Kerberos Client Version C.1.3.5.03 Release Notes

Kerberos Client C.1.3.5.03 Release Notes
Defect Fixes in This Version
Chapter 118
JAGaf54263 When the primary administrative server is
unavailable, the kpasswd utility times out instead of
failing over to the secondary server.
This defect has been fixed in this release of Kerberos.
When the primary server fails, the kpasswd utility
attempts to fail over to other administrative servers
in the list by having a configurable timeout value
called kpasswd_timeout. See the krb5.conf manpage
for more information.
NOTE: If you list a secondary administrative server,
the password can get updated on the secondary
server, causing inconsistencies if there is no password
synchronization mechanism from the secondary to
the primary server. This occurs in the following cases:
The secondary server is listed above the primary.
In this case, the admin_server will find the
secondary server first and update the password
on the secondary server.
If none of the servers listed above the secondary
server respond, the admin_server will update
the password on the secondary server.
Table 1-2 Defect Fixes (Continued)
JAG ID DESCRIPTION