The functions kadm5_create_principal(), kadm5_modify_principal(), and kadm5_modify_principal() allow to specify special attributes using a bitfield. The symbols are defined below:
| constant | 
|---|
| KRB5_KDB_DISALLOW_POSTDATED | 
| KRB5_KDB_DISALLOW_FORWARDABLE | 
| KRB5_KDB_DISALLOW_TGT_BASED | 
| KRB5_KDB_DISALLOW_RENEWABLE | 
| KRB5_KDB_DISALLOW_PROXIABLE | 
| KRB5_KDB_DISALLOW_DUP_SKEY | 
| KRB5_KDB_DISALLOW_ALL_TIX | 
| KRB5_KDB_REQUIRES_PRE_AUTH | 
| KRB5_KDB_REQUIRES_HW_AUTH | 
| KRB5_KDB_REQUIRES_PWCHANGE | 
| KRB5_KDB_DISALLOW_SVR | 
| KRB5_KDB_PWCHANGE_SERVER | 
| KRB5_KDB_SUPPORT_DESMD5 | 
| KRB5_KDB_NEW_PRINC |