in Kerberos_V5_Development
Aggressive kinit timeouts
daemon@ATHENA.MIT.EDU (Jonathan Maron)
Tue Aug 7 06:47:22 2018
From: Jonathan Maron <firstname.lastname@example.org>
Mime-Version: 1.0 (Mac OS X Mail 11.2 \(3445.5.20\))
Date: Tue, 7 Aug 2018 06:46:54 -0400
To: "email@example.com" <firstname.lastname@example.org>
Content-Type: text/plain; charset="utf-8"
We have an LDAP realm setup that doesn’t communicate with a local LDAP DB, but rather goes through a number of gateways to access a remote LDAP resource. This introduces some latency that at times exceeds 1 second. That appears to be an issue - we often see authentication failures, possibly since the order of responses for repeated AS_REQ may be out of order? Anyhow, we are definitely seeing auth failures, and the 1 second timeout appears to play a role.
We are unfortunately still using version 1.10. Has this issue been addressed in subsequent versions? Is the 1 second timeout now configurable?
krbdev mailing list email@example.com