classes in it.
\item[pw_history_num] The number of past passwords that are
-stored for the principal; its maximum value is 10. A principal cannot
-set its password to any of its previous pw_history_num passwords.
+stored for the principal; the minimum value is 1 and the maximum value
+is 10. A principal cannot set its password to any of its previous
+pw_history_num passwords. The first ``previous'' password is the
+current password; thus, a principal with a policy can never reset its
+password to its current value.
\item[policy_refcnt] The number of principals currently using this policy.
A policy cannot be deleted unless this number is zero.
\item Check to see if source principal exists, if not return
OVSEC_KADM_UNK_PRINC error.
\item Check to see if target exists, if so return OVSEC_KADM_DUP error.
-\item Rename principal.
+\item Create the new principal named target, then delete the old
+principal named source. All of target's fields will be the same as
+source's fields, except that mod_name and mod_date will be updated to
+reflect the current caller and time.
\end{enumerate}
Note that since the principal name may have been used as the salt for