Any time a principal obtains a ticket, including a ticket-granting ticket, the ticket's lifetime is set as the smallest of the following lifetime values:
The lifetime value specified by the -l option of kinit, if kinit is used to get the ticket.
The maximum lifetime value (max_life) specified in the kdc.conf file.
The maximum lifetime value specified in the Kerberos database for the service principal providing the ticket. (In the case of kinit, the service principal is krbtgt/realm.)
The maximum lifetime value specified in the Kerberos database for the user principal requesting the ticket.
The following figure shows how a TGT's lifetime is determined and illustrates where the four lifetime values come from. Even though the figure shows how a TGT's lifetime is determined, basically the same thing happens when any principal obtains a ticket. The only differences are that kinit doesn't provide a lifetime value, and the service principal providing the ticket provides a maximum lifetime value (instead of the krbtgt/realm principal).
The renewable ticket lifetime is also determined from the minimum of four values, but renewable lifetime values are used instead:
The renewable lifetime value specified by the -r option of kinit, if kinit is used to obtain or renew the ticket
The maximum renewable lifetime value (max_renewable_life) specified in the kdc.conf file
The maximum lifetime renewable value specified in the Kerberos database for the service principal providing the ticket (in the case of kinit, the service principal is krbtgt/realm)
The maximum lifetime renewable value specified in the Kerberos database for the user principal requesting the ticket