Hi, I have setup Kerberos in my CentOS cluster, added principals and modified their ticket_lifetime and renew_lifetime for 1 year. From "kadmin.local", I entered the command "getprinc <princ>" to get the setting details for the pincipal and verified the modifications.
Doing "kinit" and the "klist" for the principal, I can see the ticket lifetime and renewal lifetime - both are set to 365 days. Hence, TGT for the principal should be valid till 1 year, and I need not kinit before that. But all of a sudden, after few days, the TGT got destroyed automatically for the principal. I confirmed it with the "klist" command. I had to do kinit again for the principal. The principal got valid TGT near about same time across the cluster. Only in 1 machine, it got destroyed. Again after few days, TGT got destroyed in 2 other machines for a principal (This time for a different principal), but in other machines they are alive. This is a strange behaviour as I am manually not using the "kdestroy" command. Has anyone faced a similar issue? How can I track what's going wrong with the TGT? Which logs will tell me that when and how the TGT is getting destroyed? Thanks, Gaurav ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
