[39068] in Kerberos
Creating a principal using the kadmin C API
daemon@ATHENA.MIT.EDU (Lars Francke)
Thu Apr 7 16:24:16 2022
MIME-Version: 1.0
From: Lars Francke <lars.francke@gmail.com>
Date: Thu, 7 Apr 2022 22:19:50 +0200
Message-ID: <CAD-Ua_ifa=vo4PEzy3kx-5FB3J+hhN_2BTuS7O=E+hfudRbV4Q@mail.gmail.com>
To: kerberos@mit.edu
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu
Hi everyone,
we're trying to create principals and keys using the kadmin C API.
The normal API has some documentation[1] but unfortunately the kadmin API
doesn't have any we could find.
We tried to use kadm5_create_principal_3 and kadm5_randkey_principal_3 but
we seem to be running into an issue. Ideally we'd like to call this
function with a handle (+ context) with an in-memory krb5.conf but that
does not seem to work so we create the files and refer to them in the
profile but kadmin still seems to load (is this related to the
"alt_profile"?) a file from a default location which means it'll use the
wrong connection details.
I am sorry for the vague description, it's been two weeks since we tried
and I only now get around to writing it down. I'm happy to provide more
details.
In general though my question is whether there's a good way (maybe even an
example and/or docs) to programatically create principals and keys using
the kadmin API without resorting to calling kadmin and parsing stdout etc.
Thank you very much for your help.
Cheers,
Lars
[1] <https://web.mit.edu/kerberos/krb5-1.19/doc/appdev/refs/api/index.html>
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
