[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: errant SASL/GSSAPI setup?

--On Thursday, August 31, 2006 4:05 PM -0400 "Allan E. Johannesen" <aej@WPI.EDU> wrote:

First, as the subject has always said, I figure I've done something odd.
However, I don't know what that is.

"quanah" == Quanah Gibson-Mount <quanah@stanford.edu> writes:

quanah> Do you have some type of limits set on the master for connections? If quanah> you do, you need to bypass those for your replicas repliation DN with quanah> the "limits" command in the master's slapd.conf.

No, I didn't have an explicit limit for it.  In my ignorance didn't think
the root DN was limited.

You use the rootdn for replication? Ouch... it is highly advised that one not do that.

I've installed a limit and I'll run another test.

However, why does it time out when the ticket expires, whether that's 4
minutes or 10 hours?

Well, I'm curious about the Kerberos libraries you are using...


-- Quanah Gibson-Mount Principal Software Developer ITS/Shared Application Services Stanford University GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html