[Samba] Kerberos ticket maximum renewable lifetime
Stefan Just
just at tuhh.de
Fri Jul 3 10:33:21 UTC 2020
We are using tmux, screen and x2go to run long-running jobs on our
compute servers. $HOME and other data should be mounted via CIFS or
NFS4. Because such a job can run for more than a week, I would like to
increase the Kerberos ticket lifetime or better the Kerberos ticket
maximum renewable lifetime.
I found this guide:
https://wiki.samba.org/index.php/Samba_KDC_Settings
Unfortunately, only settings that are smaller than the following have an
effect:
kdc:user ticket lifetime = 24
kdc:renewal lifetime = 24
There appears to be an upper limit of 24 hours that none of these
settings can exceed.
Thanks in advance
Am 02.07.20 um 18:55 schrieb Rowland penny via samba:
> On 02/07/2020 17:28, Stefan Just via samba wrote:
>> I would like to set the renewable lifetime to 90 days.
>> What is the best way to set the Kerberos ticket maximum renewable
>> lifetime.
>>
>> ~# smbd --version
>> Version 4.12.2-Ubuntu
>>
>> ~# klist
>> Ticket cache: FILE:/tmp/krb5cc_0
>> Default principal: administrator at MYDOM
>>
>> Valid starting Expires Service principal
>> 07/02/20 18:08:16 07/03/20 04:08:16 krbtgt/MYDOM at MYDOM
>> renew until 07/03/20 18:08:11
>> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>>
>>
> Why on Earth do you want to do that ?
>
> Not sure you can anyway.
>
> Rowland
>
>
>
--
Stefan Just, DV-Systemingenieur | E-Mail: just at tuhh.de
Technische Universität Hamburg, ES (E-13) | Voice: +49 40 42878-3356
Am Schwarzenberg-Campus 3E, D-21073 Hamburg | Fax: +49 40 42731-3612
More information about the samba
mailing list