Help answer threads with 0 replies.
Go Back > Forums > Linux Forums > Linux - Newbie
User Name
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!


  Search this Thread
Old 04-07-2009, 08:03 AM   #1
LQ Newbie
Registered: May 2008
Posts: 13

Rep: Reputation: 0
Linux Daemons and Kerberos Tickets


I wanted to know whether there are any recommendations regarding following scenario:

- In order to Linux daemons to be running in kerberos/Active Directory users' context, a (krbtgt) ticket is needed and is fetched by kinit.
- But this ticket is usually valid for some time depending on user configuration and it needs to be renewed.

Is there a recommended way of renewing/getting new ticket for the user?

One of the ways suggested to me was run kinit externally as cronjob for every user you want every n hours. But that seems dangerous to me.

Putting kinit call to .bashrc sounds good to me but that will fetch ticket only for default duration. Is there a better way? Or how do admins do it usually?

Thanks in advance,

Last edited by acid_kewpie; 04-07-2009 at 08:26 AM. Reason: Not a networking question. Moved to Linux - Newbie.
Old 04-07-2009, 07:40 PM   #2
LQ Newbie
Registered: Aug 2007
Distribution: Slackware from 94-09, Debian Since March 09
Posts: 28

Rep: Reputation: 19
It's possible that the solution to your requirement will lie in the use (and proper combination of) pam_winbind and the line "winbind refresh tickets" in /etc/samba/smb.conf. I suggest you google those a bit, and see if it turns up a few good ideas for you.

Since this is related to a daemon process, and not a particular live user, you may need to schedule some sort of activity (through cron for example) to connect to an authenticated service as the daemon user account, thus forcing the refresh to occur.

With the limited amount of information you've provided concerning the distro involved, and the daemon process you are working with, I'm afraid this is the best suggestion I can provide.

Best of luck...


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Writing Linux Daemons and secutiry tomq42 Programming 6 02-10-2009 03:15 AM
LXer: Tickets Version 2.6 Now Available LXer Syndicated Linux News 0 03-25-2008 09:00 PM
managing daemons under Ubuntu linux retiem Debian 1 03-04-2005 12:59 PM
linux daemons kobilevi Programming 2 08-13-2001 07:14 AM > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 04:37 PM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration