On Thu, Sep 17, 2020 at 10:14:37AM +0200, Ronald Wimmer via FreeIPA-users wrote:
On 14.09.20 09:07, Ronald Wimmer via FreeIPA-users wrote:
I have a script that runs periodically as a CRON job. The user is an
IPA user. Everything works perfectly for a while and at some point
in time I am getting log entries like:
Sep 14 08:56:02 myServer CROND[24516]: (CRON) ERROR chdir failed
(/home/mydomain.at/myADUser): Permission denied
After logging in manually with that particular user everything works
again...
What could be the issue here?
It looks like Kerberos ticket expiration. What would be the best way
to automatically renew it? Do a kinit -R over crond?
Hi,
SSSD can renew Kerberos tickets it has requested, see
krb5_renew_interval in man sssd-krb5 for details.
Please note that the KDC assigns a maximal renewal time to the original
TGT, if this time is passed the ticket cannot be renewed anymore but a
fresh one has to be requested.
HTH
bye,
Sumit
Cheers,
Ronald
_______________________________________________
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org
_______________________________________________
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org
