Alessandro Briosi
2014-Dec-31 08:59 UTC
[Samba] Fwd: Re: Samba4 and sssd, keytab file expires?
>> Even if I restart the service things don't change. The only solution I >> have found so far is regenerating the keytab file. >> It seems that the kerberos principal expires. Is this normal? >> Funny thing is that on the 1st dc I am using sssd too and ssh logins >> work as expected (no need to change the keytab file). >> >> Anyone seen this before?> Which pricipal expires? > > That tickets expire is built into Kerberos. I'm using nslcd and require > k5start to refresh the principal. Could it be that you're runnining > something like that on your 1st DC?> Regards, > - lars.That's what I was asking, is it really expiring? Should the principal be refreshed, or is there a way to make it not expire? I have followed the wiki [1], but there's no mention about principal expiration. Also the first dc (CentOS 6) is using sssd and it's principal seems to be working fine, no expiration. Thanks, Alessandro [1] https://wiki.samba.org/index.php/Local_user_management_and_authentication/sssd