Klaas Hagemann wrote: > > Jens Kleineheismann schrieb: > > Hi there, > Hi Jens, > > there are tree points where the ticket lifetime is defined: > 1. kdc.conf, you checked this > 2. the principals, you checked this as well > 3. the /etc/krb5.conf on the client side. > There you can define a default ticket lifetime. > > In the section [libdefaults] you can set > ticket_lifetime = <<ticket lifetime in seconds>>
But it is hard coded in the MIT 1.2.6 get_in_tkt.c: 859 if (options && (options->flags & KRB5_GET_INIT_CREDS_OPT_TKT_LIFE)) 860 request.till += options->tkt_life; 861 else 862 request.till += 10*60*60; /* this used to be hardcoded in kinit.c */ so it looks like the [libdefaults] is not used. > > Anyway the lowest value always wins. > > Klaas > > ________________________________________________ > > Kerberos mailing list [EMAIL PROTECTED] > > https://mailman.mit.edu/mailman/listinfo/kerberos > > > > ________________________________________________ > Kerberos mailing list [EMAIL PROTECTED] > https://mailman.mit.edu/mailman/listinfo/kerberos -- Douglas E. Engert <[EMAIL PROTECTED]> Argonne National Laboratory 9700 South Cass Avenue Argonne, Illinois 60439 (630) 252-5444 ________________________________________________ Kerberos mailing list [EMAIL PROTECTED] https://mailman.mit.edu/mailman/listinfo/kerberos
