Administering the Kerberos Server
Attributes Tab (Principal Information Window)
Table | Attributes Tab Components (Continued) | |
|
|
|
| Components | Description |
|
|
|
| LDAP DN | Displays the LDAP DN that you are editing. |
|
|
|
| Allow Postdated | Specifies whether a principal is allowed for |
|
| ticket postdating. Postdating is a |
|
| mechanism that allows a principal to obtain |
|
| a ticket that is initially invalid, but that can |
|
| become valid at some time in the future. |
|
| The Allow Postdated attribute applies to |
|
| both user and service principals. If you set |
|
| the attribute for a user principal, the user |
|
| can be issued a postdated or postdatable |
|
| ticket. If you set the attribute for a service |
|
| principal, the server can issue postdated |
|
| service tickets for the service. |
|
|
|
| Allow Renewable | Specifies if a principal is allowed to renew |
| Tickets | tickets. Renewable tickets are those that a |
|
| principal can revalidate up to the maximum |
|
| renewable time. |
|
| The Allow Renewable attribute applies to |
|
| both user and service principals. If you set |
|
| the attributes for a user principal, the |
|
| principal can be issued a renewable ticket. |
|
| If you set this attribute for a service |
|
| principal, the server issues a renewable |
|
| ticket for the service. |
|
| You can set the maximum renewable time in |
|
| the Principal Information>General tab. |
|
|
|
170 | Chapter 8 |