Provided by: krb5-wallet-server_1.7_all bug

NAME
       Wallet::Kadmin::MIT - Wallet Kerberos administration API for MIT


SYNOPSIS
           my $kadmin = Wallet::Kadmin::MIT->new;
           $kadmin->create ('host/foo.example.com');
           my $data = $kadmin->keytab_rekey ('host/foo.example.com',
                                             'aes256-cts-hmac-sha1-96');
           $data = $kadmin->keytab ('host/foo.example.com');
           my $exists = $kadmin->exists ('host/oldshell.example.com');
           $kadmin->destroy ('host/oldshell.example.com') if $exists;


DESCRIPTION
       Wallet::Kadmin::MIT implements the Wallet::Kadmin API for MIT Kerberos, providing an interface to create
       and delete principals and create keytabs.  It provides the API documented in Wallet::Kadmin for an MIT
       Kerberos KDC.

       MIT Kerberos does not provide any method via the kadmin network protocol to retrieve a keytab for a
       principal without rekeying it, so the keytab() method (as opposed to keytab_rekey(), which rekeys the
       principal) is implemented using a remctl backend.  For that method (used for unchanging keytab objects)
       to work, the necessary wallet configuration and remctl interface on the KDC must be set up.

       To use this class, several configuration parameters must be set.  See "KEYTAB OBJECT CONFIGURATION" in
       Wallet::Config for details.


FILES
       KEYTAB_TMP/keytab.<pid>
           The  keytab  is  created  in  this  file  and then read into memory.  KEYTAB_TMP is set in the wallet
           configuration, and <pid> is the process ID of the current process.  The file is unlinked after  being
           read.


LIMITATIONS
       Currently,  this  implementation  calls an external kadmin program rather than using a native Perl module
       and therefore requires kadmin be installed and parses its output.  It may miss some error  conditions  if
       the output of kadmin ever changes.


SEE ALSO
       kadmin(8), Wallet::Config(3), Wallet::Kadmin(3), Wallet::Object::Keytab(3), wallet-backend(8)

       This   module   is   part   of   the   wallet   system.    The   current   version   is   available  from
       <https://www.eyrie.org/~eagle/software/wallet/>.


AUTHORS
       Russ Allbery <eagle@eyrie.org> and Jon Robertson <jonrober@stanford.edu>.

perl v5.40.0                                       2024-11-12                           Wallet::Kadmin::MIT(3pm)