This shows you the differences between two versions of the page.
— |
samba_kdc_settings [2020/04/10 17:38] (current) |
||
---|---|---|---|
Line 1: | Line 1: | ||
+ | **Samba KDC Settings** | ||
+ | |||
+ | ====== Samba4 DC Kerberos token settings ====== | ||
+ | ---- | ||
+ | |||
+ | Samba defaults kerberos tickets expiry values to the following, in some environments it might not be practical that the user TGT expire after 10 hours. | ||
+ | |||
+ | Samba 4's KDC ticket life can be controlled using the parameters in smb.conf the values take integer values and the values should be the hours the tickets should be valid. | ||
+ | |||
+ | <code> | ||
+ | kdc:service ticket lifetime = 1 | ||
+ | |||
+ | kdc:user ticket lifetime = 24 | ||
+ | |||
+ | kdc:renewal lifetime = 120 | ||
+ | </code> | ||
+ | |||
+ | In the above example the service tickets are valid for 1 hour before the Samba has to reissue them user TGT tickets are valid for 24 hours before needing them to be renewed. Tickets can be renewed for a maximum of 5 days from the date of original issue. | ||