Hello David/Lukas
Thank you for your assistance so far. I still have the problem and not
even sure what to look at next. We are still seeing key expiry error
from NFS even after the proposed changes.
[william@silicon ~]$ ssh iron
Last login: Wed Mar 1 19:26:56 2017 from silicon.eng.example.com
On (16/02/17 18:05), William Muriithi wrote:
>> The fact that your desktops are using SSSD changes the situation
>> dramatically.
>>
>> SSSD (with ipa or krb5 provider) obtains ticket for user when he is
>> logging-in.
>> And can be configured to renew the ticket for the user until the ticket
On Thu, Feb 16, 2017 at 06:05:48PM -0500, William Muriithi wrote:
> David
>
>
> >
> > The fact that your desktops are using SSSD changes the situation
> > dramatically.
> >
> > SSSD (with ipa or krb5 provider) obtains ticket for user when he is
> > logging-in.
> > And can be configured to
David
>
> The fact that your desktops are using SSSD changes the situation dramatically.
>
> SSSD (with ipa or krb5 provider) obtains ticket for user when he is
> logging-in.
> And can be configured to renew the ticket for the user until the ticket renew
> life time expires.
>
> Given this you
On Thu, Feb 16, 2017 at 07:54:47AM -0500, William Muriithi wrote:
> Morning David,
>
> Thank you very much for your help.
>
> > first you're mentioning "key expiry" but if I understand correctly you're
> > interested in "ticket lifetime".
> Yes, want to increase ticket lifetime.
> >
> > As
Morning David,
Thank you very much for your help.
> first you're mentioning "key expiry" but if I understand correctly you're
> interested in "ticket lifetime".
Yes, want to increase ticket lifetime.
>
> As mentioned here [1] the ticket lifetime is the minimum of 4 values:
> 1) maxlife for the
On Wed, Feb 15, 2017 at 02:13:04PM -0500, William Muriithi wrote:
> Hello
>
> We are currently mostly using RHEL 6 on the clients but IPA is on RHEL
> 7.3. I am using Kerberos to authenticate NFS mount and its working
> fine. However, there is a lot of users who are complaining that its
>
Hello
We are currently mostly using RHEL 6 on the clients but IPA is on RHEL
7.3. I am using Kerberos to authenticate NFS mount and its working
fine. However, there is a lot of users who are complaining that its
causing too much problems. They are all related to key expiry
I have looked at
