Hi,
We have a few machines that joined a FreeIPA instance. We use NFSv4 + kerberos to mount home directories.
However, if the user do not log on to the machine for more than 7 days, and he leaves a job executing and that writes to some file on his home directory, the cpu usage of the machine goes up to the sky and the machine gets almost unusable.
Is there a good strategy to fetch new TGT's when near expiration? I know some users generate a key tab (or fetch them using ipa-getkeytab) to automate a kinit, but I wonder if we could come with a system-wide solution that doesn't lead to storing key tabs around.
Any tips for that? Best, -- Francis Augusto Medeiros-Logeay Oslo, Norway _______________________________________________ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
