diff options
| author | Barry Jaspan <bjaspan@mit.edu> | 1996-10-09 19:30:02 +0000 |
|---|---|---|
| committer | Barry Jaspan <bjaspan@mit.edu> | 1996-10-09 19:30:02 +0000 |
| commit | 73921b6bebce4c1de80c5f94676ad060c78a97ab (patch) | |
| tree | c7ce8b38f01e6f7996819687577a0ce33bc9d6a8 /src/kadmin/cli/kadmin.M | |
| parent | 7fcbfaffaa83e83a20af8174a2d6d5955d21f7e7 (diff) | |
| download | krb5-73921b6bebce4c1de80c5f94676ad060c78a97ab.tar.gz krb5-73921b6bebce4c1de80c5f94676ad060c78a97ab.tar.xz krb5-73921b6bebce4c1de80c5f94676ad060c78a97ab.zip | |
* kadmin.c (kadmin_addprinc): add "default" policy behavior;
delete kadmin_renprinc entirely, since it is no longer supported
by the api and there is no ss command for it anyway
* kadmin.M: document "default" policy behavior. [krb5-admin/84]
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@9158 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/kadmin/cli/kadmin.M')
| -rw-r--r-- | src/kadmin/cli/kadmin.M | 21 |
1 files changed, 18 insertions, 3 deletions
diff --git a/src/kadmin/cli/kadmin.M b/src/kadmin/cli/kadmin.M index e2c9a2b84..b744b88a8 100644 --- a/src/kadmin/cli/kadmin.M +++ b/src/kadmin/cli/kadmin.M @@ -151,7 +151,13 @@ Specifying "ago" in a duration may result in unexpected behavior. \fBadd_principal\fP [\fIoptions\fP] \fInewprinc\fP creates the principal .IR newprinc , -prompting twice for a password. This command requires the +prompting twice for a password. If no policy is specified with the +-policy option, and the policy named "default" exists, then that +policy is assigned to the principal; note that the assignment of the +policy "default" only occurs automatically when a principal is first +created, so the policy "default" must already exist for the assignment +to occur. This assignment of "default" can be suppressed with the +-clearpolicy option. This command requires the .I add privilege. This command has the aliases .B addprinc @@ -176,8 +182,17 @@ maximum renewable life of tickets for the principal explicity set the key version number. .TP \fB\-policy\fP \fIpolicy\fP -policy used by this principal. If no policy is supplied, the principal -will default to having no policy, and a warning message will be printed. +policy used by this principal. If no policy is supplied, then if the +policy "default" exists and the -clearpolicy is not also specified, +then the policy "default" is used; otherwise, the principal +will have no policy, and a warning message will be printed. +.TP +\fB\-clearpolicy\fP +.B -clearpolicy +prevents the policy "default" from being assigned when +.B -policy +is not specified. This option has no effect if the policy "default" +does not exist. .TP {\fB\-\fP|\fB+\fP}\fBallow_postdated\fP .B -allow_postdated |