mkkrb5clnt command

Purpose

Configures a Kerberos client.

Syntax

mkkrb5clnt -h | -r <realm> { -c <KDC> -s <server> | -l {ldapserver | ldapserver:port} [-c <KDC> -s<server>] } [-a<admin> ] -d <domain> [-A] [-i <database>] [-K] [-T] | -i <database> | -U [-a <admin>]

Description

The mkkrb5clnt command configures a Kerberos client.

Flags

-h	Specifies that the command will only display the valid command syntax
-c KDC	Specifies the KDC server
-r realm	Specifies the full realm name for which the Kerberos client is to be configured.
-s server	Specifies the fully qualified host name for Kerberos admin server
-U	Undo the setup from the previous configuration command
-a admin	Specifies the principal name of the Kerberos server admin
-d domain	Specifies the complete domain name for the Kerberos client
-A	Specifies root to be added as a Kerberos administrative user
-i database	Configures integrated Kerberos authentication
-K	Specifies Kerberos to be configured as the default authentication scheme
-T	Specifies the flag to acquire the server administration TGT based administration ticket.
-l ldapserver \| ldapserver:port	For clients, specifies the LDAP directory server to use for Administration server and KDC discovery using LDAP. If the -l flag is used, then the KDC and server flags are optional. If the -l option is not used, the KDC and server flags must be specified. The port number can optionally be specified.

Exit Status

Return code	Description
0	Success
1	Invalid flag, argument, or command failure

Examples

To display the command syntax, type the following command:
```
mkkrb5clnt -h
```
To configure testbox.com as the client, make root as the server admin, configure integrated login, configure Kerberos as default authentication scheme, type the following command:
```
mkkrb5clnt -c bob.kerberso.com -r KERBER.COM -s bob.kerberso.com -d testbox.com 
 -A -i files -K -T
```