Am 09.08.2012 15:42, schrieb Matt Garman: > We have a situation where users stay logged on for literally days or > even weeks at a time for very long-running simulation jobs. So the > default max ticket life of one day isn't really appropriate for us. > > It seems that there are two solutions to this dilemma: (1) a much > longer max ticket life or (2) some kind of auto-renewal scheme. > > Perhaps I didn't look hard enough, but I haven't been able to find a > discussion on why one might choose one option over the other. I was > hoping some of the list members might weigh in with their thoughts. > > Thanks! > Matt > ________________________________________________ > Kerberos mailing list [email protected] > https://mailman.mit.edu/mailman/listinfo/kerberos >
if a ticket has been issued to the client, the KDC cannot revoke that ticket, even if the client is deleted or disabled. But if the client needs to do a renew request from time to time, the KDC might not issue new tickets if the client is deleted or disabled. -- Mark Pröhl [email protected] www.kerberos-buch.de ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
