Ken Hornstein <[EMAIL PROTECTED]> wrote:
}> Hmmm, we've been using Kerberos since 1990 and
}> we currently have 38,608 principals (36,240 users).
}> All this time we've never had a hitch with V4
}I think it's all in how often you want to propagate your database.
}With MIT Kerberos, the database is locked during a dump, which
}means users can't change their passwords during that time. If you
}have a lot of principals, and you want to propagate your database
}twice an hour, then you'll have a problem :-)
Ah, true, that is a minor annoyance.
If nothing else you could make the admin server
dump a change log and propagate that 47 of the
48 times for the slave to apply. That should
be a fairly minor change.
}That's assuming, of course, that your users actually _change_ their
}passwords ...
Not a great assumption in an academic environment. :)
Today is the 1st day of spring semester, 4am-11am:
password changes:
43 new accounts created
8 people who forgot their passwords over break
13 people actually changed their password
(that works out to the average user changing their
password once every 3 years).
John
--
John Hascall, Software Engr. Shut up, be happy. The conveniences you
ISU Computation Center demanded are now mandatory. -Jello Biafra
mailto:[EMAIL PROTECTED]
http://www.cc.iastate.edu/staff/systems/john/welcome.html <-- the usual crud
