TGT Expiry Problem

Discussion in 'Server Security' started by andrew, Mar 12, 2009.

  1. andrew

    andrew Guest

    Our web application (on the app server) calls a procedure on a database
    server which bulk imports a file from a file share on the application server.
    Kerberos Delegation is set up and working. All servers are running Windows
    Server 2003 and the domain and forest funtional levels have been raised to
    2003.

    We are finding that whenever a TGT expires, the bulk import fails and the
    services that run the application have to be restarted to refresh the TGT (to
    test this we changed the TGT lifetime from the default 10 hours down to 10
    minutes and then up to 72 hours - the time to bulk import failure always
    follows this setting). My understanding was that the TGT should be
    automatically renewed but this is clearly not happening. Why do we have this
    behavious and what can we do to fix it?
     
    andrew, Mar 12, 2009
    #1
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.