|
| Administering the Kerberos Server |
|
| General Tab (Principal Information Window) |
Table | General Tab Components (Continued) | |
|
|
|
| Field Name | Description |
|
|
|
| Principal Expiration | Displays the principal expiration |
|
| time, which indicates when the |
|
| current logon privileges of the |
|
| principal expire. |
|
| Enter one of the following options in |
|
| the Principal Expiration box: |
|
| • A date and time in the format |
|
| HH:MM MM/DD/YYY. |
|
| • The keyword Never, which |
|
| indicates that the principal does |
|
| note expire. |
|
|
|
| Maximum Ticket Lifetime | Sets the maximum ticket lifetime for a |
|
| principal. The time must not exceed |
|
| the corresponding ticket lifetime set |
|
| for the realm, as controlled by the |
|
| krbtgt/REALM@REALM principal. |
|
|
|
| Maximum Renew Time | Sets the maximum renewal time for |
|
| each individual principal. You must |
|
| specify a time that does not exceed the |
|
| corresponding renewal time set for the |
|
| realm. |
|
| To restrict the issuance of renewable |
|
| tickets, uncheck the Allow |
|
| Renewable option on the Principal |
|
| Information window>Attributes tab. |
|
| You must not enter a renewal time of |
|
| 0 (zero) seconds. If you enter 0 seconds |
|
| for the Maximum Renew Time field in |
|
| the General tab and click OK or |
|
| Apply, the following warning |
|
| message is displayed: |
|
| Invalid Field Entry |
|
|
|
Chapter 8 | 141 |