Handle kerberos ticket expiration in Gss nsupdate module
|Target version:||Foreman - Team Ivan Iteration 7|
|Found in release:||Pull request:|
|Velocity based estimate||-|
When using Windows 2008 AD, kerberos ticket is retained by the module after its expiration. This leads to failures when attempting to create/delete dns records.
Kerberos error: tkey query failed: GSSAPI error: Major = Unspecified GSS failure. Minor code may provide more information, Minor = Ticket expired.
#2 Updated by Dmitri Dolguikh 7 months ago
- Tracker changed from Bug to Feature
- Status changed from New to Rejected
Smart proxy renews kerberos tickets on every request via Kerberos::Krb5#get_init_creds_keytab. The original report was a request for enhancement, the reporter never provided smart-proxy logs substantiating the issue. Will reopen the ticket should more details become available.