Search the FAQ Archives

3 - A - B - C - D - E - F - G - H - I - J - K - L - M
N - O - P - Q - R - S - T - U - V - W - X - Y - Z
faqs.org - Internet FAQ Archives

Kerberos FAQ, v2.0 (last modified 8/18/2000)
Section - 2.20. What is v5passwdd? Do I need to run it?

( Single Page )
[ Usenet FAQs | Web FAQs | Documents | RFC Index | Property taxes ]


Top Document: Kerberos FAQ, v2.0 (last modified 8/18/2000)
Previous Document: 2.19. What does krb524d do? Do I need to run it?
Next Document: 2.21. How do a rename a principal?
See reader questions & answers on this topic! - Help others by sharing your knowledge
The v5passwdd daemon implements the "old" Kerberos 5 password changing
protocol (before OpenVision donated their admin server).

This protocol is used by a few Kerberos 5 clients; the only ones I know of
are the MIT Win32 Kerberos client, and some Xyplex terminal servers. If you
don't have any programs that use this protocol, or you don't want people who
use those clients to be able to change their password, then you don't need
to run it.

If you do need to run it, you'll need to do the following things:

   * Create a special changepw principal, of the form:

        o changepw/YOUR.REALM@YOUR.REALM

     Make sure this principal has the same attributes as the kadmin/changepw
     principal; specificially, set the DISALLOW_TGS_REQ and
     PASSWORD_CHANGING_SERVICE attributes.

   * Add this principal's key to the admin keytab (see the original
     installation instructions for this procedure)

   * Start the v5passwdd with the following sample command line:

        o v5passwdd -port 464 -T /path/to/admin/keytab

User Contributions:

Comment about this article, ask questions, or add new information about this topic:

CAPTCHA




Top Document: Kerberos FAQ, v2.0 (last modified 8/18/2000)
Previous Document: 2.19. What does krb524d do? Do I need to run it?
Next Document: 2.21. How do a rename a principal?

Single Page

[ Usenet FAQs | Web FAQs | Documents | RFC Index ]

Send corrections/additions to the FAQ Maintainer:
Ken Hornstein <kenh@cmf.nrl.navy.mil>





Last Update March 27 2014 @ 02:11 PM