KRB$ADMIN_HELP.HLB  —  CREATE  PRINCIPAL
      principal_name

      The CREATE PRINCIPAL command is used to create a principal entry.

1  –  Qualifiers

2    /PASSWORD

        /PASSWORD=password

        Specifies the password for the created principal.

3    /POLICY

        /POLICY[=policy]
        /[NO]POLICY (default)

        Specifies the policy for the created principal.

4    /EXPIRATION

        /EXPIRATION=date-time

        Specifies the expiration for the created principal.

5    /PWD_EXPIRATION

        /PWD_EXPIRATION=date-time

        Specifies the expiration for the created principal's password.

6    /TICKET_LIFETIME

        /TICKET_LIFETIME=(field [,...])

        Specifies the ticket lifetime for the created principal.

6.1  –  Fields

        MAX:delta-time

        Specifies the maximum ticket lifetime for the created principal.

7    /RENEWAL_LIFETIME

        /RENEWAL_LIFETIME=(field [,...])

        Specifies the ticket renewal lifetime for the created principal.

7.1  –  Fields

        MAX:delta-time

        Specifies the maximum ticket renewal lifetime for the created
        principal.

8    /KEY_VERSION

        /KEY_VERSION=number

        Specifies the key version number associated with the created
        principal.  This value must be in the range of 0 through 255.

9    /RANDOM

        /RANDOM

        Specifies the random key generation for the created principal.

10    /ATTRIBUTES

        /ATTRIBUTES=([NO]attrname[,...])

        Specifies the attributes associtated with the created principal.

        Keyword               Description

        DISALLOW_POSTDATED    Disallows postdated tickets for this
                              principal.
        DISALLOW_FORWARDABLE  Disallows forwardable tickets for this
                              principal.
        DISALLOW_TGT_BASED    Disallows Ticket-Granting-Service based
                              issuances for this server.
        DISALLOW_RENEWABLE    Disallows renewable tickets for this
                              principal.
        DISALLOW_PROXIABLE    Disallows proxiable tickets for this
                              principal.
        DISALLOW_DUP_SKEY     Disallows duplicate SKEY for this
                              principal.
        DISALLOW_ALL_TIX      Disallows all tickets for this principal.
                              The client or server is locked out.
        REQUIRES_PRE_AUTH     Pre-Authentication is required for this
                              principal.
        REQUIRES_HW_AUTH      Hardware Pre-Authentication is required for
                              this principal.
        REQUIRES_PWCHANGE     Password change is required for this
                              principal.
        DISALLOW_SVR          Disallows service on this server.
        PWCHANGE_SERVICE      The server provides password changing
                              service.
        SUPPORT_DESMD5        RSA-MD5 with DES cbc mode is supported by
                              this principal.

11  –  Examples

      KerberosAdmin> Create Principal TestPrincipal /Password=NewPassword

      Requests the creation of a new principal.
Close Help