gkadmin(1M)
NAME
gkadmin - Kerberos database administration GUI, SEAM
Administration Tool
SYNOPSIS
/usr/sbin/gkadmin
DESCRIPTION
gkadmin is an interactive graphical user interface (GUI)
that enables you to maintain Kerberos principals and poli-
cies. gkadmin provides much the same functionality as the
kadmin(1M) command.
gkadmin does not support the management of keytabs. You must
use kadmin for keytabs management. gkadmin uses Kerberos
authentication and an encrypted RPC to operate securely from
anywhere on the network.
When gkadmin is invoked, the login window is populated with
default values. For the principal name, gkadmin determines
your user name from the USER environment variable. It
appends /admin to the name (username/admin) to create a
default user instance in the same manner as kadmin. It also
selects appropriate defaults for realm and master KDC
(admin_server) from the /etc/krb5/krb5.conf file.
You can change these defaults on the login window. When you
enter your password, a session is started with kadmind.
Operations performed are subject to permissions that are
granted or denied to the chosen user instance by the Ker-
beros ACL file. See kadm5.acl(4).
After the session is started, a tabbed folder is displayed
that contains a principal list and a policy list. The func-
tionality is mainly the same as kadmin, with addition, dele-
tion, and modification of principal and policy data avail-
able.
In addition, gkadmin provides the following features:
o New principal or policy records can be added either
from default values or from the settings of an exist-
ing principal.
o A comment field is available for principals.
o Default values are saved in $HOME/.gkadmin.
o A logout option permits you to log back in as another
user instance without exiting the tool.
o Principal and policy lists and attributes can be
printed or saved to a file.
o Online context-sensitive help and general help is
available in the Help menu.
FILES
/etc/krb5/krb5.conf
Kerberos configuration information on a Kerberos
client. Used to search for default realm and master
KDC (admin_server), including a port number for the
master KDC.
$HOME/.gkadmin
Default parameters used to initialize new principals
created during the session.
ATTRIBUTES
See attributes(5) for descriptions of the following attri-
butes:
____________________________________________________________
| ATTRIBUTE TYPE | ATTRIBUTE VALUE |
|_____________________________|_____________________________|
| Availability | SUNWkdcu |
|_____________________________|_____________________________|
| Interface Stability | Evolving |
|_____________________________|_____________________________|
SEE ALSO
kpasswd(1), kadmin(1M), kadmind(1M), kadmin.local(1M),
kdb5_util(1M), kadm5.acl(4), kdc.conf(4), krb5.conf(4),
attributes(5), SEAM(5)
DIAGNOSTICS
The gkadmin interface is currently incompatible with the MIT
kadmind daemon interface, so you cannot use this interface
to administer an MIT-based Kerberos database. However,
SEAM-based Kerberos clients can still use an MIT-based KDC.
Man(1) output converted with
man2html