Perl kadmin interface

Paul M Fleming pfleming at siumed.edu
Fri Aug 27 10:42:47 EDT 2004 

a create example:

	$userid is the userid to create "jsmith"

	$handle =
Authen::Krb5::Admin->init_with_password("$ADMINPRINC",$adminpass);
        $kp = Authen::Krb5::parse_name($userid) or warn
Authen::Krb5::error;
        $kap = Authen::Krb5::Admin::Principal->new or warn
Authen::Krb5::error;
        $kap->principal($kp) or warn Authen::Krb5::error;
        $kap->policy("default") or warn Authen::Krb5::error;
        $kap->pw_expiration(time()+$INITIAL_PASSWORD_LIFETIME);
        $kap->mask & KADM5_PW_EXPIRATION;
	$handle->create_principal($kap,$pass);


David Botsch wrote:
> 
> We are using it here to allow users to change their kerberos passwords
> via the web:
> 
>      # Initialization
>      my $krb5context = Authen::Krb5::init_context();
>      Authen::Krb5::init_ets();
> 
>      # Authenticate
>      my $krb5princ = Authen::Krb5::parse_name($username);     my $kadm5
> = Authen::Krb5::Admin->init_with_password($username, $oldpw);
> 
>      if (! defined($kadm5)) {
>          print "<p>Could not authenticate. Are you sure your Old
> Password was cor
> rect?</p>";
>          exit 0;
>      }
> 
>      # Change pw
>      my $errorcode = $kadm5->chpass_principal($krb5princ, $newpw);
>          if ($errorcode != 1) {
>          print "<p><b><font color=red>Something went wrong, code
> $errorcode</font
> > </b></p>";
>          exit 0;
>      }
> 
> On 2004.08.26 23:32 Jason T Hardy wrote:
> > I'm tinkering around with the Authen::Krb5::Admin Perl module but
> > stumbling when creating/deleting principals. I may be totally off:
> >
> > ...
> > $principal = Authen::Krb5::Admin::Principal::new($userName) or die
> > Authen::Krb5::Admin::error;
> > $statusmsg = $kadm5->create_principal($principal, $userPassword) or
> > die Authen::Krb5::Admin::error;
> > ...
> >
> > I've been unable to find any useful documentation on the Internet. Has
> > anyone on this list had success using this module? I'd be happy to
> > share
> > my code when finished.
> >
> > Jason
> > --
> > Jason T Hardy
> > Unix Systems Administrator
> > Office of Information Technology
> > University of Texas at Arlington
> >
> > http://www.uta.edu/linux/
> >
> > ________________________________________________
> > Kerberos mailing list           Kerberos at mit.edu
> > https://mailman.mit.edu/mailman/listinfo/kerberos
> >
> 
> --
> ********************************
> David William Botsch
> Consultant/Advisor II
> CCMR Computing Facility
> dwb7 at ccmr.cornell.edu
> ********************************
> ________________________________________________
> Kerberos mailing list           Kerberos at mit.edu
> https://mailman.mit.edu/mailman/listinfo/kerberos

More information about the Kerberos mailing list