• Common Maintenance Tasks
• Adding an admin principal

On all KDCs:

1. Open  /etc/heimdal-kdc/kadmind.acl 

2. Add "$NEWUSER/admin@CLUB.CC.CMU.EDU all *@CLUB.CC.CMU.EDU" and "$NEWUSER/admin@CLUB.CC.CMU.EDU all */*@CLUB.CC.CMU.EDU" to the file above the line for contribkey@CLUB.CC.CMU.EDU

On all KDCs and fileservers (make sure you modify the AFS server/UserList on all of them!):

/etc/openafs/server/UserList

On any one machine with an afs client, as admin, run:

pts cu $NEWUSER.admin 
pts adduser $NEWUSER.admin system:administrators

CategoryAccountManagement