On Aug 17, 2006, at 12:20, Fariba wrote: > Thank you and others for replying. If we use the randkey option to > create the principal and do not transfer it to the keytab (if you > transfer it to the keytab, I assume anyone typing the username is > authenticated, so it is nor secure), is there a way to set the real > password? Using k_chpass requires the knowledge of the old > password, which when it is random we do not know it . Unless we can > set the password to known string (even null) for the users, I do > not see an alternative. I think I am answering myself. Seems like > you cannot use kerberos just to store the users and later add their > passwords. Any thoughts?
You'd need some sort of administrator access, either through the kadmin protocol, or the set/change password protocol being worked on in the IETF. Ken ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
