kerberos ticket lifetime in Heimdal
Russ Allbery
rra at stanford.edu
Tue Jan 1 23:29:44 EST 2008
Victor Sudakov <vas at mpeks.no-spam-here.tomsk.su> writes:
> Running "kinit -l3d" or setting ticket_lifetime in krb5.conf results
> in TGT's lifetime being 3 days, however all service tickets' lifetime
> is still 1 day, like this:
>
> Issued Expires Principal
> Jan 2 09:27:44 Jan 5 09:27:44 krbtgt/SIBPTUS.TOMSK.RU at SIBPTUS.TOMSK.RU
> Jan 2 09:27:47 Jan 3 09:27:47 host/big.sibptus.tomsk.ru at SIBPTUS.TOMSK.RU
>
> How can I configure Kerberos so that all service tickets also get a
> lifetime of 3 days?
You probably need to change the maximum ticket lifetime for all of those
principals in the KDC.
--
Russ Allbery (rra at stanford.edu) <http://www.eyrie.org/~eagle/>
More information about the Kerberos
mailing list