friedkiwi/ibm-information-center
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
6290434003
ibm-information-center/dist/eclipse/plugins/i5OS.ic.rzakh_5.4.0.1/rzakhnewpswds.htm

90 lines
5.4 KiB
HTML
Raw Blame History

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us" xml:lang="en-us">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="security" content="public" />
<meta name="Robots" content="index,follow" />
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
<meta name="DC.Type" content="task" />
<meta name="DC.Title" content="Change Kerberos passwords" />
<meta name="abstract" content="The kpasswd command will change the password for the specified Kerberos principal using the password change service." />
<meta name="description" content="The kpasswd command will change the password for the specified Kerberos principal using the password change service." />
<meta name="DC.Relation" scheme="URI" content="rzakhmanage.htm" />
<meta name="DC.Relation" scheme="URI" content="kpasswd.htm" />
<meta name="copyright" content="(C) Copyright IBM Corporation 1998, 2006" />
<meta name="DC.Rights.Owner" content="(C) Copyright IBM Corporation 1998, 2006" />
<meta name="DC.Format" content="XHTML" />
<meta name="DC.Identifier" content="rzakhnewpswds" />
<meta name="DC.Language" content="en-us" />
<!-- All rights reserved. Licensed Materials Property of IBM -->
<!-- US Government Users Restricted Rights -->
<!-- Use, duplication or disclosure restricted by -->
<!-- GSA ADP Schedule Contract with IBM Corp. -->
<link rel="stylesheet" type="text/css" href="./ibmdita.css" />
<link rel="stylesheet" type="text/css" href="./ic.css" />
<title>Change Kerberos passwords</title>
</head>
<body id="rzakhnewpswds"><a name="rzakhnewpswds"><!-- --></a>
<!-- Java sync-link --><script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script>
<h1 class="topictitle1">Change Kerberos passwords</h1>
<div><p>The <span class="cmdname">kpasswd</span> command will change the password
for the specified Kerberos principal using the password change service. </p>
<div class="section"><div class="p"> You must supply the current password for the principal as well
as the new password. The password server will apply any applicable password
policy rules to the new password before changing the password. The password
server is configured during the installation and configuration of the Kerberos
server. See the documentation that corresponds with that system. <div class="note"><span class="notetitle">Note:</span> i5/OS™ PASE
does not support a password server. To change a password for a principal stored
on the Kerberos server, you must enter the PASE environment (call QP2TERM)
and issue the kpasswd command. </div>
</div>
<p>During network authentication
service configuration you can specify that name of the password server. If
one has not been specified during configuration, you can <a href="rzakhaddpass.htm#rzakhaddpass">add</a> a
password server.</p>
<p>You may not change the password for a ticket-granting
service principal (krbtgt/realm) using the <span class="cmdname">kpasswd</span> command.</p>
</div>
<ul><li class="stepexpand"><span>To change the password for the default principal:</span><ul><li>On a Qshell command line, enter <tt>kpasswd</tt></li>
<li>On a command line, enter <tt>call qsys/qkrbkpsswd</tt></li>
</ul>
</li>
<li class="stepexpand"><span>To change the password for another principal:</span><ul><li>On a Qshell command line, enter <tt>kpasswd jday@myco.com</tt></li>
</ul>
</li>
<li class="stepexpand"><span>To change the password for another principal in i5/OS PASE:</span> <p><strong>Using a character-based interface</strong></p>
<ol><li class="substepexpand"><span>In a character-based interface, enter <tt>call QP2TERM</tt>.</span> This command opens an interactive shell environment that allows you
to work with i5/OS PASE
applications.</li>
<li class="substepexpand"><span>At the command line, enter <tt>export PATH=$PATH:/usr/krb5/sbin</tt>.</span> This command points to the Kerberos scripts that are necessary to run
the executable files.</li>
<li class="substepexpand"><span>At the QSH prompt, enter <tt>kadmin -p admin/admin</tt>. Press
Enter.</span></li>
<li class="substepexpand"><span>Sign in with your administrator's username and password.</span></li>
<li class="substepexpand"><span>Enter <tt>kpasswd jday@myco.com</tt>. You will be prompted to
change the password for this principal.</span></li>
</ol>
<p><strong>Using a command line</strong></p>
<ol><li><span>On an command line, enter <tt>call qsys/qkrbkpsswd parm ('jday@myco.com')</tt></span></li>
</ol>
</li>
</ul>
<div class="section"><p>For more details on the use of this command, see the <strong>passwd</strong> usage
notes.</p>
</div>
</div>
<div>
<ul class="ullinks">
<li class="ulchildlink"><strong><a href="kpasswd.htm">kpasswd</a></strong><br />
The Qshell command <span class="cmdname">kpasswd</span> changes a password
for a kerberos principal.</li>
</ul>
<div class="familylinks">
<div class="parentlink"><strong>Parent topic:</strong> <a href="rzakhmanage.htm" title="Manage network authentication service by requesting tickets, working with key table files, and administering host name resolution. You can also work with credentials files and back up configuration files.">Manage network authentication service</a></div>
</div>
</div>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink