|
Hopefully, this page is exactly what you are looking for, but if not, you can always find further assistance on Unix/Linux Forum!
System Administration Commands gsscred(1M)
NAME
gsscred - add, remove and list gsscred table entries
SYNOPSIS
gsscred [ -n user [-o oid] [-u uid]] [-c comment] -m mech
-a
gsscred [ -n user [-o oid]] [-u uid] [-m mech] -r
gsscred [ -n user [-o oid]] [-u uid] [-m mech] -l
DESCRIPTION
The gsscred utility is used to create and maintain a mapping
between a security principal name and a local UNIX uid. The
format of the user name is assumed to be GSS_C_NT_USER_NAME.
You can use the -o option to specify the object identifier
of the name type. The OID must be specified in dot-separated
notation, for example: 1.2.3.45464.3.1
The gsscred table is used on server machines to lookup the
uid of incoming clients connected using RPCSEC_GSS.
When adding users, if no user name is specified, an entry is
created in the table for each user from the passwd table. If
no comment is specified, the gsscred utility inserts a com-
ment that specifies the user name as an ASCII string and the
GSS-APIsecurity mechanism that applies to it. The security
mechanism will be in string representation as defined in the
/etc/gss/mech file.
The parameters are interpreted the same way by the gsscred
utility to delete users as they are to create users. At
least one of the following options must be specified: -n,
-u, or -m. If no security mechanism is specified, then all
entries will be deleted for the user identified by either
the uid or user name. If only the security mechanism is
specified, then all user entries for that security mechanism
will be deleted.
Again, the parameters are interpreted the same way by the
gsscred utility to search for users as they are to create
users. If no options are specified, then the entire table is
returned. If the user name or uid is specified, then all
entries for that user are returned. If a security mechanism
is specified, then all user entries for that security
mechanism are returned.
OPTIONS
-a Add a table entry.
SunOS 5.10 Last change: 11 Feb 2004 1
System Administration Commands gsscred(1M)
-c comment Insert comment about this table entry.
-l Search table for entry.
-m mech Specify the mechanism for which this name is
to be translated.
-n user Specify the optional principal name.
-o oid Specify the OID indicating the name type of
the user.
-r Remove the entry from the table.
-u uid Specify the uid for the user if the user is
not local.
EXAMPLES
Example 1: Creating a gsscred Table for the Kerberos v5
Security Mechanism
The following shows how to create a gsscred table for the
kerberos v5 security mechanism. gsscred obtains user names
and uid's from the passwd table to populate the table.
example% gsscred -m kerberos_v5 -a
Example 2: Adding an Entry for root/host1 for the Kerberos
v5 Security Mechanism
The following shows how to add an entry for root/host1 with
a specified uid of 0 for the kerberos v5 security mechanism.
example% gsscred -m kerberos_v5 -n root/host1 -u 0 -a
Example 3: Listing All User Mappings for the Kerberos v5
Security Mechanism
SunOS 5.10 Last change: 11 Feb 2004 2
System Administration Commands gsscred(1M)
The following lists all user mappings for the kerberos v5
security mechanism.
example% gsscred -m kerberos_v5 -l
Example 4: Listing All Mappings for All Security Mechanism
for a Specified User
The following lists all mappings for all security mechanisms
for the user bsimpson.
example% gsscred -n bsimpson -l
EXIT STATUS
The following exit values are returned:
0 Successful completion.
>0 An error occurred.
ATTRIBUTES
See attributes(5) for descriptions of the following attri-
butes:
____________________________________________________________
| ATTRIBUTE TYPE | ATTRIBUTE VALUE |
|_____________________________|_____________________________|
| Availability | SUNWgss |
|_____________________________|_____________________________|
| Interface Stability | Evolving |
|_____________________________|_____________________________|
SEE ALSO
gssd(1m), See gsscred.conf(4), attributes(5)
NOTES
Some GSS mechanisms, such as kerberos_v5, provide their own
authenticated-name-to-local-name (uid) mapping and thus do
not usually have to be mapped using gsscred. See
gsscred.conf(4) for more information.
SunOS 5.10 Last change: 11 Feb 2004 3
Man(1) output converted with
man2html and wrapped by fishsponge
This page was generated on Wed Sep 12 11:26:02 GMT 2007
|
Your favourite pages:
No pages logged yet.
Trying to save cookie... Top 10 most popular pages:
sqlite3 man page (5334 hits)
(openSUSE 10.2)
svn man page (5209 hits)
(FreeBSD 6.2)
adv_cap_autoneg man page (4870 hits)
(Solaris 10 11_06)
CPAN man page (4607 hits)
(Suse Linux 10.1)
ssh man page (4342 hits)
(Suse Linux 10.1)
ssh-socks5-proxy-connect man page (2884 hits)
(Solaris 10 11_06)
netcat man page (2717 hits)
(Suse Linux 10.1)
pprosetup man page (2492 hits)
(Solaris 10 11_06)
startproc man page (2471 hits)
(Suse Linux 10.1)
signal man page (2408 hits)
(Suse Linux 10.1)
|
Man Pages 
