Administering the Kerberos Server

 

 

General Tab (Principal Information Window)

Table 8-8

General Tab Components (Continued)

 

 

 

 

Field Name

Description

 

 

 

 

Principal Expiration

Displays the principal expiration

 

 

time, which indicates when the

 

 

current logon privileges of the

 

 

principal expire.

 

 

Enter one of the following options in

 

 

the Principal Expiration box:

 

 

• A date and time in the format

 

 

HH:MM MM/DD/YYY.

 

 

• The keyword Never, which

 

 

indicates that the principal does

 

 

note expire.

 

 

 

 

Maximum Ticket Lifetime

Sets the maximum ticket lifetime for a

 

 

principal. The time must not exceed

 

 

the corresponding ticket lifetime set

 

 

for the realm, as controlled by the

 

 

krbtgt/REALM@REALM principal.

 

 

 

 

Maximum Renew Time

Sets the maximum renewal time for

 

 

each individual principal. You must

 

 

specify a time that does not exceed the

 

 

corresponding renewal time set for the

 

 

realm.

 

 

To restrict the issuance of renewable

 

 

tickets, uncheck the Allow

 

 

Renewable option on the Principal

 

 

Information window>Attributes tab.

 

 

You must not enter a renewal time of

 

 

0 (zero) seconds. If you enter 0 seconds

 

 

for the Maximum Renew Time field in

 

 

the General tab and click OK or

 

 

Apply, the following warning

 

 

message is displayed:

 

 

Invalid Field Entry

 

 

 

Chapter 8

141

Page 141
Image 141
HP UX Kerberos Data Security Software manual General Tab Components, Field Name Description Principal Expiration