On 07/22/2017 12:55 PM, Michael Ströder wrote:
> Are there more complex kadm5.acl examples out there leveraging more complex naming
> schemes for principal instances and realms? Or even more detailed presentations/docs?
You could look at the ACL file written by the automated test script:
Nice to hear that. It would be great to have a kadmin authorization plugin which asks an
external demon (e.g. over Unix domain socket) for the authorization information. So one
would not have to write C plugins.