[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: errant SASL/GSSAPI setup?

To: openldap-software@OpenLDAP.org
Subject: Re: errant SASL/GSSAPI setup?
From: Quanah Gibson-Mount <quanah@stanford.edu>
Date: Thu, 31 Aug 2006 13:08:20 -0700
Content-disposition: inline
In-reply-to: <17655.16661.142680.435012@CCC1.WPI.EDU>
References: <17654.62034.377949.134006@CCC1.WPI.EDU> <4D4385E96244FC32A9613FE6@SW-90-717-287-3.stanford.edu> <AC79B98AE183B457CFEBB63A@SW-90-717-287-3.stanford.edu> <17655.16661.142680.435012@CCC1.WPI.EDU>

--On Thursday, August 31, 2006 4:05 PM -0400 "Allan E. Johannesen" <aej@WPI.EDU> wrote:

First, as the subject has always said, I figure I've done something odd.
However, I don't know what that is.

"quanah" == Quanah Gibson-Mount <quanah@stanford.edu> writes:


quanah> Do you have some type of limits set on the master for
connections?  If quanah> you do, you need to bypass those for your
replicas repliation DN with quanah> the "limits" command in the master's
slapd.conf.

No, I didn't have an explicit limit for it.  In my ignorance didn't think
the root DN was limited.

You use the rootdn for replication? Ouch... it is highly advised that one not do that.

I've installed a limit and I'll run another test.

However, why does it time out when the ticket expires, whether that's 4
minutes or 10 hours?


Well, I'm curious about the Kerberos libraries you are using...

--Quanah


--
Quanah Gibson-Mount
Principal Software Developer
ITS/Shared Application Services
Stanford University
GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html

References:
- Re: errant SASL/GSSAPI setup?
  - From: "Allan E. Johannesen" <aej@WPI.EDU>
- Re: errant SASL/GSSAPI setup?
  - From: Quanah Gibson-Mount <quanah@stanford.edu>
- Re: errant SASL/GSSAPI setup?
  - From: Quanah Gibson-Mount <quanah@stanford.edu>
- Re: errant SASL/GSSAPI setup?
  - From: "Allan E. Johannesen" <aej@WPI.EDU>

Prev by Date: proxy + backend meta + rewrite
Next by Date: Re: errant SASL/GSSAPI setup?
Index(es):
- Chronological
- Thread