gkadmin(1M)

NAME

     gkadmin  -  Kerberos  database  administration   GUI,   SEAM
     Administration Tool

SYNOPSIS

     /usr/sbin/gkadmin

DESCRIPTION

     gkadmin is an interactive  graphical  user  interface  (GUI)
     that  enables  you to maintain Kerberos principals and poli-
     cies. gkadmin provides much the same  functionality  as  the
     kadmin(1M) command.

     gkadmin does not support the management of keytabs. You must
     use  kadmin  for  keytabs  management. gkadmin uses Kerberos
     authentication and an encrypted RPC to operate securely from
     anywhere on the network.

     When gkadmin is invoked, the login window is populated  with
     default  values.  For the principal name, gkadmin determines
     your user  name  from  the  USER  environment  variable.  It
     appends  /admin  to  the  name  (username/admin) to create a
     default user instance in the same manner as kadmin. It  also
     selects  appropriate  defaults  for  realm  and  master  KDC
     (admin_server) from the /etc/krb5/krb5.conf file.

     You can change these defaults on the login window. When  you
     enter  your  password,  a  session  is started with kadmind.
     Operations performed are subject  to  permissions  that  are
     granted  or  denied  to the chosen user instance by the Ker-
     beros ACL file. See kadm5.acl(4).

     After the session is started, a tabbed folder  is  displayed
     that  contains a principal list and a policy list. The func-
     tionality is mainly the same as kadmin, with addition, dele-
     tion,  and  modification of principal and policy data avail-
     able.

      In addition, gkadmin provides the following features:

        o  New principal or policy records can  be  added  either
           from  default values or from the settings of an exist-
           ing principal.

        o  A comment field is available for principals.

        o  Default values are saved in $HOME/.gkadmin.

        o  A logout option permits you to log back in as  another
           user instance without exiting the tool.

        o  Principal and  policy  lists  and  attributes  can  be
           printed or saved to a file.

        o  Online context-sensitive  help  and  general  help  is
           available in the Help menu.

FILES

     /etc/krb5/krb5.conf
           Kerberos  configuration  information  on  a   Kerberos
           client.  Used  to  search for default realm and master
           KDC (admin_server), including a port  number  for  the
           master KDC.

     $HOME/.gkadmin
           Default parameters used to initialize  new  principals
           created during the session.

ATTRIBUTES

     See attributes(5) for descriptions of the  following  attri-
     butes:

     ____________________________________________________________
    |        ATTRIBUTE TYPE       |       ATTRIBUTE VALUE       |
    |_____________________________|_____________________________|
    | Availability                | SUNWkdcu                    |
    |_____________________________|_____________________________|
    | Interface Stability         | Evolving                    |
    |_____________________________|_____________________________|

SEE ALSO

     kpasswd(1),   kadmin(1M),   kadmind(1M),   kadmin.local(1M),
     kdb5_util(1M),   kadm5.acl(4),   kdc.conf(4),  krb5.conf(4),
     attributes(5), SEAM(5)

DIAGNOSTICS

     The gkadmin interface is currently incompatible with the MIT
     kadmind  daemon  interface, so you cannot use this interface
     to  administer  an  MIT-based  Kerberos  database.  However,
     SEAM-based Kerberos clients can still use an MIT-based KDC.
Man(1) output converted with man2html