#include <com_err.h>
+#define KRB5_DEPRECATED 1
+#define KRB5_PRIVATE 1
+
#ifdef KRB4
#include <des.h>
#include <kadm.h>
#ifdef KRB5
#include <kadm5/admin.h>
#include <krb5.h>
-#include <krb.h>
krb5_context context;
#endif
void *kadm_server_handle = NULL;
kadm5_ret_t status;
kadm5_principal_ent_rec princ;
+ kadm5_policy_ent_rec defpol;
kadm5_config_params realm_params;
char admin_princ[256];
+ long mask = 0;
#ifdef KERBEROS_TEST_REALM
char ubuf[256];
realm_params.mask = 0;
#endif
+ memset(&princ, 0, sizeof(princ));
+
status = krb5_parse_name(context, username, &(princ.principal));
if (status)
return status;
if (status)
goto cleanup;
- status = kadm5_create_principal(kadm_server_handle, &princ,
- KADM5_PRINCIPAL, password);
+ /* Assign "default" policy if it exists. */
+ if (!kadm5_get_policy(kadm_server_handle, "default", &defpol))
+ {
+ princ.policy = "default";
+ mask |= KADM5_POLICY;
+ (void) kadm5_free_policy_ent(kadm_server_handle, &defpol);
+ }
+
+ mask |= KADM5_PRINCIPAL;
+ status = kadm5_create_principal(kadm_server_handle, &princ, mask, password);
cleanup:
krb5_free_principal(context, princ.principal);
unsigned long *lkey = (unsigned long *)key;
if ((status = krb_get_svc_in_tkt(MOIRA_SNAME, shorthostname, realm,
- PWSERV_NAME, KADM_SINST, 1, KEYFILE)))
+ PWSERV_NAME, KADM_SINST, 3, KEYFILE)))
return status;
if ((status = kadm_init_link(PWSERV_NAME, KADM_SINST, realm)) !=