Support for Microsoft Set Password protocol
Nicolas.Williams at sun.com
Wed Apr 2 11:30:21 EST 2003
A change keys API will also be needed.
Inputs? A principal name, a keytab name, an optional list of enctypes
and a flag/kvno indicating whether to remove old keytab entries.
Outputs? Success/failure. Side effects? New keytab entries.
Alternatively the API should not edit a keytab but return a bunch of
keys (though each key including a principal name[*] and real name and a
kvno). Leaving it to the application to actually store the keys in a
[*] Needed for principal aliasing. See the v2 draft.
More information about the krbdev