Yuri Krysko via FreeIPA-users wrote: > Hello FreeIPA Community! > > My FreeIPA setup consists of two servers in master-master replication > scenario. I have recently made a change to LDAP schema to *not* > exclude *krbloginfailedcount *attribute* *from replication. I am seeing > incremental updates being pushed from the server where failed login > occurs, and the other freeIPA server acquires these replication updates, > however it does not seem to update its *krbloginfailedcount *for the > respective user. Hence, my goal to have user account locked out after X > number of failed logins irrespective of the auth server is not > successful, as each server still seems to maintain its own version of > failed auth attempts. Am I doing something wrong?
We would need to see what changes you made. rob _______________________________________________ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org