Aggressive kinit timeouts
jonathan.maron at oracle.com
Tue Aug 7 06:46:54 EDT 2018
We have an LDAP realm setup that doesn’t communicate with a local LDAP DB, but rather goes through a number of gateways to access a remote LDAP resource. This introduces some latency that at times exceeds 1 second. That appears to be an issue - we often see authentication failures, possibly since the order of responses for repeated AS_REQ may be out of order? Anyhow, we are definitely seeing auth failures, and the 1 second timeout appears to play a role.
We are unfortunately still using version 1.10. Has this issue been addressed in subsequent versions? Is the 1 second timeout now configurable?
More information about the krbdev