On Tue, 11 Dec 2001, Gill, Vern wrote: > I have done this; > kdb5_util create -s > kadmin.local -q "ktadd -k kadm5.keytab kadmin/admin" > kadmin.local -q "ktadd -k kadm5.keytab kadmin/changepw" > kadmin.local -q "addprinc [EMAIL PROTECTED]" > kadmin.local -q "addprinc [EMAIL PROTECTED]" > shell# kadmin.local > Authenticating as principal [EMAIL PROTECTED] with password. > kadmin.local: addprinc [EMAIL PROTECTED] > WARNING: no policy specified for [EMAIL PROTECTED]; defaulting to no > policy > Enter password for principal "[EMAIL PROTECTED]": > Re-enter password for principal "[EMAIL PROTECTED]": > Principal "[EMAIL PROTECTED]" created. > kadmin.local: quit
> Did I miss something? > I am following the instructions here http://www.bayour.com/LDAPv3-HOWTO.html > to some extent... Ok, then you have everything in the database that you need in order to use kadmin -- you just have to run "kadmin -p vgill/admin" so that it knows which principal to authenticate as (kadmin guesses by adding '/admin' to your login name -- but this doesn't work when you're root). So long as vgill/admin is in the kadm5.acl file (you don't mention whether you've done this), you'll be able to use kadmin once you've authenticated as this principal. Cheers, Steve Langasek postmodern programmer
