Unable to create renewable ticket when we switched to a 1.12 KDC
Russ Allbery
eagle at eyrie.org
Fri Aug 21 15:24:23 EDT 2015
Ishaan Joshi <ishaan at cloudera.com> writes:
> Our earlier behaviour was to issue the following kinit to periodically
> renew our daemon's ticket: "kinit -r <time_string> -k -t <keytab>
> <service_name>". The time_string was hard coded to a day. The renewal time
> was controlled by another option that was passed in.
This isn't directly related to the problem that you're having, but you may
want to take a look at:
http://www.eyrie.org/~eagle/software/kstart/
which was designed to do exactly this. It may save you some duplicate
effort.
--
Russ Allbery (eagle at eyrie.org) <http://www.eyrie.org/~eagle/>
More information about the Kerberos
mailing list