Passwordless access to kadmin?
Bryan K. Wright
bryan at ayesha.phys.virginia.edu
Tue Jul 17 13:38:09 EDT 2007
Great! After creating a "webapp/admin" principal and adding
its key to /etc/web.keytab, everything works. Thanks to
everyone for helping me get this working.
Bryan
Russ Allbery <rra at stanford.edu> wrote:
> "Bryan K. Wright" <bryan at ayesha.phys.virginia.edu> writes:
>> But as a side-effect of this, I can then no longer
>> get into kadmin by typing "kadmin -p root/admin" and supplying
>> a password. If I try, kadmin tells me the password is bad.
> Yes, when you create a keytab for a principal, it randomizes the
> password.
>> What do I need to do to make both of these work?
> Don't use the same account for interactive use and for scripted use.
> Instead, create a new principal for scripted use and add it to kadm5.acl.
> --
> Russ Allbery (rra at stanford.edu) <http://www.eyrie.org/~eagle/>
--
========================================================================
Bryan Wright |"If you take cranberries and stew them like
Physics Department | applesauce, they taste much more like prunes
University of Virginia | than rhubarb does." -- Groucho
Charlottesville, VA 22901|
(434) 924-7218 | bryan at virginia.edu
========================================================================
More information about the Kerberos
mailing list