Can't acquire stored impersonated creds from cache
Greg Hudson
ghudson at mit.edu
Mon Sep 21 11:17:09 EDT 2015
On 09/21/2015 09:03 AM, Martin Gee wrote:
> OK, I was testing added it via kinit -k -l (shorter life) to see if it
> would refresh (and it wasn't).
I should note we have an open ticket about this:
http://krbdev.mit.edu/rt/Ticket/Display.html?id=7976
> QQ) what happens after the "renew until date" expires? I'm assuming I'd
> need to destroy?
The client keytab facility does not use renewals to get new tickets; it
uses the client keytab to get new ones with an AS request. So the
renew-till date is irrelevant.
More information about the Kerberos
mailing list