Hi,
I'm currently running a test cell and would like to increase the default
afs ticket length from 12 to 24 hours. We're using MIT Kerberos 5 with
openafs-1.2.3 on Debian servers and Redhat-7.2 clients. I've got the KDC
configured to generate 24 hour TGTs and all principals in the Kerberos
database are set with a maxlife of above 24 hours. The pam_krb5afs.so is
set with a ticket_lifetime=86000 (seconds) for 24 hours in the auth
stanza... so, when a user logs in (s)he gets a 24 hour TGT, a 22 hour V4
conversion of the TGT why only 22 hours?), and an afs ticket of 12 hours:
Default principal: [EMAIL PROTECTED]
Valid starting Expires Service principal
03/15/02 10:52:30 03/16/02 10:45:48 [EMAIL PROTECTED]
renew until 03/16/02 10:45:48
Kerberos 4 ticket cache: /tmp/tkt1126_WCqcDv
Principal: [EMAIL PROTECTED]
Issued Expires Principal
03/15/02 10:52:30 03/16/02 08:07:30 [EMAIL PROTECTED]
03/15/02 10:52:29 03/15/02 22:37:29 [EMAIL PROTECTED]
the afs principal is set to a maxlife of 24 hours as well. So, does
anyone know how I can force a new afs ticket length on login?
Thanks!
--Maynard
_______________________________________________
OpenAFS-info mailing list
[EMAIL PROTECTED]
https://lists.openafs.org/mailman/listinfo/openafs-info
