uxconsole -krb Perform Kerberos Operations
Valid on UNIX
capamsc141
Valid on UNIX
Use this command to perform Kerberos operations from the UNIX Authentication Broker endpoint. For example, creating tickets. You do not need to install Kerberos on the endpoint to perform Kerberos operations.
This command has the following format:
uxconsole -krb [-init | -list | -passwd | -vno | -destroy |-resolve]
- -initSpecifies to obtain and cache a ticket.
- -listDisplays the content of a credentials cache or keytab.
- -passwdSpecifies that an Active Directory user can modify password directly in the Active Directory on the end point using Kerberos protocol. To change the password, UNAB need not run on the endpoint. The passwd command also allows a user with sufficient Active Directory privileges to reset password of another user. That is, a user performs an administrative change without the need to do it on Windows.uxconsole -krb -passwd [-i kcf] [-h] [principal]uxconsole -krb -passwd -a admin [-i kcf] principal
- -i kcfSpecifies that the Kerberos configuration is used from a file named "kcf".
- -hSpecifies the help screen.
- -aSpecifies that an admin authenticates to the Active Directory as admin and changes the password for a principal.Note:An account admin must have appropriate privileges in the Active Directory.
- principalSpecifies the principal that is known to the Active Directory. A principal name is required when the user is not located in the registration domain.
- -vnoDisplays the key version number for Kerberos principals.
- -destroySpecifies to destroy the credentials cache.
- -resolveSpecifies to resolve a host name or IP address.
Example: Obtain a Ticket Granting Ticket (TGT) using UNIX Authentication Broker keytab
The following example shows how you obtain a TGT using UNIX Authentication Broker keytab:
./uxconsole -krb -init -k
Example: List the content of the credentials cache
The following example shows how you list the content of the credentials cache:
./uxconsole -krb -list
Example: List the content of the keytab with encryption data
The following example shows how to display the content of the keytab including available encryption information:
./uxconsole -krb -list -keytab