[Authentication] realmd: Faster discovery, generic kerberos discovery
Stef Walter
stefw at gnome.org
Thu Aug 23 02:56:36 PDT 2012
Some more patches for realmd.
The first patch is one that makes the discovery of kerberos realms much
faster:
https://bugs.freedesktop.org/show_bug.cgi?id=53956
In particular discovery of IPA is harder to do in a fixed amount of
time. We actually try to connect to the server to retrieve its
certificate, and this can block for a long time given a firewall. This
was slowing down discovery of non IPA domains.
So the patches at the above bug, integrate the discovery into a single
class, which discovers everything about a server all at once. It does
IPA server in parallel and limits initial connection attempt to 5
seconds. If server is discovered as being AD, then we short-circuit IPA
discovery.
Also another patch, which enables discovery of generic kerberos realms:
https://bugs.freedesktop.org/show_bug.cgi?id=53958
We can't actually enroll in generic kerberos realms, but discovery is
nice to have. gnome-online-accounts wants to use this feature.
Any review, sanity checking, or testing is super appreciated.
Cheers,
Stef
More information about the Authentication
mailing list