524 problems with 1.3.4, and historical issues
Sam Hartman
hartmans at MIT.EDU
Wed Jul 14 13:22:16 EDT 2004
>>>>> "Daniel" == Daniel Henninger <daniel at unity.ncsu.edu> writes:
Daniel> So I attempted to define "SHORT_LIFETIME" in
Daniel> lib/src/krb5/krb/v4lifetime.c, after looking at the code.
Daniel> I thought I'd give it a whirl. That kills the out of
Daniel> bounds error message, but doesn't give me a full length
Daniel> ticket: 07/14/04 10:11:39 07/14/04 21:46:39
Daniel> zephyr.zephyr at EOS.NCSU.EDU
Daniel> So my question here is, what are we doing different from
Daniel> you all up in MIT? Why are we running into these issues
Daniel> and you are not?
Well, I suspect it's probably because our default lifetime is 10 hours
for all tickets.
So, for the combination that gives you a time out of bounds error,
when do you get the error? In particular, do you get it with kvno -4 or only with zwrite?
Are you getting tgts with krb524init or with kinit -4?
n
What versions of client, kdc and krb524d are you using?
Daniel> Am I overlooking some sort of
Daniel> configuration problem? Do you all not use krb4 at all
Daniel> anymore?
I only wish we no longer used krb4.
More information about the Kerberos
mailing list