[Samba] How are tickets used by Samba in an Active Directory environment?

[Jose Perez]

Hi there:

I'm just setting up a Samba as member of an Active Directory Domain. I
followed instructions according to a lof of sites that mentions that we must
configure NTP, Kerberos, Winbind, among others. Then mention that I should
run kinit + bla bla bla.

OK this works fine, but I'm not pretty sure about how Kerberos really works
with Samba and when tickets are needed:

1. After a ticket expires Samba still works fine, users can access shares
without problems. Why?
2. Do I need to renew a ticket to get some functionality work after or
before doing something?
3. Who's reponsible of renewing tickets?

I was searching at Google about Samba, Kerberos, Active Directory and
tickets purporse but I didn't find a good explanation. I'd just like to know
if I just configure some Kerberos params at the Active Directory Server, or
maybe configure a cron to renew tickets or maybe if I just should run kinit
once and then forget about Kerberos forever.

Could someone point me to a link where some good explanation about these
components if available? Because I'm about to release a server in production
and I want to be careful.

Thanks a lot