On Thu, Aug 09, 2012 at 08:42:14AM -0500, Matt Garman wrote: > We have a situation where users stay logged on for literally days or > even weeks at a time for very long-running simulation jobs. So the > default max ticket life of one day isn't really appropriate for us. > > It seems that there are two solutions to this dilemma: (1) a much > longer max ticket life or (2) some kind of auto-renewal scheme. > > Perhaps I didn't look hard enough, but I haven't been able to find a > discussion on why one might choose one option over the other. I was > hoping some of the list members might weigh in with their thoughts.
As an aside, Solaris provides a krb warning daemon, ktkt_warnd, that both warns users when their TGT cred is about to expire and cannot be renewed and auto-renews it depending on the configuration. -- Will Fiveash Oracle Solaris Software Engineer http://opensolaris.org/os/project/kerberos/ Sent using mutt, a sweet, text based e-mail app <http://www.mutt.org/> ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
