NOTE
Administration
Rules for Setting Maximum Renew Time
Rules for Setting Maximum Renew Time
The value in the Maximum Renew Time box indicates the maximum amount of time for which, a ticket can be renewed.
The value format is [Nw] [Nd] [Nh] [Nm], where N is an integer number, and the lower case suffix identifies the unit of time: weeks, days, hours or minutes respectively. A number with no suffix, w,d,h or m, is interpreted as hours.
Spaces are not allowed between the number and the suffix.
Examples
1d9h is one day and nine hours
4h24m is four hours and
18 is eighteen hours
You can also express the time units by the full word. For example, 1day is the same as 1d. Key words are week, day, hour and minute.
The maximum lifetime for a ticket issued to any principal in any given realm is controlled by the settings for the reserved principal krbtgt/REALM@REALM.
Do not enter a renewal time of zero (0). To restrict the issuance of renewable tickets, clear the Allow Renewable option on the Attributes tab of the Principal Information window. If you enter zero in the Maximum Renew Time field on the General tab, you receive the warning ‘You have entered an invalid time’ when you click OK or Apply.
Chapter 6 | 135 |