Enhance README with instructions for using kadmin remotely and locally

2026-05-16 14:50:44 +02:00
parent 7d990d520b
commit f75db61578
1 changed files with 19 additions and 1 deletions
@@ -168,7 +168,25 @@ kdestroy

 ## Managing principals

-Exec into the running container to use `kadmin.local` (no password required):
+### Remote (kadmin)
+
+`kadmin` connects to `kadmind` on port 749 from any machine with a valid `krb5.conf`. Authenticate as a principal with rights in `kadm5.acl`:
+
+```bash
+kadmin -p admin@REALM
+```
+
+With a keytab instead of a password prompt:
+
+```bash
+kadmin -p admin@REALM -k -t /path/to/admin.keytab
+```
+
+All commands below work identically in `kadmin` — replace `kadmin.local` with `kadmin -p admin@REALM`.
+
+### Local (kadmin.local)
+
+Exec into the running container — no authentication required, bypasses `kadmind` entirely:

 ```bash
 container exec -it kerberos bash