Simo Sorce simo at redhat.com
Wed Sep 18 02:45:11 EDT 2013

On Wed, 2013-09-18 at 09:19 +0330, Mahmoud wrote:
> Hello,
> When I use kadmin for management (e.g. add user) get privilege error, but I
> can use FreeIPA Web interface to add user.
> The kadm5.acl contains "*/admin at realm_name   * " rule. There exists
> multiple kdc.conf files. the kdc.conf file in the director related to
> kadm5.acl (/var/kerberos/krb5kdc/), is well configured.
> Could you help me please?

Hi Mahmoud,
FreeIPa explicitly disallow user creation via kadmin, as the tool
wouldn't be able to create a fully functional user or service object,
they would miss a lot of attributes that are added by our framework

I rather suggest you install the admintools package and use the 'ipa'
command to manage users, hosts, services, etc...


Simo Sorce * Red Hat, Inc * New York

More information about the krbdev mailing list