Creating user principals on the Kerberos server

 

For users to be authenticated to services in your network, add them to the Kerberos server as principals. A principal is the Kerberos term for a user name and password. These principals are stored on the Kerberos server and are used to validate users in the network. Complete the following steps to create user principals:

  1. In a character-based interface, type call QP2TERM at the command line. This command opens an interactive shell environment that allows you to work with i5/OS® PASE applications.

  2. At the command line, enter export PATH=$PATH:/usr/krb5/sbin. This command points to the Kerberos scripts that are necessary to run the executable files.

  3. At the command line, enter kadmin -p admin/admin, and press Enter.

  4. Sign in with administrator's password. For example, secret.

  5. At the kadmin prompt, enter addprinc -pw 123day day.
After you complete these steps, you will receive a message that reads: 
Principal "day@MYCO.COM" created.
This creates the user principal for John Day.

Repeat these steps for Karen Jones, but specify jones for the principal name and 123jones for the password.

 

Parent topic:

Scenario: Setting up a Kerberos server in i5/OS PASE
Previous topic: Creating host principals for Windows 2000 and Windows XP workstations
Next topic: Adding System A service principal to the Kerberos server