View Tickets

MIT Kerberos displays your tickets in the main window. The tickets (if any) are organized by the principal who owns them. To the right of the principal are columns with information about the tickets.

To show or hide information columns, use the View Options panel in the Options tab. How to: Use View Options Panel
To make a column wider or narrower, click and drag the line separating two column headings.
To see information for all of a principal's tickets, click the arrow next to the principal name. Otherwise the information displayed applies only to the initial Ticket Granting Ticket (TGT).

Use the table below to jump to a column description, or scroll down to view all available columns.

Learn about...	Principal Issued Renewable Until Valid Until Encryption Type Flags (renewable and forwardable)

Column	Description
Principal	The identity that has obtained the ticket. This is your user name (e.g., `Jsmith`) plus the Kerberos realm (or Windows domain) you belong to (e.g., `@SERVER.MEGACORP.COM`). If like many users you have only one Kerberos name and belong to only one realm, you will have only one principal. The principal that is currently the default principal appears in bold. About: Default Principals The information displayed in the columns to the right of the principal applies only to the principal's initial Ticket Granting Ticket (TGT). Click the arrow in front of the principal name to expand the view. The expanded view shows all of the tickets and session keys issued to the principal. The TGT is listed with a prefix of krbtgt. Any other tickets and session keys were automatically issued when you accessed a service through Kerberos. About: Kerberos Terminology (Tickets)
Issued	The date and time the ticket was originally obtained.
Renewable Until	The date and time marking the end of each ticket's renewable lifetime. If the column is wide enough you will also see the number of days and hours remaining in the ticket's renewable lifetime. After this time, you cannot renew the ticket and must instead get a new one. If this column shows Not Renewable, the ticket was not flagged as renewable when you obtained it. Related Help: About renewable tickets Renew tickets
Valid Until	The date and time the ticket will expire and can no longer be used or renewed. If the column is wide enough you will also see the number of hours and minutes remaining before the ticket expires. Kerberos alerts you to expiring tickets with a warning in a pop up window. To add an audible warning, open the Options tab and select Expiration Alarm in the Ticket Options panel. How to: Use Ticket Options Panel
Encryption Type	Shows what type of encryption was used to encode the session key and the ticket. Kerberos supports multiple types of encryption. The type used for a particular ticket or session key is automatically negotiated when you request a ticket or a service. About: Encryption Types
Flags	Shows how the tickets were flagged (renewable and/or fowardable) when you obtained them. You cannot change how an existing flag is set. If you need a ticket with different flags, you must get a new ticket. Forwardable and Proxiable tickets can be forwarded to the remote host when you connect via telnet, ssh, ftp, rlogin, or similar applications. Renewable tickets can be renewed until the time and day shown in the Renewable Until column. Each time a ticket is renewed, its lifetime is extended by the length of the original ticket.