Managing Kerberos and Other Authentication Services in Oracle® Solaris 11.2

Exit Print View

Updated: August 2014

Creating a New Kerberos Principal

If a new principal requires a new policy, you must create the new policy before you create the principal. For policy creation, see Example 5–10. Most Kerberos policies specify password requirements.

Example 5-4  Creating a New Kerberos Principal

The following example creates a new principal called pak and sets the principal's policy to testuser. The other required values, such as encryption type, use default values.

# /usr/sbin/kadmin
kadmin: add_principal -policy testuser pak
Enter password for principal "pak@EXAMPLE.COM": xxxxxxxx
Re-enter password for principal "pak@EXAMPLE.COM": xxxxxxxx
Principal "pak@EXAMPLE.COM" created.
kadmin: quit

Typically, few users are privileged to administer the Kerberos database. If this new principal needs administrative privileges, continue with Modifying Principals' Kerberos Administration Privileges.