Store Commands
311
WLAN
ADAPTER,
WLAN
Enables or disables Kerberos:
store kerberos opts [-]auth
Sets the maximum allowable amount of clock skew in seconds
or minutes that Kerberos authentication will tolerate before
assuming that a Kerberos message is invalid:
store kerberos config clockskew <clock_skew><s|m>
The time units cannot be mixed and there must at least be one
space between the <renew_life_time> value and the time unit
(s or m). The default is 300 seconds, (i.e. five minutes). The
minimum allowable value is 60 seconds (i.e. 1 minute). The
maximum allowable value is 900 seconds (i.e. 15 minutes).
NOTE: The Microsoft step-by-step Guide to Kerberos 5 (krb5 1.0)
Interoperability recommends that your system clock be
sychronized within two minutes to the KDC system’s clock.
Otherwise, clock skew errors will cause Kerberos
authentication to fail. If this is the case, the clock skew
default may need to scale down to two minutes.
WLAN
ADAPTER,
WLAN
Sets the maximum allowable ticket lifetime in seconds, minutes,
hours, or days:
store kerberos config tktlife <life_time> <s|m|h|d>
<life_time> is between 300 seconds and 259200 seconds (3
days). The time units cannot be mixed and there must be at
least one space between the <life_time> value and the time
units (s, m, h, or d). Default value is 43200 seconds.
WLAN
ADAPTER,
WLAN
Sets the maximum allowable renewable lifetime in seconds,
minutes, hours, or days:
store kerberos config renewlife <renew_life_time>
<s|m|h|d>
<renew_life_time> is 0 (i.e. no limit) or between 300 seconds
and 604800 seconds (7 days). The time units cannot be mixed
and there must be at least one space between the
<renew_life_time> value and the time unit (s, m, h, or d).
Default value is 0.