Okay, maxrenewlife changes are in effect and solved the
creds problem, but the fresh token still only has a
lifetime of 24hrs.
[ Thanks for all the replies, BTW ]
Jeffrey Altman wrote:
Jeff Blaine wrote:
This is MIT Kerberos as shipped with RHELv4.
ticket_lifetime = 2d in [libdefaults] of krb5.conf buys
me nothing. ticket_lifetime is not a documented option
for [libdefaults] according to the official MIT docs.
ticket_lifetime=2d as an option to pam_krb5RA.so buys
me nothing.
Not in the version of Kerberos shipped by Red Hat.
Valid starting Expires Service principal
07/12/07 17:25:36 07/13/07 17:25:36 krbtgt/[EMAIL PROTECTED]
renew until 07/12/07 17:25:36
07/12/07 17:25:36 07/13/07 17:25:36 [EMAIL PROTECTED]
renew until 07/12/07 17:25:36
That's because ...
Maximum renewable life: 0 days 00:00:00
You are not permitting a renewable ticket lifetime longer than your
ticket expiration time.
_______________________________________________
OpenAFS-info mailing list
[email protected]
https://lists.openafs.org/mailman/listinfo/openafs-info
