diff --git a/lib/kadm5/create_c.c b/lib/kadm5/create_c.c
index 391d02e5e..b029344ff 100644
--- a/lib/kadm5/create_c.c
+++ b/lib/kadm5/create_c.c
@@ -39,7 +39,7 @@ kadm5_ret_t
 kadm5_c_create_principal(void *server_handle,
 			 kadm5_principal_ent_t princ, 
 			 u_int32_t mask,
-			 char *password)
+			 const char *password)
 {
     kadm5_client_context *context = server_handle;
     kadm5_ret_t ret;
diff --git a/lib/kadm5/dump_log.c b/lib/kadm5/dump_log.c
index ec3f47cdd..d7b644a36 100644
--- a/lib/kadm5/dump_log.c
+++ b/lib/kadm5/dump_log.c
@@ -36,7 +36,7 @@
 
 RCSID("$Id$");
 
-static char *op_names[] = {
+static const char *op_names[] = {
     "get",
     "delete",
     "create",
@@ -214,7 +214,7 @@ print_entry(kadm5_server_context *server_context,
 }
 
 static char *realm;
-static char *config_file;
+static const char *config_file;
 static int version_flag;
 static int help_flag;
 
diff --git a/lib/kadm5/kadm5-pwcheck.h b/lib/kadm5/kadm5-pwcheck.h
index e5c4effbe..96aff1485 100644
--- a/lib/kadm5/kadm5-pwcheck.h
+++ b/lib/kadm5/kadm5-pwcheck.h
@@ -59,15 +59,15 @@ typedef int
 				   size_t length);
 
 struct kadm5_pw_policy_check_func {
-    char *name;
+    const char *name;
     kadm5_passwd_quality_check_func func;
 };
 
 struct kadm5_pw_policy_verifier {
-    char *name;
+    const char *name;
     int version;
-    char *vendor;
-    struct kadm5_pw_policy_check_func *funcs;
+    const char *vendor;
+    const struct kadm5_pw_policy_check_func *funcs;
 };
 
 #endif /* KADM5_PWCHECK_H */
diff --git a/lib/kadm5/password_quality.c b/lib/kadm5/password_quality.c
index 5763718a8..2fe9182cc 100644
--- a/lib/kadm5/password_quality.c
+++ b/lib/kadm5/password_quality.c
@@ -89,7 +89,7 @@ char_class_passwd_quality (krb5_context context,
 			   char *message,
 			   size_t length)
 {
-    char *classes[] = {
+    const char *classes[] = {
 	"ABCDEFGHIJKLMNOPQRSTUVWXYZ",
 	"abcdefghijklmnopqrstuvwxyz",
 	"1234567890",
@@ -409,10 +409,10 @@ kadm5_add_passwd_quality_verifier(krb5_context context,
  *
  */
 
-static struct kadm5_pw_policy_check_func *
+static const struct kadm5_pw_policy_check_func *
 find_func(krb5_context context, const char *name)
 {
-    struct kadm5_pw_policy_check_func *f;
+    const struct kadm5_pw_policy_check_func *f;
     char *module = NULL;
     const char *p, *func;
     int i;
@@ -456,7 +456,7 @@ kadm5_check_password_quality (krb5_context context,
 			      krb5_principal principal,
 			      krb5_data *pwd_data)
 {
-    struct kadm5_pw_policy_check_func *proc;
+    const struct kadm5_pw_policy_check_func *proc;
     static char error_msg[1024];
     const char *msg;
     char **v, **vp;