[ Usenet FAQs | Web FAQs | Documents | RFC Index ]
Single Page
Top Document: Kerberos FAQ, v2.0 (last modified 8/18/2000)
Previous Document: 2.20. What is v5passwdd? Do I need to run it?
Next Document: 2.22. What is the difference between the "-a valid" and the "-a user" flags for telnetd?
-
Search the FAQ Archives
Single Page
Top Document: Kerberos FAQ, v2.0 (last modified 8/18/2000)
Previous Document: 2.20. What is v5passwdd? Do I need to run it?
Next Document: 2.22. What is the difference between the "-a valid" and the "-a user" flags for telnetd?
2.21. How do a rename a principal?
In Kerberos 5, you don't :-) There currently is no way to rename a principal using the MIT V5 admin system (even though the man page for kadmin claims otherwise). The issue is that in Kerberos 5, the key is salted using the full principal name, so changing the principal name would invalidate the user's password. However, since the Kerberos database provides the ability to store an alternate key salt, this could actually be implemented. The current workaround is to simply delete the old principal name and create the new principal name.
Top Document: Kerberos FAQ, v2.0 (last modified 8/18/2000)
Previous Document: 2.20. What is v5passwdd? Do I need to run it?
Next Document: 2.22. What is the difference between the "-a valid" and the "-a user" flags for telnetd?
Single Page
[ Usenet FAQs | Web FAQs | Documents | RFC Index ]
Send corrections/additions to the FAQ Maintainer:
Ken Hornstein <kenh@cmf.nrl.navy.mil>
Last Update October 22 2009 @ 05:26 AM