Skip to content

Instantly share code, notes, and snippets.

Last active October 26, 2019 21:09
What would you like to do?
How to create renewable kerberos ticket
1.On KDC server login as kadmin.
kadmin -p admin/admin@<realm>
2. Now create Kerberos User. If the user principal is already created, go to step 3.
add_principal -kvno 1 sample@HC1.QA
3.Modify the user principal.
modprinc -maxlife 1days -maxrenewlife 7days +allow_renewable sample
Confirm the same by running following command
get_principal ingestor
Note the value of Maximum renewable life
Expiration date:
Last password change:
Password expiration date:
Maximum ticket life:
Maximum renewable life:
Last modified:
Last successful authentication:
Last failed authentication:
4.Identify the service principal, and renew the same by following step 3.
TODO - How to get service principal.
5.Now, you can create a keytab and use it wherever you require.
Relevant Links -
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment