shot in the dark: set the max_renewable_lifetime > ticket_lifetime.
Else the ticket becomes invalid and can't be renewed after 5 minutes... KR, Oliver Am 18.07.2012 um 18:06 schrieb Tiago Elvas: > Hi there, > > I am experience problems at the time of ticket renewal. > For this test I am using 5minute tickets (for quick testing) and so: > > # /var/kerberos/krb5kdc/kdc.conf > max_life = 5m 0s > max_renewable_life = 5m 0s > # /etc/krb5.conf > ticket_lifetime = 5m > renew_lifetime = 5m > > The principal in use is named "opends". > > I log in and this is my ticket: > > [opends ~]$ klist -f >> Ticket cache: FILE:/tmp/krb5cc_505 >> Default principal: [email protected] >> Valid starting Expires Service principal >> 07/18/12 18:01:33 07/18/12 18:06:33 krbtgt/[email protected] >> renew until 07/18/12 18:06:33, Flags: FPRIA >> >> Kerberos 4 ticket cache: /tmp/tkt505 >> klist: You have no tickets cached > > > I then do "kinit -R", > > [opends ~]$ kinit -R >> [opends ~]$ echo $? >> 0 >> [opends ~]$ >> [opends@ ~]$ klist -f >> Ticket cache: FILE:/tmp/krb5cc_505 >> Default principal: [email protected] > > Valid starting Expires Service principal >> 07/18/12 18:02:25 07/18/12 18:06:33 krbtgt/[email protected] > > renew until 07/18/12 18:06:33, Flags: FPRIAT >> >> Kerberos 4 ticket cache: /tmp/tkt505 >> klist: You have no tickets cached > > > > Does anybody know why this is happening? > The system is intended to be used along several and "random" days and I > should not get a ticket expired error so it should be automatic (like in a > cronjob doing this kinit -R) > > Thanks in advance. > > Best regards, > Tiago > ________________________________________________ > Kerberos mailing list [email protected] > https://mailman.mit.edu/mailman/listinfo/kerberos
________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
