Troubleshooting Kerberised NFSv4

Here is a list of the problems I've come across.
First install problems are not covered here. Refer to the step-by-step setup notes elsewhere on this site.

Mounts fail after tickets expire.
Tickets are automagically renewed (eg every 8 hours) but only up to the system configured limit. After that the tickets expire and a password is required.

My experience with solaris is that once the ticket has expired, existing kerberised shares return some form of 'permission denied' even after the ticket has been renewed. (Note I'm not sure what happens if the mount has _not_ been accessed after the expiration but before the ticket is renewed).
Anyhow one NFS server is aware the ticket expired it doesn't seem to check subsequent validations. Ie the mount needs to be unmounted and remounted. Irritating.
One way around this is to extend ticket renewals but that may impact security...

