directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From plusplusjia...@apache.org
Subject directory-kerby git commit: DIRKRB-593 Add the remote kadmin tool usage guide.
Date Wed, 06 Jul 2016 07:58:14 GMT
Repository: directory-kerby
Updated Branches:
  refs/heads/trunk 9f628e5ae -> cc91e4b89


DIRKRB-593 Add the remote kadmin tool usage guide.


Project: http://git-wip-us.apache.org/repos/asf/directory-kerby/repo
Commit: http://git-wip-us.apache.org/repos/asf/directory-kerby/commit/cc91e4b8
Tree: http://git-wip-us.apache.org/repos/asf/directory-kerby/tree/cc91e4b8
Diff: http://git-wip-us.apache.org/repos/asf/directory-kerby/diff/cc91e4b8

Branch: refs/heads/trunk
Commit: cc91e4b890b77546420ab81a0421227c31d26357
Parents: 9f628e5
Author: plusplusjiajia <jiajia.li@intel.com>
Authored: Wed Jul 6 16:03:58 2016 +0800
Committer: plusplusjiajia <jiajia.li@intel.com>
Committed: Wed Jul 6 16:03:58 2016 +0800

----------------------------------------------------------------------
 kerby-dist/README.md | 50 +++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 50 insertions(+)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/cc91e4b8/kerby-dist/README.md
----------------------------------------------------------------------
diff --git a/kerby-dist/README.md b/kerby-dist/README.md
index e246956..b2e1e8b 100644
--- a/kerby-dist/README.md
+++ b/kerby-dist/README.md
@@ -168,3 +168,53 @@ The resulting tickets will have the client name WELLKNOWN/ANONYMOUS@WELLKNOWN:AN
 [2]http://k5wiki.kerberos.org/wiki/Pkinit_configuration
 
 
+## 3. Run remote kadmin steps
+#### 1. Generate libraries for distribution:
+```
+mvn package -Pdist
+```
+
+#### 2. Run kdcinit:
+```
+cd kerby-dist/kdc-dist
+sh bin/kdcinit.sh [server-conf-dir] [keytab]
+```
+The admin principal will be exported into [keytab], it will be used by kadmin tool for the
authentication. 
+
+#### 3. Start kerby-kdc-server:
+```
+cd kerby-dist/kdc-dist
+sh bin/start-kdc.sh [server-conf-dir] [work-dir]
+```
+
+#### 4. Run kadmin server
+```
+cd kerby-dist/kdc-dist
+sh bin/admin-server.sh [admin-server-conf-dir]
+```
+An example of adminClient.conf:
+```
+[libdefaults]
+    default_realm = EXAMPLE.COM
+    admin_port = 65417
+    keytab_file = admin.keytab
+    protocol = adminprotocol
+    server_name = localhost
+```
+The keytab_file is the keytab file path created by the kdcinit.
+
+#### 5. Run remote kadmin client to add or delete principals:
+```
+cd kerby-dist/kdc-dist
+sh bin/remote-admin-client.sh [admin-client-conf-dir]
+```
+An example of adminServer.conf:
+```
+[libdefaults]
+    default_realm = EXAMPLE.COM
+    admin_port = 65417
+    keytab_file = protocol.keytab
+    protocol = adminprotocol
+    server_name = localhost
+```
+The keytab_file is the keytab file path created by the kdcinit.


Mime
View raw message