Kinit - Renewal Process
Sam Hartman
hartmans at MIT.EDU
Thu Jan 26 18:43:50 EST 2006
>>>>> "ryan" == ryan d jarvis <ryan.d.jarvis at exxonmobil.com> writes:
ryan> I have tried the kinit -R feature, but have been getting the
ryan> following error message: kinit(v5): Internal credentials
ryan> cache error when initializing cache
ryan> MSLSA:rdjarvi at UPSTREAMACCTS.XOM.COM
I would expect your Windows machine to renew the credentials
automatically as they approach expiration.
It may be that if you are using smart cards there is a bug because the
LSA would be able to renew credentials but not obtain new ones.
You can use the ms2mit utility to copy credentials from an MSLSA cache
into an API cache and you can renew them there. Unfortunatly you can
only use the API cache with your MIT KFW applications.
There will be a better solution for Windows Vista and a future version
of KFW. Under that version of KFW, the MSLSA cache is fully writable.
Sam Hartman
Manager, MIT Kerberos Team
More information about the krbdev
mailing list