[Samba] Kerberos settings

[Vaughan, Robert J]

Hello listers

In our environment there have been some changes in AD to what I think might be default Kerberos settings for tickets

ticket_lifetime has been shortened from 24 hrs (default?) to 10 hrs

renew_lifetime has been set at 7d from a default of no limit?

If this makes sense, just wondering if Samba needs to be aware of this (smb.conf: include system krb5 conf = yes)?, which is the default but I had been using "no" for this .. and then adjust those lines in /etc/krb5.conf?

We see a situation where users appear to lose their drive mapping after some period of time where it was working fine, and it made me wonder if it could be related to Kerberos ticket expiration

When they re-map the drive after the disconnect smbstatus shows two sessions for the same user from the same machine to a single share

Thanks,

Robert Vaughan



----------------------------------------------------------------------
This is an e-mail from General Dynamics Land Systems. It is for the intended recipient only and may contain confidential and privileged information.  No one else may read, print, store, copy, forward or act in reliance on it or its attachments.  If you are not the intended recipient, please return this message to the sender and delete the message and any attachments from your computer. Your cooperation is appreciated.