You are not going to get a ticket lifetime for longer then the initial TGT
(ticket granting ticket) is good for. It is a function of the Kerberos
protocol. You will have to have a password or keyfile(srvtab) if you want
tokens "renewed". Look at the reauth code for examples. it is in:
/afs/transarc.com/public/afs-contrib/tools/{reauth,reauth-example}
If you have a mixed AFS/MIT Kerberos environment I have a similar tool that
uses a srvtab file and pulls the key from their. I mainly use it for
authenticated mail delivery to AFS space as my mailservers are just AFS
clients and I do not want to leave clear text password around. It is in:
/afs/glue.umd.edu/project/glue/kerberos/v4-contrib/ksrvtoken
Randall
On Thu, 20 Jun 1996 [EMAIL PROTECTED] wrote:
: I have a program which tries to renew the token for a group
: of processes with a common PAG; it is simply executed by
: one of the processes. The operative bit of the code is this:
:
: ka_Init(0);
: ka_GetAuthToken(username, "", realm, &key, 260000);
: ka_GetServerToken("afs", "", NULL, 260000, &token);
: ktc_SetToken(&service, &token, &client, 0);
:
: The problem is that the new token does not seem to extend the
: time that the old token is valid. I am getting a new token,
: since if I run the program with token for user 123, I get a token
: for user 456. But the new token expires at the same time as the
: previous token expired; it does not extend the time of validity.
:
: -- Owen
: [EMAIL PROTECTED]
:
