Project

General

Profile

Actions
Copy link

Feature #17319

closed

Handle kerberos ticket expiration in Gss nsupdate module

Added by Anonymous over 7 years ago. Updated almost 6 years ago.

Status:
Rejected
Priority:
Normal
Assignee:
-
Category:
DNS
Target version:
1.15.3
Difficulty:
Triaged:
Bugzilla link:
Pull request:
Fixed in Releases:
Found in Releases:
Red Hat JIRA:

Description

When using Windows 2008 AD, kerberos ticket is retained by the module after its expiration. This leads to failures when attempting to create/delete dns records.

Kerberos error: tkey query failed: GSSAPI error: Major = Unspecified GSS failure. Minor code may provide more information, Minor = Ticket expired.

Actions
Copy link
 #1

Updated by Anonymous over 7 years ago

  • Target version set to 1.15.3
Actions
Copy link
 #2

Updated by Anonymous over 7 years ago

  • Tracker changed from Bug to Feature
  • Status changed from New to Rejected

Smart proxy renews kerberos tickets on every request via Kerberos::Krb5#get_init_creds_keytab. The original report was a request for enhancement, the reporter never provided smart-proxy logs substantiating the issue. Will reopen the ticket should more details become available.

Actions
Copy link

Also available in: Atom PDF