-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 11/23/2010 04:32 PM, Simo Sorce wrote: > On Tue, 23 Nov 2010 16:07:47 -0500 > Rob Crittenden <[email protected]> wrote: > >> I don't want to throw a wrench in, but what if you have multiple >> replicas in various distant locations, WHICH server is the time >> relative to? > > By server I think Steve meant the machine currently evaluation the > access control decision. "Host" would have been a happier term.
No, I was actually talking about the FreeIPA server in this situation, but Rob is right that there is no guarantee in a multi-master situation that the servers themselves are in the same timezone. Given this, I think the only sane thing to do here is to always use UTC (and state clearly that this is what is happening) - -- Stephen Gallagher RHCE 804006346421761 Delivering value year after year. Red Hat ranks #1 in value among software vendors. http://www.redhat.com/promo/vendor/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/ iEYEARECAAYFAkztJaoACgkQeiVVYja6o6MPPgCglv9EY4OaQk6PaEEXhUIIdFu4 HVQAn1gqQom24AmJ/qMUoxWN/4mr/+M4 =hSe5 -----END PGP SIGNATURE----- _______________________________________________ Freeipa-devel mailing list [email protected] https://www.redhat.com/mailman/listinfo/freeipa-devel
