diff options
author | Greg Hudson <ghudson@mit.edu> | 2013-07-09 10:58:49 -0400 |
---|---|---|
committer | Greg Hudson <ghudson@mit.edu> | 2013-07-15 12:31:38 -0400 |
commit | 57d0b4b300e43722ae9f080fbf132edeb3834323 (patch) | |
tree | e7d31391c1f241f1685abbb945c85f3c215659ff /doc/admin | |
parent | d9457b501cbab535e5968dbdf195ca334b9fa555 (diff) | |
download | krb5-57d0b4b300e43722ae9f080fbf132edeb3834323.zip krb5-57d0b4b300e43722ae9f080fbf132edeb3834323.tar.gz krb5-57d0b4b300e43722ae9f080fbf132edeb3834323.tar.bz2 |
Add kadmin support for principals without keys
Add kadmin support for "addprinc -nokey", which creates a principal
with no keys, and "purgekeys -all", which deletes all keys from a
principal. The KDC was modified by #7630 to support principals
without keys.
ticket: 7679 (new)
Diffstat (limited to 'doc/admin')
-rw-r--r-- | doc/admin/admin_commands/kadmin_local.rst | 10 |
1 files changed, 8 insertions, 2 deletions
diff --git a/doc/admin/admin_commands/kadmin_local.rst b/doc/admin/admin_commands/kadmin_local.rst index 39351df..a291b67 100644 --- a/doc/admin/admin_commands/kadmin_local.rst +++ b/doc/admin/admin_commands/kadmin_local.rst @@ -287,6 +287,10 @@ Options: **-randkey** Sets the key of the principal to a random value. +**-nokey** + Causes the principal to be created with no key. New in release + 1.12. + **-pw** *password* Sets the password of the principal to the specified string and does not prompt for a password. Note: using this option in a @@ -450,11 +454,13 @@ Example: purgekeys ~~~~~~~~~ - **purgekeys** [**-keepkvno** *oldest_kvno_to_keep*] *principal* + **purgekeys** [**-all**\|\ **-keepkvno** *oldest_kvno_to_keep*] *principal* Purges previously retained old keys (e.g., from **change_password -keepold**) from *principal*. If **-keepkvno** is specified, then -only purges keys with kvnos lower than *oldest_kvno_to_keep*. +only purges keys with kvnos lower than *oldest_kvno_to_keep*. If +**-all** is specified, then all keys are purged. The **-all** option +is new in release 1.12. This command requires the **modify** privilege. |