We are using a combination of Linux and FreeBSD here. We use Kerberos 5 for authentication and cfengine to distribute a global /etc/passwd file.
I want to write an add-user script which handles our particular set-up, so that it prompts the user to enter Unix ID, user name and so on, and then creates the relevant Kerberos principle and entry in our /etc/passwd file. This would seem to mean calling kadmin and getting the administrator to authenticate. But I can't get it to work. kadmin seems not to be reading the admin password from stdin. Presumably its being careful about only reading it from a terminal (sensible). So how do I do this? Is there a way? Or am I just going to have to write a HOWTO instruction list telling the administrator to type in the kadmin runes? Thanks in advance, Paul.
