[Thinlinc-technical] Kerberos ticket refresh/netapp remount issues
Kevin Kwan (Work)
kkwan at worldfinancialdesk.com
Tue Oct 29 20:30:42 CET 2013
Greets all:
I recently ran into an issue with ThinLinc within a kerberized environment
and is hoping for some guidance in resolving a show-stopper.
I am currently evaluating ThinLinc as a replacement for NoMachine's NX
server product. The end users connect via HP Thin Clients on dedicated
fiber to KV hosted Debian Jessie VMs at our data center about 7 km away.
The environment is authenticated via a single realm Kerberos environment,
and once the end user is given a service ticket, the ticket is then used to
grant access to a Netapp storage network appliance, which then mounts their
home directory on the VMs.
I am also emulating this setup using multiple VMWare VMs to weed out
interoperability issues. The end users are extremely satisfied with the
performance and reliability of the ThinLinc stack.
We notice that once we log in and receive the TGT (ticket granting ticket)
the service ticket for all consequent services used by that session does not
show up by spawning gnome-terminal and running klist. I also do not see
session reconnects refresh the initial TGT (extend the expiration time).
This seems to eventually cause netapp homedir mount errors which can only be
solved by a reboot.
Is there any thing we could do to prevent this from happening? Let me know
if you need VMs to repo this issue.
Kevin Kwan
Senior Systems Administrator
World Financial Desk, LLC
More information about the Thinlinc-technical
mailing list