Next: , Previous: Retrieving the List of Policies, Up: Policies


5.4.3 Adding or Modifying Policies

To add a new policy, use the kadmin add_policy command, which requires the “add” administrative privilege. The syntax is: 

     add_policy [options] policy_name

To modify attributes of a principal, use the kadmin modify_policy command, which requires the “modify” administrative privilege. The syntax is: 

     modify_policy [options] policy_name

add_policy has the alias addpol. modify_poilcy has the alias modpol.

The add_policy and modify_policy commands take the following switches:

-maxlife time
Sets the maximum lifetime of a password to time.
-minlife time
Sets the minimum lifetime of a password to time.
-minlength length
Sets the minimum length of a password to length characters.
-minclasses number
Requires at least number of character classes in a password.
-history number
Sets the number of past keys kept for a principal to number.