KRB5_KDB_NEW_PRINC

[Matt Crawford]

I was casting about for a means to solve my next problem (allowing
the next-gen personnel database monster to allocate new user
principals, but do nothing else) when I stumbled across this in
include/krb5/ChangeLog

Fri Nov 03 04:37:56 1995   Chris Provenzano (proven at mit.edu)

        * adm.h : Constant changes for the new kadmin code.
        * kdb.h : Added attribute bit KRB5_KDB_NEW_PRINC. This will 
                allow kadmin administrators with add acls to modify a
                principal until this bit is cleared. 

KRB5_KDB_NEW_PRINC doesn't seem to have gone anywhere (or else it
faded away), but it seems like just the thing I need.  Please fail to
kill it off in future releases.

(I'll just add it to lib/kadm5/str_conv.c and do one or two other
little things and I'll be off and running ...)