[36805] in Kerberos
Re: Issues after switching from file- to LDAP-Backend
daemon@ATHENA.MIT.EDU (Greg Hudson)
Thu Feb 19 10:55:46 2015
Message-ID: <54E60773.6040805@mit.edu>
Date: Thu, 19 Feb 2015 10:55:31 -0500
From: Greg Hudson <ghudson@mit.edu>
MIME-Version: 1.0
To: Marc Richter <mail@marc-richter.info>, kerberos@mit.edu
In-Reply-To: <54E5FE5F.4030408@marc-richter.info>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu
On 02/19/2015 10:16 AM, Marc Richter wrote:
> kinit: Invalid format of Kerberos lifetime or clock skew string while
> getting initial credentials
I believe that error results from these lines in krb5.conf:
ticket_lifetime = 10 hours
renew_lifetime = 7 days
These should be "10h" and "7d", as documented in:
http://web.mit.edu/kerberos/krb5-latest/doc/basic/date_format.html#time-duration
This error originates in the client, and should happen consistently
regardless of whether you are using the DB2 or LDAP KDB modules on the KDC.
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
