[Fedora-directory-users] Account lockout
Richard Megginson
rmeggins at redhat.com
Thu Oct 12 19:45:15 UTC 2006
Jason Russler wrote:
> Hi all, I have two FDS 1.0.2 systems in a master/slave set-up (for
> redundancy purposes rather than load) that are for authenticating a
> small number of high-capacity systems (many users). The client
> systems are configured to access the slave system first and fail-over
> to the master if the slave is unavailable. Add/modify/delete
> requests posted to the slave (which are frequent) are referred along
> to the master and then replicated back. It all works normally.
>
> The problem is that when the slave server makes an update to itself,
> such as when user login attempt fails, the appropriate attribute is
> updated (in this case, passwordretrycount) rather than referred to the
> master - which makes sense I guess. I'd like these updates referred
> to the master because all of my user administration tools talk to the
> master - things like failed login attempts and temporally locked
> accounts never show up on the master. Is there a way I can do this
> (short of writing plugins) or do I have to work around it? Thanks,
> Jason
I think you'd have to use something like Chain on Update, which allows
the replica to follow the referral to the master itself.
http://directory.fedora.redhat.com/wiki/Howto:ChainOnUpdate
>
> --
> Fedora-directory-users mailing list
> Fedora-directory-users at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-directory-users
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3178 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://listman.redhat.com/archives/fedora-directory-users/attachments/20061012/7d77b484/attachment.bin>
More information about the Fedora-directory-users
mailing list