Max renewable lifetime issues
Tiago Elvas
tiagoelvas at gmail.com
Wed Mar 13 16:48:46 EDT 2013
Thanks a lot Benjamin! I'll try that tomorrow, hope it'l work :)
On Wed, Mar 13, 2013 at 7:44 PM, Benjamin Kaduk <kaduk at mit.edu> wrote:
> On Wed, 13 Mar 2013, Tiago Elvas wrote:
>
> Hi all,
>>
>> I am having a problem in my system which I do not understand why it's
>> happening.
>> Firstly, I have a KDC running on a RedHat 5.7 machine. I have the
>> parameter
>> maximum_renewable_life as 5000days in kdc.conf and krb5.conf. For each
>> user
>> I have added, I also configured as 5000days max_renewable_life.
>> However, I am experiencing two different situations:
>>
>> 1. In Linux clients, I only have 1000days as max_renewable_life.
>> 2. In windows clients (kerberos for windows), I am getting only 30
>> days..!?
>>
>
> In the KfW 4.0 series, the Ticket Manager's "Get Ticket" dialog box has a
> slider for both ticket lifetime and ticket renewable lifetime; the default
> maximum renewable lifetime for this slider is 30 days. This is purely an
> artifact of the GUI application; the kinit.exe utility does not have such a
> limitation.
>
> The bounds of the sliders can be changed by setting registry keys
> {HKCU,HKLM}\Software\MIT\**Leash\{renew,life}_{min,max} of type DWORD.
> The value is measured in minutes.
>
> -Ben Kaduk
>
More information about the Kerberos
mailing list