The documentation later tells you how to replicate these attributes:
- *passwordRetryCount*
- *retryCountResetTime*
- *accountUnlockTime*
*
*
http://www.redhat.com/docs/manuals/dir-server/8.1/admin/Managing_Replicat...
I'm using this with multi-master replication across 3 servers and works
fine. Just make sure to heed the advice about ensuring the policy is setup
the same on all the servers:
http://www.redhat.com/docs/manuals/dir-server/8.1/admin/User_Account_Mana...
Enjoy!
On Wed, Jul 7, 2010 at 9:03 AM, Gerrard Geldenhuis <
Gerrard.Geldenhuis(a)betfair.com> wrote:
Hi
The documentation clearly states that password modification history is not
replicated including account lockout counters. To me that seems a bit
pointless to have if your servers are authenticating against a cluster of 4
machines. There is no guarantee that next time when you change your password
that the history will be captured by the same server.
I am sure I am not the only person that has had to deal with this dilemma
and am curious about other possible solutions to this problem. The problem
being to keep a shared used password between multi masters. I would really
appreciate any thoughts or shared expierences in dealing with the
limitations of the password policy in a multimaster environment.
Regards
________________________________________________________________________
In order to protect our email recipients, Betfair Group use SkyScan from
MessageLabs to scan all Incoming and Outgoing mail for viruses.
________________________________________________________________________
--
389 users mailing list
389-users(a)lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users