keytab remove

keytab remove keytab_name_list -member principal_name_list
[-version key_version] [-type key_type] [-noprivacy] [-local]

Options

-member principal_name_list
Specifies a list of one or more principal names of members to be removed from the key table.

-version key_version
Specifies a version number for the key.

-type key_type
Specifies whether the key is a des (data encryption standard) key or a plain key.

-noprivacy
Specifies that key tables are sent over the network unencrypted.

-local
Specifies that the remove operation operates on local files only.

Description
The keytab remove operation removes a member from a key table. The argument is a list of names of key tables from which to remove members. The value of the required -member option is a list of names of principals to be removed from the key tables listed in the argument. The two options -version and -type can be used to limit the keys removed. If either or both of these options is present, then only keys matching the values of these options are removed. The value of the -version option can be a list of version numbers. Returns an empty string on success.

Privileges Required
You must have x (execute) permission to the keytab object on the host.

Examples
The following example removes all des keys for principal D_Britt:

dcecp> keytab remove <keytabname> -member D_Britt -type des
dcecp>