Kerberos Autorenew and Autorefresh

About a year ago I contributed some code to the nss_ldap core which
appeared in the mainstream for release 258. This code supports auto
renew and auto refresh of Kerberos tickets using either a previously
created cache or a keytab. I have been running kstart to get the initial
ticket but tried to turn this feature off and let the initial ticket be
created by the code in nss_ldap. This has not worked for me :-[  and I
was wondering if anybody else has tried and succeeded with this.

So can I get a poll of anybody who is using these features and what sort
of success they have had with them.

I am going to debug my problem over the next few days but if anybody has
a working config and would be willing to share I would be grateful

Howard.

Hallo Howard,

* Howard Wilkinson <howard@...> [080702 11:37]:
> About a year ago I contributed some code to the nss_ldap core which
> appeared in the mainstream for release 258. This code supports auto renew
> and auto refresh of Kerberos tickets using either a previously created
> cache or a keytab. I have been running kstart to get the initial ticket but
> tried to turn this feature off and let the initial ticket be created by the
> code in nss_ldap. This has not worked for me :-[  and I was wondering if
> anybody else has tried and succeeded with this.

> So can I get a poll of anybody who is using these features and what sort of
> success they have had with them.

> I am going to debug my problem over the next few days but if anybody has a
> working config and would be willing to share I would be grateful

never used it, thought about it, but I saw this morning the following
bugreport including patch, hopefully it helps you get going. Please let
me know if you succeed because I'm heavily thinking about such a setup.

http://bugzilla.padl.com/show_bug.cgi?id=368

        Thomas

Thomas Glanzmann wrote:

Hallo Howard,

* Howard Wilkinson howard@... [080702 11:37]:
  

About a year ago I contributed some code to the nss_ldap core which 
appeared in the mainstream for release 258. This code supports auto renew 
and auto refresh of Kerberos tickets using either a previously created 
cache or a keytab. I have been running kstart to get the initial ticket but 
tried to turn this feature off and let the initial ticket be created by the 
code in nss_ldap. This has not worked for me :-[  and I was wondering if 
anybody else has tried and succeeded with this.
    

So can I get a poll of anybody who is using these features and what sort of 
success they have had with them.
    

I am going to debug my problem over the next few days but if anybody has a 
working config and would be willing to share I would be grateful
    

never used it, thought about it, but I saw this morning the following
bugreport including patch, hopefully it helps you get going. Please let
me know if you succeed because I'm heavily thinking about such a setup.

http://bugzilla.padl.com/show_bug.cgi?id=368

        Thomas
  

I have just posted a patch set again 259 which should make all of this work! I posted it against bug 298 in the bugzilla database. If people could try this out and let me know how they get on I would be grateful.

Has anybody tried the kerberos patches I submitted to bugzilla? I have
it running but am seeing occasional seg faults in what I think is the
LDAP/Kerberos library code. Have not had much luck debugging this and
was hoping somebody else could look?