On Thu, 2011-05-26 at 04:58 -0400, Bjørge Solli wrote: > I have a situation when testing our brand new NetApp (NAS) as NFS4+krb5 > home dirs. Tickets from our KDC dissapears, but seems to have no affect > on usage, and then appears again by itself after some time. We don't do > anything active to get the ticket back, but I gather something is > triggering it. The strange thing is that I was expecting the lack of > ticket to shut the user out from his home dir.
Everything other than the krbtgt ticket is just a performance optimization; service tickets are obtained from the KDC when necessary. The lack of a service ticket in the ccache does not generally result in denial of service. I suspect the service ticket is "disappearing" when tickets are obtained or renewed, and reappearing when rpc.gssd needs to establish a new security context with the NFS server. I can't say for sure, though. ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
