friedkiwi/ibm-information-center
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
14ed2849c6
ibm-information-center/dist/eclipse/plugins/i5OS.ic.rzakh_5.4.0.1/kdestroy.htm

147 lines
8.9 KiB
HTML
Raw Normal View History

Add readme and dist folders
2024-04-02 14:02:31 +00:00
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us" xml:lang="en-us">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="security" content="public" />
<meta name="Robots" content="index,follow" />
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
<meta name="DC.Type" content="reference" />
<meta name="DC.Title" content="kdestroy" />
<meta name="abstract" content="The Qshell command kdestroy destroys a Kerberos credentials cache." />
<meta name="description" content="The Qshell command kdestroy destroys a Kerberos credentials cache." />
<meta name="DC.Relation" scheme="URI" content="rzakhdeletecred.htm" />
<meta name="copyright" content="(C) Copyright IBM Corporation 1998, 2006" />
<meta name="DC.Rights.Owner" content="(C) Copyright IBM Corporation 1998, 2006" />
<meta name="DC.Format" content="XHTML" />
<meta name="DC.Identifier" content="kdestroy" />
<meta name="DC.Language" content="en-us" />
<!-- All rights reserved. Licensed Materials Property of IBM -->
<!-- US Government Users Restricted Rights -->
<!-- Use, duplication or disclosure restricted by -->
<!-- GSA ADP Schedule Contract with IBM Corp. -->
<link rel="stylesheet" type="text/css" href="./ibmdita.css" />
<link rel="stylesheet" type="text/css" href="./ic.css" />
<title>kdestroy</title>
</head>
<body id="kdestroy"><a name="kdestroy"><!-- --></a>
<!-- Java sync-link --><script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script>
<h1 class="topictitle1">kdestroy</h1>
<div><p>The Qshell command <span class="cmdname">kdestroy</span> destroys a Kerberos
credentials cache.</p>
<div class="section"><h4 class="sectiontitle">Syntax</h4><p><tt>kdestroy [-c cache_name] [-e time_delta]</tt> </p>
<p>Default
public authority: *USE</p>
<p>The Qshell command <span class="cmdname">kdestroy</span> destroys
a Kerberos credentials cache.</p>
</div>
<div class="section"><h4 class="sectiontitle">Options</h4><dl><dt class="dlterm">-c cache_name</dt>
<dd>The name of the credentials cache to be destroyed. If no command options
are specified, the default credentials cache is destroyed. This option is
mutually exclusive with the <tt>-e</tt> option. </dd>
<dt class="dlterm">-e time_delta</dt>
<dd>All credentials cache files that contain expired tickets are deleted if
the tickets have been expired at least as long as the <tt>time_delta</tt> value. </dd>
</dl>
</div>
<div class="section"><h4 class="sectiontitle">Authorities</h4><p>When the credentials cache is of type <strong>FILE</strong> (see <strong>krb5_cc_resolve()</strong> for
more information about cache types), the default behavior is that the credentials
cache file is created in the <span class="filepath">/QIBM/UserData/OS400/NetworkAuthentication/creds</span> directory.
The placement of the credentials cache file can be changed by setting the
KRB5CCNAME environment variable.</p>
<p>If the credentials cache file does
not reside in the default directory, the following authorities are required:</p>
<div class="tablenoborder"><table cellpadding="4" cellspacing="0" summary="" width="100%" frame="border" border="1" rules="all"><thead align="left"><tr><th align="left" valign="bottom" width="33.33333333333333%" id="d0e72">Object Referred to</th>
<th align="left" valign="bottom" width="33.33333333333333%" id="d0e74">Data Authority Required</th>
<th align="left" valign="bottom" width="33.33333333333333%" id="d0e76">Object Authority Required</th>
</tr>
</thead>
<tbody><tr><td align="left" valign="top" width="33.33333333333333%" headers="d0e72 ">Each directory in the path name preceding
the credentials cache file</td>
<td align="center" valign="top" width="33.33333333333333%" headers="d0e74 ">*X</td>
<td align="center" valign="top" width="33.33333333333333%" headers="d0e76 ">None</td>
</tr>
<tr><td align="left" valign="top" width="33.33333333333333%" headers="d0e72 ">Parent directory of the credentials cache
file</td>
<td align="center" valign="top" width="33.33333333333333%" headers="d0e74 ">*WX</td>
<td align="center" valign="top" width="33.33333333333333%" headers="d0e76 ">None</td>
</tr>
<tr><td align="left" valign="top" width="33.33333333333333%" headers="d0e72 ">Credentials cache file</td>
<td align="center" valign="top" width="33.33333333333333%" headers="d0e74 ">*RW</td>
<td align="center" valign="top" width="33.33333333333333%" headers="d0e76 ">*OBJEXIST</td>
</tr>
<tr><td align="left" valign="top" width="33.33333333333333%" headers="d0e72 ">Each directory in the paths to the configuration
files</td>
<td align="center" valign="top" width="33.33333333333333%" headers="d0e74 ">*X</td>
<td align="center" valign="top" width="33.33333333333333%" headers="d0e76 ">None</td>
</tr>
<tr><td align="left" valign="top" width="33.33333333333333%" headers="d0e72 ">Configuration files</td>
<td align="center" valign="top" width="33.33333333333333%" headers="d0e74 ">*R</td>
<td align="center" valign="top" width="33.33333333333333%" headers="d0e76 ">None</td>
</tr>
</tbody>
</table>
</div>
<p>If the credentials cache file resides in the default directory,
the following authorities are required:</p>
<div class="tablenoborder"><table cellpadding="4" cellspacing="0" summary="" width="100%" frame="border" border="1" rules="all"><thead align="left"><tr><th align="left" valign="bottom" width="55.55555555555556%" id="d0e123">Object Referred to</th>
<th align="left" valign="bottom" width="17.46031746031746%" id="d0e125">Data Authority Required</th>
<th align="left" valign="bottom" width="26.984126984126984%" id="d0e127">Object Authority Required</th>
</tr>
</thead>
<tbody><tr><td align="left" valign="top" width="55.55555555555556%" headers="d0e123 ">All directories in the path name</td>
<td align="center" valign="top" width="17.46031746031746%" headers="d0e125 ">*X</td>
<td align="center" valign="top" width="26.984126984126984%" headers="d0e127 ">None</td>
</tr>
<tr><td align="left" valign="top" width="55.55555555555556%" headers="d0e123 ">Credentials cache file</td>
<td align="center" valign="top" width="17.46031746031746%" headers="d0e125 ">*RW</td>
<td align="center" valign="top" width="26.984126984126984%" headers="d0e127 ">None</td>
</tr>
<tr><td align="left" valign="top" width="55.55555555555556%" headers="d0e123 ">Each directory in the paths to the configuration
files</td>
<td align="center" valign="top" width="17.46031746031746%" headers="d0e125 ">*X</td>
<td align="center" valign="top" width="26.984126984126984%" headers="d0e127 ">None</td>
</tr>
<tr><td align="left" valign="top" width="55.55555555555556%" headers="d0e123 ">Configuration files</td>
<td align="center" valign="top" width="17.46031746031746%" headers="d0e125 ">*R</td>
<td align="center" valign="top" width="26.984126984126984%" headers="d0e127 ">None</td>
</tr>
</tbody>
</table>
</div>
<p>To enable the Kerberos protocol to find your credentials cache
file from any running process, the name of the cache file is normally stored
in the home directory in a file named krb5ccname. A user wishing to use Kerberos
authentication on the iSeries™ must have a home directory defined. By default
the home directory is<span class="filepath">/home/</span>. This file is used to find
the default credentials cache if no command options are specified. The storage
location of the cache file name can be overridden by setting the environment
variable _EUV_SEC_KRB5CCNAME_FILE. To access this file, the user profile must
have <strong>*X</strong> authority to each directory in the path and <strong>*R</strong> authority
to the file where the cache file name is stored.</p>
</div>
<div class="section"><h4 class="sectiontitle">Messages</h4><ul><li>Unable to resolve credentials cache <em>cache_file_name</em>.</li>
<li>Unable to destroy credentials cache <em>cache_file_name</em>.</li>
<li>The <em>function_name</em> function detects an error.</li>
<li>Unable to retrieve ticket from credentials cache <em>file_name</em>.</li>
<li>The <em>option_name</em> option requires a value.</li>
<li><em>command_option</em> is not a valid command option.</li>
<li><em>command_option_one</em> and <em>command_option_two</em> may not be specified
together.</li>
<li>No default credentials cache found.</li>
<li>Time delta value <em>value</em> is not valid.</li>
</ul>
</div>
<div class="example"><p>For an example of how this command is used, see <a href="rzakhdeletecred.htm#rzakhdeletecred">Delete expired credentials cache files</a>.</p>
</div>
</div>
<div>
<div class="familylinks">
<div class="parentlink"><strong>Parent topic:</strong> <a href="rzakhdeletecred.htm" title="The kdestroy command deletes a Kerberos credentials cache file. Users need to periodically delete old credentials by using thekdestroy command.">Delete expired credentials cache files</a></div>
</div>
</div>
</body>
</html>
Reference in New Issue Copy Permalink