Hey,
my deployment is a multimaster ldap / Kerberos Setup... i made a „Script“ to
install it on Debian/ubuntu. You can have it if you want... it is for testing.
Thor
Sent from my iPhone
> On 2. Feb 2019, at 19:48, Benjamin Kaduk wrote:
>
> LDAP is the only builtin KDC backend that supports
LDAP is the only builtin KDC backend that supports multi-master KDCs at
all. (I don't know whether there are any public out-of-tree backends that
do so.)
So, while you could use the LDAP backend with a single LDAP master and
multiple KDC masters, that master LDAP server would be a SPOF.
-Ben
Would it be possible to not leverage ldap for multiple-master deployment?
On Sat, Feb 2, 2019 at 1:14 PM Benjamin Kaduk wrote:
> Most of the instances I've heard about that use multi-master KDCs also use
> multi-master LDAP replication, to avoid the SPOF.
>
> -Ben
>
> On Sat, Feb 02, 2019 at
Most of the instances I've heard about that use multi-master KDCs also use
multi-master LDAP replication, to avoid the SPOF.
-Ben
On Sat, Feb 02, 2019 at 11:12:33AM -0500, Yegui Cai wrote:
> Hi Thor.
> So you have a shared ldap? If so, could that ldap be a single point of
> failure?
>
> Thanks,
Hey Yegui,
I use a mutli master setup. For the sync I use openldap.
Greeting Thor
> On 2. Feb 2019, at 15:38, Yegui Cai wrote:
>
> Hi all.
> I know the official document recommend master-slave deployment for
> production environment.
> Wonder if any try to do a master-master deployment? If
Hi Thor.
So you have a shared ldap? If so, could that ldap be a single point of
failure?
Thanks,
Yegui
On Sat, Feb 2, 2019 at 11:10 AM t Seeger wrote:
> Hey Yegui,
>
> I use a mutli master setup. For the sync I use openldap.
>
> Greeting Thor
>
> On 2. Feb 2019, at 15:38, Yegui Cai wrote:
>
>
Hi all.
I know the official document recommend master-slave deployment for
production environment.
Wonder if any try to do a master-master deployment? If yes, how could you
sync between two masters?
Thanks,
Yegui
Kerberos mailing list
Hi all.
I just found out that the issue was caused by some race conditions when I
experiment with master-master deployment. Please ignore this thread.
Cheers,
Yegui
On Fri, Feb 1, 2019 at 11:20 AM Yegui Cai wrote:
> Hi all.
>
> I run KDC 1.15.1. At the host, I use kadmin.local to add a
