next up previous contents
Next: Policies and Password Quality Up: Kerberos Administration System KADM5 Previous: Introduction   Contents

Versions of the API

The versions of this API and a brief description of the changes for each are:

KADM5_API_VERSION_1
The initial version of this API, written by OpenVision Technologies and donated to MIT for including in the public release. Originally called OVSEC_KADM_API_VERSION_1. Most everything has been renamed in one way or another, including functions, header files, and data structures. Where possible, the old OVSEC_KADM names have been left behind for compatibility with version 1, and KADM5_API_VERSION_1 is compatible with OVSEC_KADM_API_VERSION_1 at compile-, link-, and run-time.

The OVSEC_KADM name compatibility will not be extended to new functionality in future versions because no existing OVSEC_KADM clients will use that functionality; new clients should be written to the KADM5 API.

KADM5_API_VERSION_2
This version contains the initial changes necessary to make the OpenVision administration system work with the mid-1996 MIT version of Kerberos 5. Changes include
  1. The kadm5_init functions now take a structure of parameters instead of just a realm name, allowing the calling program to specify non-default values for various configuration options. See section 4.3 for details.

  2. The KADM5 API has been extended to support new features of the Kerberos database, including multiple encryption and salt types per principal. See section 4.4 for details.

  3. kadm5_get_principal now allows a principal's keys to be retrieved by local clients only. This is necessary in order for the kadm5 API to provide the primary Kerberos database interface.

  4. The KADM5 authorization system has been completely changed.

  5. The functions kadm5_flush, kadm5_get_principals, and kadm5_get_policies have been added.

  6. The KADM5 API now obeys a caller-allocates rather than callee-allocates system. kadm5_get_principal and kadm5_get_policy are affected.


next up previous contents
Next: Policies and Password Quality Up: Kerberos Administration System KADM5 Previous: Introduction   Contents
Autobuild 2006-06-16