One catch: I can't rename your kerberos principals [*], and I don't
want to know your passwords (in order to create new principals). So,
adamc/docelic/mwolson, could you please:
ssh -p 2222 [EMAIL PROTECTED]
sudo kadmin.local
ank -policy admin [EMAIL PROTECTED]
<type password>
delprinc myname/[EMAIL PROTECTED]
Then, in a separate window, make sure you can [still] log in to
deleuze -- before logging out the first window. Just in case.
- a
[*] I think I recall some arcane cryptographic reason for this, like
the principal name being used as salt somewhere.
Adam Megacz <[EMAIL PROTECTED]> writes:
> Davor Ocelic <[EMAIL PROTECTED]> writes:
>> Adam M., since you've verified that your account works,
>> could you do the same thing for the rest of our accounts?
>
> Okay, should be set now. Please let me know if I broke anything :)
> Remember to use your kerberos password (if it differs from your unix
> password).
>
> Is the account "root.admin" used for anything? If not, we should
> delete it.
>
> [EMAIL PROTECTED]:~$pts listentries | grep _admin
> adamc_admin 1001 -204 9997
> adamc_admin.cgi 10211 -204 9997
> adamc_admin.mailfilter 10210 -204 9997
> docelic_admin.cgi 10208 -204 9997
> docelic_admin.mailfilter 10207 -204 9997
> docelic_admin 1116 -204 9997
> megacz_admin 9997 -204 10064
> ntk_admin 1113 -204 9997
> mwolson_admin 1115 -204 9997
> [EMAIL PROTECTED]:~$pts mem system:administrators
> Members of system:administrators (id: -204) are:
> root.admin
> adamc_admin
> mwolson_admin
> docelic_admin
> megacz_admin
>
> - a
>
> --
> PGP/GPG: 5C9F F366 C9CF 2145 E770 B1B8 EFB1 462D A146 C380
--
PGP/GPG: 5C9F F366 C9CF 2145 E770 B1B8 EFB1 462D A146 C380
_______________________________________________
HCoop-SysAdmin mailing list
[email protected]
http://hcoop.net/cgi-bin/mailman/listinfo/hcoop-sysadmin
