[krbdev.mit.edu #8027] Client RPC timeout during kadmin listprincs command
Tsu-Phong Wu via RT
rt-comment at krbdev.mit.edu
Thu Oct 16 09:36:14 EDT 2014
Hi,
One of our customer has a KDC with LDAP backend on separate machine.
The customer runs into RPC timeout while kadmin tries to retrieve 100k principles:
kadmin -p admin/admin -w password -q listprincs
get_principals: Communication failure with server while retrieving list.
The default 120 seconds client RPC timeout is not sufficient for 100k or more principles.
Increasing the default timer to a higher value may have negative impacts on responsiveness of clients and fail-over.
Should there be a configurable value in the client profile or a more adaptable algorithm?
Thanks.
Tsu-Phong
More information about the krb5-bugs
mailing list