friedkiwi/ibm-information-center
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
6290434003
ibm-information-center/dist/eclipse/plugins/i5OS.ic.rzakh_5.4.0.1/rzakhksetup.htm

97 lines
5.7 KiB
HTML
Raw Blame History

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us" xml:lang="en-us">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="security" content="public" />
<meta name="Robots" content="index,follow" />
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
<meta name="DC.Type" content="reference" />
<meta name="DC.Title" content="Manage Kerberos service entries in LDAP directories" />
<meta name="abstract" content="The ksetup command manages Kerberos service entries in the LDAP server directory." />
<meta name="description" content="The ksetup command manages Kerberos service entries in the LDAP server directory." />
<meta name="DC.Relation" scheme="URI" content="rzakhmanage.htm" />
<meta name="DC.Relation" scheme="URI" content="ksetup.htm" />
<meta name="copyright" content="(C) Copyright IBM Corporation 1998, 2006" />
<meta name="DC.Rights.Owner" content="(C) Copyright IBM Corporation 1998, 2006" />
<meta name="DC.Format" content="XHTML" />
<meta name="DC.Identifier" content="rzakhksetup" />
<meta name="DC.Language" content="en-us" />
<!-- All rights reserved. Licensed Materials Property of IBM -->
<!-- US Government Users Restricted Rights -->
<!-- Use, duplication or disclosure restricted by -->
<!-- GSA ADP Schedule Contract with IBM Corp. -->
<link rel="stylesheet" type="text/css" href="./ibmdita.css" />
<link rel="stylesheet" type="text/css" href="./ic.css" />
<title>Manage Kerberos service entries in LDAP directories</title>
</head>
<body id="rzakhksetup"><a name="rzakhksetup"><!-- --></a>
<!-- Java sync-link --><script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script>
<h1 class="topictitle1">Manage Kerberos service entries in LDAP directories</h1>
<div><p>The <span class="cmdname">ksetup</span> command manages Kerberos service
entries in the LDAP server directory. </p>
<div class="section"><h4 class="sectiontitle">Purpose</h4><p> The <span class="cmdname">ksetup</span> command manages
Kerberos service entries in the LDAP server directory. The following subcommands
are supported:</p>
<dl><dt class="dlterm">addhost host-name realm-name</dt>
<dd>This subcommand adds a host entry for the specified realm. The fully qualified
host name should be used so that it resolves correctly no matter what default
DNS domain is in effect on the Kerberos clients. If no realm name is specified,
the default realm name is used. </dd>
<dt class="dlterm">addkdc host-name:port-number realm-name</dt>
<dd>This subcommand adds an entry in the Kerberos server for the specified
realm. If a host entry does not already exist, one is created. If a port number
is not specified, it is set to 88 . Use the fully qualified host name so that
it resolves correctly no matter what default DNS domain is in effect on the
Kerberos clients. If no realm name is specified, the default realm name is
used. </dd>
<dt class="dlterm">delhost host-name realm-name</dt>
<dd> This subcommand deletes a host entry and any associated specification
for the Kerberos server from the specified realm. If no realm name is specified,
the default realm name is used. </dd>
<dt class="dlterm">delkdc host-name realm-name</dt>
<dd> This subcommand deletes an entry in the Kerberos server for the specified
host. The host entry itself is not deleted. If no realm name is specified,
the default realm name is used. </dd>
<dt class="dlterm">listhost realm-name</dt>
<dd>This subcommand lists the entries in the Kerberos server for a realm.
If no realm name is specified, the default realm name is used. </dd>
<dt class="dlterm">exit</dt>
<dd>This subcommand ends the ksetup command. </dd>
</dl>
<div class="restriction"><span class="restrictiontitle">Restriction:</span> <img src="./delta.gif" alt="Start of change" />iSeries™ supports LDAP clients in the
character-based interface, but not in i5/OS™ PASE.<img src="./deltaend.gif" alt="End of change" /></div>
</div>
<div class="section"><h4 class="sectiontitle">Examples</h4><p>To add the host, kdc1.myco.com, to the
server, ldapserv.myco.com, as the Kerberos server for realm MYCO.COM, using
an Directory Services (LDAP) administrator ID of Administrator and a password
of verysecret, complete the following steps:</p>
<p>On a Qshell command line,
enter: <tt>ksetup -h ldapserv.myco.com -n CN=Administrator -p verysecret</tt></p>
<p>Or</p>
<ol><li>On an i5/OS control
language (CL) command line, enter: <p><tt>call qsys/qkrbksetup parm('-h' 'ldapserv.myco.com'
'-n' 'CN=Administrator' '-p' 'verysecret')</tt></p>
</li>
<li>When the Directory Services (LDAP) server is successfully contacted, a
subcommand prompt is displayed. Enter <p><tt>addkdc kdc1.myco.com MYCO.COM</tt></p>
</li>
</ol>
<p>See the <strong>ksetup</strong> usage notes on this Qshell command for specifics
on its usage and restrictions.</p>
</div>
</div>
<div>
<ul class="ullinks">
<li class="ulchildlink"><strong><a href="ksetup.htm">ksetup</a></strong><br />
The Qshell command <span class="cmdname">ksetup</span> manages Kerberos service
entries in the directory server for a Kerberos realm.</li>
</ul>
<div class="familylinks">
<div class="parentlink"><strong>Parent topic:</strong> <a href="rzakhmanage.htm" title="Manage network authentication service by requesting tickets, working with key table files, and administering host name resolution. You can also work with credentials files and back up configuration files.">Manage network authentication service</a></div>
</div>
</div>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink