Password replication issues?

[mlinde]

Ok, maybe I’m just batty.

I recently upgraded our OD system (part of Magic Triangle) from 10.4.11 to 10.5.6. That’s one ODM and 3 replicas. I will start with – I don’t know if this ever worked – but if an OD admin logs into their localized replica with WGM (instead of the ODM) and changes their password, that change won’t replicate back to the master. However, if they log into the master and change their password, it replicates down to the locals. Is this normal behavior? Or should I be looking for something that is broken?

[broth]

I have found password replication issues too.

Using 10.5.6 with about 37,000 users.

For instance, in a master – replica configuration, forcing passwords to change (using WGM), may cause problems. You may find that the login window will expand, a new password is entered the screen shakes and you never get to the desktop.

After about 4 months, Apple duplicated the problem. No word on a fix yet

I have also seen where after forcing a password change the new password is entered and the login is successful. But then go to another Mac, bound to a different replica, and get asked to change the password again.

[mlinde]

[QUOTE][u]Quote by: MacTroll[/u][p]One would hope that that would work…

Not quite sure what to tell you if it doesn’t. You could start poking around with mkpassdb and look at the timestamps on the passwords.[/p][/QUOTE]
Ok, now I need some serious wisdom. when I use mkpassdb -dump -v I get this great data (see below). When looking at the data, I checked date immediately – and got [code]Mon May 4 16:10:45 EDT 2009[/code] so the date is not wrong on the server, but the user is obviously hitting some strange time problem. user1 is local to this replica (EDT), user2 is in PDT – user3 is local to the ODM (as am I and user5). So anyone know where I look next for crazy time problems?
[code]
Slot # Account ID User Name Last Login Last Password Change Mod Date
———————————————————————————————————————————————-
…
slot 0007: 0x47b1cc63011853f20000000d00000007 user1 06/17/2010 07:48:02 PM 05/13/2010 05:18:10 PM 06/17/2010 07:45:37 PM
slot 0008: 0x47b1cd3e182caaa70000000e00000008 user2 04/30/2009 06:15:06 PM 06/18/2010 08:34:31 PM 04/30/2009 06:15:06 PM
slot 0009: 0x47b1d17674255f2f0000000f00000009 user3 04/01/2009 04:18:57 PM 02/12/2008 12:12:49 PM 04/01/2009 04:18:57 PM
slot 0010: 0x47b1d1c63fe49214000000100000000a mclinde 04/30/2009 12:49:38 PM 10/14/2008 01:03:09 PM 04/30/2009 12:49:38 PM
slot 0011: 0x47b1eee3158a49db000000110000000b user5 04/01/2009 04:19:01 PM 02/12/2008 02:09:24 PM 04/01/2009 04:19:01 PM
slot 0012: 0x47bf74d648993910000000120000000c user6 07/18/2010 07:05:20 PM 06/29/2010 12:21:30 AM 07/18/2010 05:01:15 PM
…[/code]

[Author]

Posts