Home Forums OS X Server and Client Discussion Misc. Kerberos problems

Viewing 3 posts - 1 through 3 (of 3 total)
  • Author
    Posts
  • February 9, 2006 at 3:36 pm #365246
    sketch
    Participant

    While my query is pretty specific, what comes out of this could probably be expanded to other issues.

    Kerberos tickets don’t renew automatically in the background. The only time they ever seem to renew properly is when /System/Library/CoreServices/Kerberos.app is open. This is not ideal, because even with the window closed, there’s still the icon in the dock.

    What is the best way to get tickets to auto-renew in the background?
    What is KerberosAgent.app?
    Can Kerberos.app be run as a service?
    Can I run it quietly using launchd? or should I just run kinit -R every 9 hours using launchd?

    February 9, 2006 at 9:47 pm #365249
    Acidprime
    Participant

    I suppose you could change the time with kadmin as well,but the longer the ticket life time the more a possibility that security could compromised.
    kinit from the command line and the Kerberos app can both renew in fact,the Kerberos App is Apple scriptable so you could export a little app and throw it the dock so your users dont even have to click anything other then its icon.

    tell application “Kerberos”
    renew tickets
    end tell

    February 10, 2006 at 3:18 pm #365256
    sketch
    Participant

    Yes, I understand how kerberos is designed, I also understand that if a user stays logged into their workstation for longer than 10 hours, then tries to use a network resource, things don’t work as smoothly as they should.

    Thus this thread.

  • Author
    Posts
Viewing 3 posts - 1 through 3 (of 3 total)
  • You must be logged in to reply to this topic.

Comments are closed

Copyright © 2025 AFP548. All Rights Reserved.