(), the application should be able to
strictly control which file is used.
It is possible to create an in-memory profile with
profile_init_vtable(). Perhaps it would be nicer if one could create an
empty in-memory profile object and populate it with
profile_add_relation(), but that is not currently implemented.
More information about the Kerberos
mailing list