From d3d4b8732b7467b8448c5f9ba590b2785f1c8732 Mon Sep 17 00:00:00 2001 From: Jen Selby Date: Mon, 29 Jul 2002 18:13:29 +0000 Subject: * kdb5_util.M: added documentation for some options. * kvno.M: added documentation of the "-q" and "-h" options. * kadmin.M: corrected documenation of "-k/-t" options. Added documentation for some other options. Updated the lists of aliases for commands, some command options, and some of the sample output. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14671 dc483132-0cff-0310-8789-dd5450dbe970 --- src/kadmin/cli/kadmin.M | 42 ++++++++++++++++++++++++++++++++++-------- 1 file changed, 34 insertions(+), 8 deletions(-) (limited to 'src/kadmin/cli/kadmin.M') diff --git a/src/kadmin/cli/kadmin.M b/src/kadmin/cli/kadmin.M index 08e02e5c9..1d5fb7020 100644 --- a/src/kadmin/cli/kadmin.M +++ b/src/kadmin/cli/kadmin.M @@ -83,11 +83,19 @@ principal name of the default ccache, the value of the environment variable, or the username as obtained with getpwuid, in order of preference. .TP -\fB\-k\fP \fIkeytab\fP +\fB\-k\fP +Use a keytab to decrypt the KDC response instead of prompting for a +password on the TTY. In this case, the default principal will be +host/\fIhostname\fP. If there is not a keytab specified with the +.B\-t +option, then the default keytab will be used. +.TP +\fB\-t\fP \fIkeytab\fP Use .I keytab -to decrypt the KDC response instead of prompting for a password on the -TTY. In this case, the default principal will be host/\fIhostname\fP. +to decrypt the KDC response. This can only be used with the +.B \-k +option. .TP \fB\-c\fP \fIcredentials_cache\fP Use @@ -118,6 +126,21 @@ directly to which will perform .I query and then exit. This can be useful for writing scripts. +.TP +\fB\-d\fP \fIdbname\fP +Specifies the name of the Kerberos database. +.TP +\fB\-s\fP \fIadmin_server[:port]\fP +Specifies the admin server which kadmin should contact. +.TP +\fB\-m\fP +Do not authenticate using a keytab. This option will cause kadmin +to prompt for the master database password. +.TP +\fB\-e\fP \fIenc:salt_list\fP +Sets the list of encryption types and salt types to be used for any new +keys created. + .SH DATE FORMAT Various commands in kadmin can take a variety of date formats, specifying durations or absolute times. Examples of valid formats are: @@ -458,7 +481,7 @@ privilege, or that the principal that is running the the program to be the same as the one being listed. With the .B \-terse option, outputs fields as quoted tab-separated strings. Alias -.BR listprincs . +.BR getprinc . .sp .nf .RS @@ -503,7 +526,9 @@ an "@" character followed by the local realm is appended to the expression. Requires the .I list priviledge. Alias -.BR listprincs . +.BR listprincs , +.BR get_principals , +.BR get_princs . .nf .RS .TP @@ -548,7 +573,7 @@ KADM5_DUP (policy already exists) .fi .RE .TP -\fBdelete_policy\fP \fIpolicy\fB +\fBdelete_policy [\-force]\fP \fIpolicy\fB deletes the named policy. Prompts for confirmation before deletion. The command will fail if the policy is in use by any principals. Requires the @@ -563,7 +588,6 @@ EXAMPLE: kadmin: del_policy guests Are you sure you want to delete the policy "guests"? (yes/no): yes -Policy "guests" deleted. kadmin: .TP ERRORS: @@ -628,7 +652,9 @@ are printed. If no expression is provided, all existing policy names are printed. Requires the .I list priviledge. Alias -.BR listpols . +.BR listpols , +.BR get_policies , +.BR getpols . .sp .nf .RS -- cgit