kadmin-remctl 2.3 released

Russ Allbery rra at stanford.edu
Thu Jan 8 00:12:44 EST 2009 

I'm pleased to announce release 2.3 of kadmin-remctl.

kadmin-remctl provides a remctl backend that implements basic Kerberos
account administration functions (create, delete, enable, disable, reset
password, examine) plus user password changes and a call to strength-check
a given password.  It can also provide similar management of instances and
creation, deletion, and management of accounts in MIT Kerberos, Active
Directory, and an AFS kaserver where appropriate.  Also included is a
client for privileged users to use for password resets.  Many of the
defaults and namespace checks are Stanford-specific, but it can be
modified for other sites.

Changes from previous release:

    Properly add support for examining principals with instances we don't
    manage.  Previous versions were supposed to support this but didn't
    due to a bug in argument passing.

    Improve the conversion of Kerberos v5 principal names to Kerberos v4
    principal names for examine against an AFS kaserver, although it's
    still not as good as calling the Kerberos library routine would be.

    Attempt to determine if the library directory for remctl (and the
    directory for Kerberos and GSS-API libraries if krb5-config isn't
    found) is lib32 or lib64 instead of lib and set LDFLAGS accordingly.
    Based on an idea from the CMU Autoconf macros.

    Add --with-remctl-include, --with-remctl-lib, --with-gssapi-include,
    --with-gssapi-lib, --with-krb5-include, and --with-krb5-lib configure
    options to allow more specific setting of paths if necessary.

    Check at configure time that we can link with the remctl library we
    found.

You can download it from:

    <http://www.eyrie.org/~eagle/software/kadmin-remctl/>

This package is maintained using Git; see the instructions on the above
page to access the Git repository.

Please let me know of any problems or feature requests not already listed
in the TODO file.

-- 
Russ Allbery (rra at stanford.edu)             <http://www.eyrie.org/~eagle/>

More information about the Kerberos mailing list