[23708] in Kerberos

home help back first fref pref prev next nref lref last post

Immediate password propagation

daemon@ATHENA.MIT.EDU (Rahul.Jain@wellsfargo.com)
Tue Apr 12 20:27:40 2005

content-class: urn:content-classes:message
MIME-Version: 1.0
Date: Tue, 12 Apr 2005 19:26:47 -0500
Message-ID: <C4E630F8313DF14C982F9FC7CCCF2A2A2FE34C@msgswbmnmsp18.wellsfargo.com>
From: <Rahul.Jain@wellsfargo.com>
To: <kerberos@mit.edu>
Content-Type: text/plain;
	charset="us-ascii"
Errors-To: kerberos-bounces@mit.edu
Content-Transfer-Encoding: 8bit

Is there a way or a plan to implement immediate propagation of password
changes?

 

If a client GSS implementation does not support the DNS
_kerberos-master._udp SRV record and it gets load-balanced to a slave
KDC, it will fail authentication if replication hasn't yet completed,
right? Or is that implemented in the MIT KDC code itself when it
recognizes that it is configured as a slave? Is there a way to use the
standard kpasswd and have the master KDC push the new password to the
slaves itself if the GSS implementation needs to be aware of this setup?

 

TIA,

Rahul Jain

________________________________________________
Kerberos mailing list           Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos

home help back first fref pref prev next nref lref last post