4 files changed, 1 insertions, 33 deletions

diff --git a/src/kadmin/server/kadmind.M b/src/kadmin/server/kadmind.M
index d54b7c2151..83c67ec3eb 100644
--- a/src/kadmin/server/kadmind.M
+++ b/src/kadmin/server/kadmind.M
@@ -32,19 +32,6 @@ understands a number of variable settings in this file, some of which are
 mandatory and some of which are optional.  See the CONFIGURATION VALUES
 section below.
 .TP
-keytab
-.B Kadmind
-requires a keytab containing correct entries for the 
-.I kadmin/admin
-and
-.I kadmin/changepw
-principals for every realm that kadmind will answer requests for.  The
-keytab can be created with the
-.IR kadmin (8)
-client.  The location of the keytab is determined by the
-.I admin_keytab
-configuration variable (see CONFIGURATION VALUES).
-.TP
 ACL file
 .BR Kadmind 's
 ACL (access control list) tells it which principals are allowed to
@@ -145,17 +132,6 @@ The path of kadmind's password dictionary.  A principal with any
 password policy will not be allowed to select any password in the
 dictionary.  Optional.  No default.
 .TP
-admin_keytab
-The name of the keytab containing entries for the principals
-.I kadmin/admin
-and
-.I kadmin/changepw
-in each realm that
-.B kadmind
-will serve.  The default is the value of the 
-.SM KRB5_KTNAME
-environment variable, if defined.  Mandatory.
-.TP
 kadmind_port
 The
 .SM TCP
diff --git a/src/kadmin/testing/proto/kdc.conf.proto b/src/kadmin/testing/proto/kdc.conf.proto
index 6f9edeb5b3..943270d98f 100644
--- a/src/kadmin/testing/proto/kdc.conf.proto
+++ b/src/kadmin/testing/proto/kdc.conf.proto
@@ -5,7 +5,6 @@
 	__REALM__ = {
 		profile = __K5ROOT__/krb5.conf
 		database_name = __K5ROOT__/kdb5
-		admin_keytab = __K5ROOT__/ovsec_adm.srvtab
 		key_stash_file = __K5ROOT__/.k5.__REALM__
 		acl_file = __K5ROOT__/ovsec_adm.acl
 		dict_file = __K5ROOT__/ovsec_adm.dict
diff --git a/src/kadmin/testing/tcl/util.t b/src/kadmin/testing/tcl/util.t
index 7721609902..6751f89e63 100644
--- a/src/kadmin/testing/tcl/util.t
+++ b/src/kadmin/testing/tcl/util.t
@@ -29,8 +29,6 @@ proc config_params {masks values} {
 	    "KADM5_CONFIG_ADBNAME" {set params [lreplace $params 5 5 $value]}
 	    "KADM5_CONFIG_ADB_LOCKFILE" {
 		set params [lreplace $params 6 6 $value]}
-	    "KADM5_CONFIG_ADMIN_KEYTAB" {
-		set params [lreplace $params 7 7 $value]}
 	    "KADM5_CONFIG_ACL_FILE" {set params [lreplace $params 8 8 $value]}
 	    "KADM5_CONFIG_DICT_FILE" {
 		set params [lreplace $params 9 9 $value]}
diff --git a/src/kadmin/testing/util/tcl_kadm5.c b/src/kadmin/testing/util/tcl_kadm5.c
index b33cf0a0fa..0d9c7f11d7 100644
--- a/src/kadmin/testing/util/tcl_kadm5.c
+++ b/src/kadmin/testing/util/tcl_kadm5.c
@@ -86,7 +86,6 @@ static struct flagval config_mask_flags[] = {
     {"KADM5_CONFIG_MAX_RLIFE", KADM5_CONFIG_MAX_RLIFE},
     {"KADM5_CONFIG_EXPIRATION", KADM5_CONFIG_EXPIRATION},
     {"KADM5_CONFIG_FLAGS", KADM5_CONFIG_FLAGS},
-    {"KADM5_CONFIG_ADMIN_KEYTAB", KADM5_CONFIG_ADMIN_KEYTAB},
     {"KADM5_CONFIG_STASH_FILE", KADM5_CONFIG_STASH_FILE},
     {"KADM5_CONFIG_ENCTYPE", KADM5_CONFIG_ENCTYPE},
     {"KADM5_CONFIG_ADBNAME", KADM5_CONFIG_ADBNAME},
@@ -1033,11 +1032,7 @@ static int parse_config_params(Tcl_Interp *interp, char *list,
     }
     /* Ignore argv[5], which used to set the admin_dbname field.  */
     /* Ignore argv[6], which used to set the admin_lockfile field.  */
-    if ((retcode = parse_str(interp, argv[7], &params->admin_keytab)) != TCL_OK) {
-        Tcl_AppendElement(interp, "while parsing admin_keytab name");
-        retcode = TCL_ERROR;
-        goto finished;
-    }
+    /* Ignore argv[7], which used to set the admin_keytab field.  */
     if ((retcode = parse_str(interp, argv[8], &params->acl_file)) != TCL_OK) {
         Tcl_AppendElement(interp, "while parsing acl_file name");
         retcode = TCL_ERROR;