iprop_iprop_replica_poll=2m default...
Greg Hudson
ghudson at mit.edu
Sun Jan 12 17:54:12 EST 2020
On 1/10/20 8:22 PM, Tareq Alrashid wrote:
> Maybe I am missing something but changing the kdc.conf to any value...
>
> iprop_replica_poll=1s
> or even...
> iprop_replica_poll = 0.016666666666667m
> (for 1s= 1/60min!)
>
> Based on tailing the kadmind.log, it is showing the replica polling
> every 2m!?
If you are running a release prior to 1.17, you need to use the old name
iprop_slave_poll. (The old name still works in 1.17 as well.)
Also make sure to set the value on the machine running kpropd (not the
master KDC where kadmind is run), and to restart kpropd.
I don't think the delta time format supports floating point values, but
"1s" or just "1" should work.
> Final question if there is any negative impact for having replicas poll at often as one second or maybe it is best to be at higher numbers of seconds?
Polling every second will cause a little bit of work on the replica and
the master KDC each second, and use a little bit of network traffic.
With today's computers and networks it's probably going to have much impact.
More information about the Kerberos
mailing list