Remote Kerberos Administration - Novell LINUX ENTERPRISE SERVER 10 - INSTALLATION AND ADMINISTRATION 08-05-2008 Installation Manual
Hide thumbs
Also See for LINUX ENTERPRISE SERVER 10 - INSTALLATION AND ADMINISTRATION 08-05-2008:
- Supplementary manual (18 pages)
Table of Contents
Advertisement
• Use Clock Skew to set a value for the allowable difference between the time stamps
and your host's system time.
• To keep the system time in sync with an NTP server, you can also set up the host
as an NTP client by selecting NTP Configuration, which opens the YaST NTP
client dialog that is described in
YaST"
(page 605). After finishing the configuration, YaST performs all the necessary
changes and the Kerberos client is ready for use.
Figure 46.2 YaST: Advanced Configuration of a Kerberos Client
46.7 Remote Kerberos Administration
To be able to add and remove principals from the Kerberos database without accessing
the KDC's console directly, tell the Kerberos administration server which principals
are allowed to do what. Do this by editing the file /var/lib/kerberos/krb5kdc/
kadm5.acl. The ACL (access control list) file allows you to specify privileges with
a fine degree of control. For details, refer to the manual page with man 8 kadmind.
Right now, just grant yourself the privilege to do anything you want with the database
by putting the following line into the file:
Section 32.1, "Configuring an NTP Client with
Installing and Administering Kerberos
855
Advertisement
Table of Contents
Troubleshooting
Need help?
Do you have a question about the LINUX ENTERPRISE SERVER 10 - INSTALLATION AND ADMINISTRATION 08-05-2008 and is the answer not in the manual?
Questions and answers