JavaScript is required to for searching.
Skip Navigation Links
Exit Print View
Oracle Solaris 11.1 Administration: Security Services     Oracle Solaris 11.1 Information Library
search filter icon
search icon

Document Information

Preface

Part I Security Overview

1.  Security Services (Overview)

Part II System, File, and Device Security

2.  Managing Machine Security (Overview)

3.  Controlling Access to Systems (Tasks)

4.  Virus Scanning Service (Tasks)

5.  Controlling Access to Devices (Tasks)

6.  Verifying File Integrity by Using BART (Tasks)

7.  Controlling Access to Files (Tasks)

Part III Roles, Rights Profiles, and Privileges

8.  Using Roles and Privileges (Overview)

9.  Using Role-Based Access Control (Tasks)

10.  Security Attributes in Oracle Solaris (Reference)

Part IV Cryptographic Services

11.  Cryptographic Framework (Overview)

12.  Cryptographic Framework (Tasks)

13.  Key Management Framework

Part V Authentication Services and Secure Communication

14.  Using Pluggable Authentication Modules

15.  Using Secure Shell

16.  Secure Shell (Reference)

17.  Using Simple Authentication and Security Layer

18.  Network Services Authentication (Tasks)

Part VI Kerberos Service

19.  Introduction to the Kerberos Service

20.  Planning for the Kerberos Service

21.  Configuring the Kerberos Service (Tasks)

22.  Kerberos Error Messages and Troubleshooting

23.  Administering Kerberos Principals and Policies (Tasks)

Ways to Administer Kerberos Principals and Policies

SEAM Tool

Command-Line Equivalents of the SEAM Tool

The Only File Modified by the SEAM Tool

Print and Online Help Features of the SEAM Tool

Working With Large Lists in the SEAM Tool

How to Start the SEAM Tool

Administering Kerberos Principals

Administering Kerberos Principals (Task Map)

Automating the Creation of New Kerberos Principals

How to View the List of Kerberos Principals

How to View a Kerberos Principal's Attributes

How to Create a New Kerberos Principal

How to Duplicate a Kerberos Principal

How to Modify a Kerberos Principal

How to Delete a Kerberos Principal

How to Set Up Defaults for Creating New Kerberos Principals

How to Modify the Kerberos Administration Privileges

Administering Kerberos Policies

Administering Kerberos Policies (Task Map)

How to View the List of Kerberos Policies

How to View a Kerberos Policy's Attributes

How to Create a New Kerberos Policy

How to Duplicate a Kerberos Policy

How to Modify a Kerberos Policy

How to Delete a Kerberos Policy

SEAM Tool Reference

SEAM Tool Panel Descriptions

Using the SEAM Tool With Limited Kerberos Administration Privileges

Administering Keytab Files

Administering Keytab Files (Task Map)

How to Add a Kerberos Service Principal to a Keytab File

How to Remove a Service Principal From a Keytab File

How to Display the Keylist (Principals) in a Keytab File

How to Temporarily Disable Authentication for a Service on a Host

24.  Using Kerberos Applications (Tasks)

25.  The Kerberos Service (Reference)

Part VII Auditing in Oracle Solaris

26.  Auditing (Overview)

27.  Planning for Auditing

28.  Managing Auditing (Tasks)

29.  Auditing (Reference)

Glossary

Index

Ways to Administer Kerberos Principals and Policies

The Kerberos database on the master KDC contains all of your realm's Kerberos principals, their passwords, policies, and other administrative information. To create and delete principals, and to modify their attributes, you can use either the kadmin or gkadmin command.

The kadmin command provides an interactive command-line interface that enables you to maintain Kerberos principals, policies, and keytab files. There are two versions of the kadmin command:

Other than kadmin using Kerberos to authenticate the user, the capabilities of the two versions are identical. The local version is necessary to enable you to set up enough of the database so that you can use the remote version.

Also, the Oracle Solaris release provides the SEAM Tool, gkadmin, which is an interactive graphical user interface (GUI) that provides essentially the same capabilities as the kadmin command. See SEAM Tool for more information.