Linux Archive

Linux Archive (http://www.linux-archive.org/)
-   Fedora Directory (http://www.linux-archive.org/fedora-directory/)
-   -   Password History in a Replicated Environment (http://www.linux-archive.org/fedora-directory/396105-password-history-replicated-environment.html)

Aaron Hagopian 07-07-2010 04:21 PM

Password History in a Replicated Environment
 
The documentation later tells you how to replicate these attributes:



passwordRetryCount



retryCountResetTime

accountUnlockTime




http://www.redhat.com/docs/manuals/dir-server/8.1/admin/Managing_Replication-Replicating-Password-Attributes.html#replicating-pwd-policy




I'm using this with multi-master replication across 3 servers and works fine. *Just make sure to heed the advice about ensuring the policy is setup the same on all the servers:


http://www.redhat.com/docs/manuals/dir-server/8.1/admin/User_Account_Management.html#User_Account_Manageme nt-Managing_the_Password_Policy




Enjoy!
On Wed, Jul 7, 2010 at 9:03 AM, Gerrard Geldenhuis <Gerrard.Geldenhuis@betfair.com> wrote:


Hi

The documentation clearly states that password modification history is not replicated including account lockout counters. To me that seems a bit pointless to have if your servers are authenticating against a cluster of 4 machines. There is no guarantee that next time when you change your password that the history will be captured by the same server.





I am sure I am not the only person that has had to deal with this dilemma and am curious about other possible solutions to this problem. The problem being to keep a shared used password between multi masters. I would really appreciate any thoughts or shared expierences in dealing with the limitations of the password policy in a multimaster environment.





Regards



__________________________________________________ ______________________

In order to protect our email recipients, Betfair Group use SkyScan from

MessageLabs to scan all Incoming and Outgoing mail for viruses.



__________________________________________________ ______________________

--

389 users mailing list

389-users@lists.fedoraproject.org

https://admin.fedoraproject.org/mailman/listinfo/389-users



--
389 users mailing list
389-users@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users


All times are GMT. The time now is 07:24 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.