Enhance README with instructions for using kadmin remotely and locally
This commit is contained in:
@@ -168,7 +168,25 @@ kdestroy
|
|||||||
|
|
||||||
## Managing principals
|
## Managing principals
|
||||||
|
|
||||||
Exec into the running container to use `kadmin.local` (no password required):
|
### Remote (kadmin)
|
||||||
|
|
||||||
|
`kadmin` connects to `kadmind` on port 749 from any machine with a valid `krb5.conf`. Authenticate as a principal with rights in `kadm5.acl`:
|
||||||
|
|
||||||
|
```bash
|
||||||
|
kadmin -p admin@REALM
|
||||||
|
```
|
||||||
|
|
||||||
|
With a keytab instead of a password prompt:
|
||||||
|
|
||||||
|
```bash
|
||||||
|
kadmin -p admin@REALM -k -t /path/to/admin.keytab
|
||||||
|
```
|
||||||
|
|
||||||
|
All commands below work identically in `kadmin` — replace `kadmin.local` with `kadmin -p admin@REALM`.
|
||||||
|
|
||||||
|
### Local (kadmin.local)
|
||||||
|
|
||||||
|
Exec into the running container — no authentication required, bypasses `kadmind` entirely:
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
container exec -it kerberos bash
|
container exec -it kerberos bash
|
||||||
|
|||||||
Reference in New Issue
Block a user