Changing is every 5 minutes still means you can't really login or do
anything until after 5 minutes have passed. And what do you do when your
password database is several megs and takes 2 or 3 minutes to transfer?
I hope (wish) there is a better way. This way just seems like the easy
hack. Its not really "replication," it just copying.
-----Original Message-----
From: [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: 3/24/2004 9:43 AM
Subject: kerberos password change in master-slave environ
All,
I have a kerberos master-slave (1 master, 4 slaves) environment.
When user changes password, master has the recent passwd while
the slaves have older password until kerberos database is propagated
(once in 5 hrs).
I have configured all clients/member unix servers so that they query
the slaves.
Problem: When user changes password the new password is unusable
until krb5 database is propagated.
Question: If a user changes password (using kpasswd), shouldn't the
slave
kerberos server check with master if it has a more recent
copy
of the password?
Is there a more elegant solution, than say propagating
corporate
wide
kerberos database every 5 min or so ?
thanks
-subu
________________________________________________
Kerberos mailing list [EMAIL PROTECTED]
https://mailman.mit.edu/mailman/listinfo/kerberos
________________________________________________
Kerberos mailing list [EMAIL PROTECTED]
https://mailman.mit.edu/mailman/listinfo/kerberos
