System Administration Guide: Security Services

ProcedureHow to Automatically Configure a Master KDC

Starting with the Solaris Express Developer Edition 1/08 release, a master KDC can be automatically configured by using the following procedure.

  1. Become superuser.

  2. Create the KDC.

    Run the kdcmgr utility to create the KDC. You need to provide both the master key password and the password for the administrative principal.

    kdc1# kdcmgr -a kws/admin -r EXAMPLE.COM create master
    Starting server setup
    Setting up /etc/krb5/kdc.conf
    Setting up /etc/krb5/krb5.conf
    Initializing database '/var/krb5/principal' for realm 'EXAMPLE.COM', 
    master key name 'K/M@EXAMPLE.COM' 
    You will be prompted for the database Master Password. 
    It is important that you NOT FORGET this password. 
    Enter KDC database master key: <Type the password>
    Re-enter KDC database master key to verify: <Type it again>
    Authenticating as principal root/admin@EXAMPLE.COM with password. 
    WARNING: no policy specified for kws/admin@EXAMPLE.COM; defaulting to no policy 
    Enter password for principal "kws/admin@EXAMPLE.COM": <Type the password>
    Re-enter password for principal "kws/admin@EXAMPLE.COM": <Type it again>
    Principal "kws/admin@EXAMPLE.COM" created. 
    Setting up /etc/krb5/kadm5.acl. 
    Setup COMPLETE.