How to Modify a Kerberos Principal

An example of the command-line equivalent follows this procedure.

1. If necessary, start the SEAM Tool.

   See How to Start the SEAM Tool for more information.

   $ /usr/sbin/gkadmin

2. Click the Principals tab.

3. Select the principal in the list that you want to modify, then click Modify.

   The Principal Basics panel that contains some of the attributes for the principal is displayed.

4. Modify the principal's attributes, and continue to click Next to modify more attributes.

   Three windows contain attribute information. Choose Context-Sensitive Help from the Help menu to get information about the various attributes in each window. Or, for all the principal attribute descriptions, go to SEAM Tool Panel Descriptions.

   ---

   Note –

   You cannot modify a principal's name. To rename a principal, you must duplicate the principal, specify a new name for it, save it, and then delete the old principal.

   ---

5. Click Save to save the principal, or click Done on the last panel.

6. Modify the Kerberos administration privileges for the principal in the /etc/krb5/kadm5.acl file.

   See How to Modify the Kerberos Administration Privileges for more details.

Example 25–6 Modifying a Kerberos Principal's Password (Command Line)

In the following example, the change_password command of kadmin is used to modify the password for the jdb principal. The change_password command does not let you change the password to a password that is in the principal's password history.

kadmin: change_password jdb
Enter password for principal "jdb": <Type the new password>
Re-enter password for principal "jdb": <Type the password again>
Password for "jdb@EXAMPLE.COM" changed.
kadmin: quit

To modify other attributes for a principal, you must use the modify_principal command of kadmin.