Linux and UNIX Man Pages

Linux & Unix Commands - Search Man Pages

kpasswd(1) [opendarwin man page]

kpasswd(1)                                                         User Commands                                                        kpasswd(1)

kpasswd - change a user's Kerberos password SYNOPSIS
/usr/bin/kpasswd [principal] DESCRIPTION
The kpasswd command is used to change a Kerberos principal's password. kpasswd prompts for the current Kerberos password, which is used to obtain a changepw ticket from the KDC for the user's Kerberos realm. If kpasswd successfully obtains the changepw ticket, the user is prompted twice for the new password, and the password is changed. If the principal is governed by a policy that specifies the length and/or number of character classes required in the new password, the new password must conform to the policy. (The five character classes are lower case, upper case, numbers, punctuation, and all other charac- ters.) OPERANDS
The following operand is supported: principal Change the password for the Kerberos principal principal. Otherwise, the principal is derived from the identity of the user invoking the kpasswd command. FILES
/tmp/ovsec_adm.xxxxxx Temporary credentials cache for the lifetime of the password changing operation. (xxxxxx is a random string.) ATTRIBUTES
See attributes(5) for descriptions of the following attributes: +-----------------------------+-----------------------------+ | ATTRIBUTE TYPE | ATTRIBUTE VALUE | +-----------------------------+-----------------------------+ |Availability |SUNWkrbu | +-----------------------------+-----------------------------+ |CSI |Enabled | +-----------------------------+-----------------------------+ SEE ALSO
If kpasswd is suspended, the changepw tickets may not be destroyed. SunOS 5.10 30 Jul 2001 kpasswd(1)

Check Out this Related Man Page

gkadmin(1M)						  System Administration Commands					       gkadmin(1M)

gkadmin - Kerberos database administration GUI, SEAM Administration Tool SYNOPSIS
/usr/sbin/gkadmin DESCRIPTION
gkadmin is an interactive graphical user interface (GUI) that enables you to maintain Kerberos principals and policies. gkadmin provides much the same functionality as the kadmin(1M) command. gkadmin does not support the management of keytabs. You must use kadmin for keytabs management. gkadmin uses Kerberos authentication and an encrypted RPC to operate securely from anywhere on the network. When gkadmin is invoked, the login window is populated with default values. For the principal name, gkadmin determines your user name from the USER environment variable. It appends /admin to the name (username/admin) to create a default user instance in the same manner as kad- min. It also selects appropriate defaults for realm and master KDC (admin_server) from the /etc/krb5/krb5.conf file. You can change these defaults on the login window. When you enter your password, a session is started with kadmind. Operations performed are subject to permissions that are granted or denied to the chosen user instance by the Kerberos ACL file. See kadm5.acl(4). After the session is started, a tabbed folder is displayed that contains a principal list and a policy list. The functionality is mainly the same as kadmin, with addition, deletion, and modification of principal and policy data available. In addition, gkadmin provides the following features: o New principal or policy records can be added either from default values or from the settings of an existing principal. o A comment field is available for principals. o Default values are saved in $HOME/.gkadmin. o A logout option permits you to log back in as another user instance without exiting the tool. o Principal and policy lists and attributes can be printed or saved to a file. o Online context-sensitive help and general help is available in the Help menu. FILES
/etc/krb5/krb5.conf Kerberos configuration information on a Kerberos client. Used to search for default realm and master KDC (admin_server), including a port number for the master KDC. $HOME/.gkadmin Default parameters used to initialize new principals created during the session. ATTRIBUTES
See attributes(5) for descriptions of the following attributes: +-----------------------------+-----------------------------+ | ATTRIBUTE TYPE | ATTRIBUTE VALUE | +-----------------------------+-----------------------------+ |Availability |SUNWkdcu | +-----------------------------+-----------------------------+ |Interface Stability |Evolving | +-----------------------------+-----------------------------+ SEE ALSO
kpasswd(1), kadmin(1M), kadmind(1M), kadmin.local(1M), kdb5_util(1M), kadm5.acl(4), kdc.conf(4), krb5.conf(4), attributes(5), SEAM(5) DIAGNOSTICS
The gkadmin interface is currently incompatible with the MIT kadmind daemon interface, so you cannot use this interface to administer an MIT-based Kerberos database. However, SEAM-based Kerberos clients can still use an MIT-based KDC. SunOS 5.10 25 Feb 2002 gkadmin(1M)
Man Page