Renewing Kerberos ticket
From: Amihai Bareket (amihai73_at_hotmail.com)
Date: 03/01/05
- Next message: Roger Abell: "Re: How do Unix grep, find, sort?"
- Previous message: Roger Abell: "Re: Deny _WRITE_ access to a file"
- Next in thread: Roger Abell: "Re: Renewing Kerberos ticket"
- Reply: Roger Abell: "Re: Renewing Kerberos ticket"
- Reply: Steve Clark [MSFT]: "Re: Renewing Kerberos ticket"
- Messages sorted by: [ date ] [ thread ]
Date: Tue, 1 Mar 2005 07:49:35 +0200
I'm working with a script that's creating new AD Security groups and
changing their membership.
The user that runs the script is added as a member of the new groups.
Once the groups are created I need the script to create folders and set ACL
on these folders using the new groups.
Because the groups are newly created, the information that indicates that
the logged in user (the one that's running the script) is a member of the
new groups is not included in the Kerberos ticket he's been granted on
logon.
The permission change on the file system fails because of this with an
access denied message (makes sense...). I'm using XCACLS to set the
permissions on the new folders.
Is there a way to request a renewal to a user's Kerberos ticket from a
script or batch so that he will receive a new or renewed ticket with the new
group information?
- Next message: Roger Abell: "Re: How do Unix grep, find, sort?"
- Previous message: Roger Abell: "Re: Deny _WRITE_ access to a file"
- Next in thread: Roger Abell: "Re: Renewing Kerberos ticket"
- Reply: Roger Abell: "Re: Renewing Kerberos ticket"
- Reply: Steve Clark [MSFT]: "Re: Renewing Kerberos ticket"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
