kerberos password change in master-slave environ
Tim Alsop
Tim.Alsop at CyberSafe.Ltd.UK
Wed Mar 24 17:37:04 EST 2004
John,
For this to happen a user would have to be signed on at more than one system. If this does happen (unlikely) we accept the password change request that we receive first.
Tim.
-----Original Message-----
From: John Hascall [mailto:john at iastate.edu]
Sent: 24 March 2004 22:47
To: Tim Alsop
Cc: Kerberos List
Subject: Re: kerberos password change in master-slave environ
> Our KDC implements incremental propogation and provides the
> support for local password changes rather than a password change
> needing to connect to the master - we pass the password change
> request from slave to master(s) when received a nd then the
> master propogates this change back to ALL secondaries along with
> any updates made by administrators on the master. We rarely need
> to propogate the entire database since the slaves and masters are
> always in sync ...
Do you handle the case where a password gets changed
on KDC "a" and before it is replicated it is changed
on KDC "b" too? If so, how?
John
More information about the Kerberos
mailing list