[37236] in Kerberos


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: Can't acquire stored impersonated creds from cache

daemon@ATHENA.MIT.EDU (Greg Hudson)
Mon Sep 21 11:17:25 2015

To: Martin Gee <geemang_2000@yahoo.com>, "kerberos@mit.edu" <kerberos@mit.edu>
From: Greg Hudson <ghudson@mit.edu>
Message-ID: <56001F75.8060708@mit.edu>
Date: Mon, 21 Sep 2015 11:17:09 -0400
MIME-Version: 1.0
In-Reply-To: <1204136508.824972.1442840606723.JavaMail.yahoo@mail.yahoo.com>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu

On 09/21/2015 09:03 AM, Martin Gee wrote:
> OK, I was testing added it via kinit -k -l (shorter life) to see if it
> would refresh (and it wasn't). 

I should note we have an open ticket about this:

    http://krbdev.mit.edu/rt/Ticket/Display.html?id=7976

> QQ) what happens after the "renew until date" expires? I'm assuming I'd
> need to destroy?

The client keytab facility does not use renewals to get new tickets; it
uses the client keytab to get new ones with an AS request.  So the
renew-till date is irrelevant.
________________________________________________
Kerberos mailing list           Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[37236] in Kerberos

Re: Can't acquire stored impersonated creds from cache

daemon@ATHENA.MIT.EDU (Greg Hudson)Mon Sep 21 11:17:25 2015

daemon@ATHENA.MIT.EDU (Greg Hudson)
Mon Sep 21 11:17:25 2015