Add kadmin support for principals without keys

Add kadmin support for "addprinc -nokey", which creates a principal
with no keys, and "purgekeys -all", which deletes all keys from a
principal.  The KDC was modified by #7630 to support principals
without keys.

ticket: 7679 (new)

1 files changed, 8 insertions, 2 deletions

diff --git a/doc/admin/admin_commands/kadmin_local.rst b/doc/admin/admin_commands/kadmin_local.rst
index 39351dfd90..a291b678c2 100644
--- a/doc/admin/admin_commands/kadmin_local.rst
+++ b/doc/admin/admin_commands/kadmin_local.rst
@@ -287,6 +287,10 @@ Options:
 **-randkey**
     Sets the key of the principal to a random value.
 
+**-nokey**
+    Causes the principal to be created with no key.  New in release
+    1.12.
+
 **-pw** *password*
     Sets the password of the principal to the specified string and
     does not prompt for a password.  Note: using this option in a
@@ -450,11 +454,13 @@ Example:
 purgekeys
 ~~~~~~~~~
 
-    **purgekeys** [**-keepkvno** *oldest_kvno_to_keep*] *principal*
+    **purgekeys** [**-all**\|\ **-keepkvno** *oldest_kvno_to_keep*] *principal*
 
 Purges previously retained old keys (e.g., from **change_password
 -keepold**) from *principal*.  If **-keepkvno** is specified, then
-only purges keys with kvnos lower than *oldest_kvno_to_keep*.
+only purges keys with kvnos lower than *oldest_kvno_to_keep*.  If
+**-all** is specified, then all keys are purged.  The **-all** option
+is new in release 1.12.
 
 This command requires the **modify** privilege.