void *kadm_server_handle = NULL;
kadm5_ret_t status;
kadm5_principal_ent_rec princ;
+ kadm5_policy_ent_rec defpol;
kadm5_config_params realm_params;
char admin_princ[256];
+ long mask = 0;
#ifdef KERBEROS_TEST_REALM
char ubuf[256];
realm_params.mask = 0;
#endif
+ memset(&princ, 0, sizeof(princ));
+
status = krb5_parse_name(context, username, &(princ.principal));
if (status)
return status;
if (status)
goto cleanup;
- status = kadm5_create_principal(kadm_server_handle, &princ,
- KADM5_PRINCIPAL, password);
+ /* Assign "default" policy if it exists. */
+ if (!kadm5_get_policy(kadm_server_handle, "default", &defpol))
+ {
+ princ.policy = "default";
+ mask |= KADM5_POLICY;
+ (void) kadm5_free_policy_ent(kadm_server_handle, &defpol);
+ }
+
+ mask |= KADM5_PRINCIPAL;
+ status = kadm5_create_principal(kadm_server_handle, &princ, mask, password);
cleanup:
krb5_free_principal(context, princ.principal);