Return-Path: Received: from pch.mit.edu (PCH.MIT.EDU [18.7.21.90]) by krbdev.mit.edu (Postfix) with ESMTP id 61FAF3FB1F; Thu, 16 Oct 2014 09:36:13 -0400 (EDT) Received: from pch.mit.edu (pch.mit.edu [127.0.0.1]) by pch.mit.edu (8.13.6/8.12.8) with ESMTP id s9GDaDtp017447; Thu, 16 Oct 2014 09:36:13 -0400 Received: from mailhub-dmz-2.mit.edu (mailhub-dmz-2.mit.edu [18.7.62.37]) by pch.mit.edu (8.13.6/8.12.8) with ESMTP id s9G5Je3m008048 for ; Thu, 16 Oct 2014 01:19:40 -0400 Received: from dmz-mailsec-scanner-3.mit.edu (dmz-mailsec-scanner-3.mit.edu [18.9.25.14]) by mailhub-dmz-2.mit.edu (8.13.8/8.9.2) with ESMTP id s9G5JeJw024867 for ; Thu, 16 Oct 2014 01:19:40 -0400 X-Auditid: 1209190e-f79d46d000003643-47-543f556a3650 Authentication-Results: symauth.service.identifier Received: from userp1040.oracle.com (userp1040.oracle.com [156.151.31.81]) (using TLS with cipher AES256-SHA (256/256 bits)) (Client did not present a certificate) by dmz-mailsec-scanner-3.mit.edu (Symantec Messaging Gateway) with SMTP id 63.78.13891.B655F345; Thu, 16 Oct 2014 01:19:39 -0400 (EDT) Received: from ucsinet22.oracle.com (ucsinet22.oracle.com [156.151.31.94]) by userp1040.oracle.com (Sentrion-MTA-4.3.2/Sentrion-MTA-4.3.2) with ESMTP id s9G5Jb0D015049 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK) for ; Thu, 16 Oct 2014 05:19:38 GMT Received: from userz7021.oracle.com (userz7021.oracle.com [156.151.31.85]) by ucsinet22.oracle.com (8.14.5+Sun/8.14.5) with ESMTP id s9G5Jbef012260 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=FAIL) for ; Thu, 16 Oct 2014 05:19:37 GMT Received: from abhmp0016.oracle.com (abhmp0016.oracle.com [141.146.116.22]) by userz7021.oracle.com (8.14.4+Sun/8.14.4) with ESMTP id s9G5Ja9T002437 for ; Thu, 16 Oct 2014 05:19:36 GMT MIME-Version: 1.0 Message-ID: <24d07985-73c2-43e9-914b-1da82b072d2d@default> Date: Wed, 15 Oct 2014 22:19:36 -0700 (PDT) From: Tsu-Phong Wu To: Subject: Client RPC timeout during kadmin listprincs command X-Mailer: Zimbra on Oracle Beehive Content-Type: text/plain; charset=UTF-8 Content-Disposition: inline X-Source-Ip: ucsinet22.oracle.com [156.151.31.94] X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFtrJKsWRWlGSWpSXmKPExsUyZ7p8oG52qH2IwbRjFhYND4+zOzB6NJ05 yhzAGMVlk5Kak1mWWqRvl8CV0dBmVfCbpWLT7O+sDYw/mbsYOTkkBEwkbvf/BrMZBYwkdp97 xQoRF5O4cG89WxcjF4eQwAYmiYnLlzBDOMuZJI52LoJypjJJHOzpZIRwzjNKLJq0EWwWr4Cg xMmZT1ggbCuJ+U9vMoLYLALaEhdPrQKrYRPQkZi2ZAUbiC0iICFx8tZqsN3CAjYSjefvsUPc oSTxb2s30BwODmYBdYn184RAwsxAY5YtfM0MEZaWWP6PA6LaUGJm23n2CYxCs5AcMQuheRaS 5lkIzQsYWVYxyqbkVunmJmbmFKcm6xYnJ+blpRbpGuvlZpbopaaUbmIEhrUQpyTfDsavB5UO MQpwMCrx8GoE24cIsSaWFVfmHmKU5GBSEuVlcQMK8SXlp1RmJBZnxBeV5qQWH2KU4GBWEuFl DgLK8aYkVlalFuXDpKQ5WJTEeTf94AsREkhPLEnNTk0tSC2CyTJxsB9ilOHgUJLgrQsB6hYs Sk1PrUjLzClBVsMJIrhA1vAArZkCUshbXJCYW5yZDlF0ilGXo6XpbS+TEEtefl6qlDjvVZDT BUCKMkrz4IbBUtQlRlkpYV5GBgYGIR6ga4CBgCr/ilEcGADCvBYgq3gy80rgNr0COoIJ6IiJ obYgR5QkIqSkGhjTIrXPt5kY6E9tPrjlynyFiKhzr9LPVP9oP5X4982UT48FFuWH6IZ8XP7O w7304P/Pxw7u+6Y18Xurxv95Z+r2FDtHne75ukZTep+2RuTGhyJzEn+s1Ept42QqCV7yaZPR vEsfLvF/cGQq6uWcG9RwZZlr04HzqwrKrjQ86K3atPJHroif1hw5JZbijERDLeai4kQApNEv 8UwDAAA= Content-Transfer-Encoding: 8bit X-MIME-Autoconverted: from quoted-printable to 8bit by pch.mit.edu id s9G5Je3m008048 X-Mailman-Approved-At: Thu, 16 Oct 2014 09:36:12 -0400 X-Beenthere: krb5-bugs-incoming@mailman.mit.edu X-Mailman-Version: 2.1.6 Precedence: list Sender: krb5-bugs-incoming-bounces@PCH.mit.edu Errors-To: krb5-bugs-incoming-bounces@PCH.mit.edu Content-Length: 606 Hi, One of our customer has a KDC with LDAP backend on separate machine. The customer runs into RPC timeout while kadmin tries to retrieve 100k principles: kadmin -p admin/admin -w password -q listprincs get_principals: Communication failure with server while retrieving list. The default 120 seconds client RPC timeout is not sufficient for 100k or more principles. Increasing the default timer to a higher value may have negative impacts on responsiveness of clients and fail-over. Should there be a configurable value in the client profile or a more adaptable algorithm? Thanks. Tsu-Phong