Lars Schimmer wrote: > One of our users try to run a job longer than usual tokens runtime. > Keeping a ssh open for that long time is not wanted. > We use a Win 2003 AD server as a krb5 KDC and krenew just hits > "krenew: error renewing credentials: KDC can't fulfill requested option".
Do you use winbind? Do you have a valid /etc/krb5.conf with kdc entries and renew_lifetime specified? > And if I login as user, hit a screen command, the screen process has > ticket/tokens like login user. I can detach and reattach screen like > usual. But if I detach screen and logoff, ticket/tokens for the running > screen are lost. krenew uses it's own (unique) ticket cache so it should be safe from logoffs. Cheers, Robbert -- Robbert Eggermont Information & Communication Theory [email protected] Electr.Eng., Mathematics & Comp.Science +31 (15) 2783234 Delft University of Technology _______________________________________________ OpenAFS-info mailing list [email protected] https://lists.openafs.org/mailman/listinfo/openafs-info
