simo at redhat.com
Wed Sep 18 02:45:11 EDT 2013
On Wed, 2013-09-18 at 09:19 +0330, Mahmoud wrote:
> When I use kadmin for management (e.g. add user) get privilege error, but I
> can use FreeIPA Web interface to add user.
> The kadm5.acl contains "*/admin at realm_name * " rule. There exists
> multiple kdc.conf files. the kdc.conf file in the director related to
> kadm5.acl (/var/kerberos/krb5kdc/), is well configured.
> Could you help me please?
FreeIPa explicitly disallow user creation via kadmin, as the tool
wouldn't be able to create a fully functional user or service object,
they would miss a lot of attributes that are added by our framework
I rather suggest you install the admintools package and use the 'ipa'
command to manage users, hosts, services, etc...
Simo Sorce * Red Hat, Inc * New York
More information about the krbdev