System Administration Guide: Security Services

Example—Modifying the Kerberos Administration Privileges

The following entry in the kadm5.acl file gives any principal in the EXAMPLE.COM realm with the admin instance all the privileges on the Kerberos database.


*/admin@EXAMPLE.COM *

The following entry in the kadm5.acl file gives the jdb@EXAMPLE.COM principal the privilege to add, list, and inquire about any principal that has the root instance.


jdb@EXAMPLE.COM ali */root@EXAMPLE.COM