The documentation later tells you how to replicate these attributes: - *passwordRetryCount* - *retryCountResetTime* - *accountUnlockTime* * * http://www.redhat.com/docs/manuals/dir-server/8.1/admin/Managing_Replication-Replicating-Password-Attributes.html#replicating-pwd-policy I'm using this with multi-master replication across 3 servers and works fine. Just make sure to heed the advice about ensuring the policy is setup the same on all the servers: http://www.redhat.com/docs/manuals/dir-server/8.1/admin/User_Account_Management.html#User_Account_Management-Managing_the_Password_Policy Enjoy! On Wed, Jul 7, 2010 at 9:03 AM, Gerrard Geldenhuis < Gerrard.Geldenhuis at betfair.com> wrote: > Hi > The documentation clearly states that password modification history is not > replicated including account lockout counters. To me that seems a bit > pointless to have if your servers are authenticating against a cluster of 4 > machines. There is no guarantee that next time when you change your password > that the history will be captured by the same server. > > I am sure I am not the only person that has had to deal with this dilemma > and am curious about other possible solutions to this problem. The problem > being to keep a shared used password between multi masters. I would really > appreciate any thoughts or shared expierences in dealing with the > limitations of the password policy in a multimaster environment. > > Regards > > ________________________________________________________________________ > In order to protect our email recipients, Betfair Group use SkyScan from > MessageLabs to scan all Incoming and Outgoing mail for viruses. > > ________________________________________________________________________ > -- > 389 users mailing list > 389-users at lists.fedoraproject.org > https://admin.fedoraproject.org/mailman/listinfo/389-users > -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.fedoraproject.org/pipermail/389-users/attachments/20100707/048abb6f/attachment.html
