I think the point is quite real.
The bind operation can be the large part of traffic for authentication
systems.
Could be worth to file an issue/wish on bugzilla and continue the discussion
there?
Peace,
R.
--
Roberto Polli
Project Manager
Babel S.r.l. - http://www.babel.it
T:
In both A and B you could have a higher number of attempts than is
actually allowed before the replicated failed login attempts gets written
back to consumer where it will stop the user authenticating. There is a
marginal potential for higher number of potential requests if you don't
chain
Gerrard Geldenhuis wrote:
Hi
In our setup we have clients authenticating against a consumer server.
The consumer server is chained to the provider server for writes and
we have passwordpolicy configured including lockout settings. We
replicate all password data.
When I do a bind to
Gerrard Geldenhuis wrote:
Are you using Chain On Update for Binds?
http://directory.fedoraproject.org/wiki/Howto:ChainOnUpdate
We are indeed, we used that howto to set it up. Reading it now again it
does say it will use the chaining backend for binds. Why is that?