Jakub - Thanks for the info! I didn't know about keytabs. Much
appreciated. - Mark
https://kb.iu.edu/d/aumh
On 9/4/2017 2:16 PM, Jakub Hrozek wrote:
On Mon, Sep 04, 2017 at 01:06:22PM -0400, Mark London wrote:
Sumit - Thanks for the info. Some of our users do work directly at the
worksta
On Mon, Sep 04, 2017 at 01:06:22PM -0400, Mark London wrote:
> Sumit - Thanks for the info. Some of our users do work directly at the
> workstation, so I'm glad to hear that they would get a fresh Kerberos
> ticket, when they would have to login via the screen saver, on a daily
> basis.. However
Sumit - Thanks for the info. Some of our users do work directly at the
workstation, so I'm glad to hear that they would get a fresh Kerberos
ticket, when they would have to login via the screen saver, on a daily
basis.. However, some of these same users, ssh to other workstations,
to run job
On Fri, Sep 01, 2017 at 04:53:03PM -0400, Mark London wrote:
> Lukos - Thanks for responding. You stated that the krb5 ticket is
> "renewed" after each authentication. What are all the methods
> "authentication"? I.e. when a user logs in using SSSD, that authenticates
> against Kerberos, (in
Lukos - Thanks for responding. You stated that the krb5 ticket is
"renewed" after each authentication. What are all the methods
"authentication"? I.e. when a user logs in using SSSD, that
authenticates against Kerberos, (in our case, that is a Windows server),
the person gets a Kerberos t
On (01/09/17 12:01), Mark London wrote:
>On 9/1/2017 10:30 AM, John Hodrien wrote:
>> On Fri, 1 Sep 2017, Michal Židek wrote:
>>
>> > See man sssd-krb5 and option:
>> > krb5_renew_interval
>> >
>> > Is this what you are looking for? Look for other options
>> > in that man page too, maybe you will
On 9/1/2017 10:30 AM, John Hodrien wrote:
On Fri, 1 Sep 2017, Michal Židek wrote:
See man sssd-krb5 and option:
krb5_renew_interval
Is this what you are looking for? Look for other options
in that man page too, maybe you will need some of them.
If this is against a typical AD installation, t
On Fri, 1 Sep 2017, Michal Židek wrote:
See man sssd-krb5 and option:
krb5_renew_interval
Is this what you are looking for? Look for other options
in that man page too, maybe you will need some of them.
If this is against a typical AD installation, that'll get you automatic
certificate renewa
On 09/01/2017 04:10 PM, Mark London wrote:
Hi - Is it possible to have a Kerberos ticket constantly being renewed as long
as a person is still logged in? We want to kerberize our nfs mount points,
which hosts the users' home directories. It would, of course, cause a major
problem, if the t