Password History in a Replicated Environment
 

The documentation later tells you how to replicate these attributes:



passwordRetryCount



retryCountResetTime

accountUnlockTime




http://www.redhat.com/docs/manuals/dir-server/8.1/admin/Managing_Replication-Replicating-Password-Attributes.html#replicating-pwd-policy




I'm using this with multi-master replication across 3 servers and works fine. *Just make sure to heed the advice about ensuring the policy is setup the same on all the servers:


http://www.redhat.com/docs/manuals/dir-server/8.1/admin/User_Account_Management.html#User_Account_Manageme nt-Managing_the_Password_Policy




Enjoy!
On Wed, Jul 7, 2010 at 9:03 AM, Gerrard Geldenhuis <Gerrard.Geldenhuis@betfair.com> wrote:


Hi

The documentation clearly states that password modification history is not replicated including account lockout counters. To me that seems a bit pointless to have if your servers are authenticating against a cluster of 4 machines. There is no guarantee that next time when you change your password that the history will be captured by the same server.





I am sure I am not the only person that has had to deal with this dilemma and am curious about other possible solutions to this problem. The problem being to keep a shared used password between multi masters. I would really appreciate any thoughts or shared expierences in dealing with the limitations of the password policy in a multimaster environment.





Regards



__________________________________________________ ______________________

In order to protect our email recipients, Betfair Group use SkyScan from

MessageLabs to scan all Incoming and Outgoing mail for viruses.



__________________________________________________ ______________________

--

389 users mailing list

389-users@lists.fedoraproject.org

https://admin.fedoraproject.org/mailman/listinfo/389-users



--
389 users mailing list
389-users@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users