Date: 25 Feb 1999 16:15:01 -0500 From: Chris Shenton <cshenton@uucom.com> To: shmit@kublai.com Cc: mike@seidata.com, GVB <gvbmail@tns.net>, freebsd-net@FreeBSD.ORG Subject: Re: RADIUS Solutions Message-ID: <86d82ytcbu.fsf@samizdat.uucom.com> In-Reply-To: Brian Cully's message of Thu, 25 Feb 1999 12:34:27 -0500 References: <19990223192031.C50175@kublai.com> <Pine.BSF.4.05.9902250233010.25461-100000@ns1.seidata.com> <19990225123427.C10052@kublai.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Brian Cully <shmit@kublai.com> writes: > Not at all. The provisioning system pushes out new password databases > every four hours, and those databases are used in the majority of > the cases. However, we wanted instant provisioning as well, so when > we don't find an account in our local password database, we check > the provisioning system directly. This means that we only rarely > hit the network for account validation, and if the provisioning > system is down the only thing that fails is new account login. Won't this lose if the user exists in the cached password file but the password is wrong, e.g., if the user changed it on the master copy? I'd think you'd have synchronization problems.... Or do you push the change out when it occurs, like when the user changes his password? And not push the entire password file? Or something else? Thanks. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?86d82ytcbu.fsf>