Tips for finding Knowledge Articles

  • - Enter just a few key words related to your question or problem
  • - Add Key words to refine your search as necessary
  • - Do not use punctuation
  • - Search is not case sensitive
  • - Avoid non-descriptive filler words like "how", "the", "what", etc.
  • - If you do not find what you are looking for the first time,reduce the number of key words you enter and try searching again.
  • - Minimum supported Internet Explorer version is IE9
Home  >
article

KB-6044: How to configure users for automatic Kerberos Credentials for infinite renewal even after users have logged out?

Centrify DirectAudit ,   Centrify DirectControl ,   Centrify DirectControl Plugins ,  

9 September,16 at 10:18 AM

Applied to:
Centrify DirectControl 5.2.3+ on all OS platform
 
Question:
How to configure users for automatic Kerberos Credentials for infinite renewal even after users have logged out?
 
Answer:
Starting DirectControl 5.2.3 [Centrify Server 2015.1 release] DirectControl added a configurable option in centrifydc.conf file to support infinite renewal of the user’s Kerberos’s Ticket Granted Ticket for a user who has logged out while his Hadoop job is still running.
 
Example usage:
1. Edit centrifydc.conf
2. krb5.cache.infinite.renewal.batch.users: test_user, test_user@example.com,test_user_sam, test_user_sam@example.com
 
Option Explanation:
Use this configuration parameter in centrifydc.conf to specify a list of users whose Kerberos credentials require infinite renewal even after the users have logged out. These users must be zone enabled (that is, mapped users are not supported). You can use any of the following formats to specify user names:

unixName
userPrincipleName
SamAccountName
SamAccountName@domain

 
By default, this parameter does not list any users.

For more information, please see attach Centrify Hadoop Guide.

For groups please view: 
KB-6050: How to configure a group for automatic Kerberos Credentials for infinite renewal?
Attachments:

Still have questions? Click here to log a technical support case, or collaborate with your peers in Centrify's Online Community.