[prev in list] [next in list] [prev in thread] [next in thread] 

List:       openldap-technical
Subject:    Re: UNKNOWN attributeDescription "..." inserted.
From:       Quanah Gibson-Mount <quanah () fast-mail ! org>
Date:       2024-02-01 16:40:56
Message-ID: 33F1103E51B3ED3A7A56A1CF () [192 ! 168 ! 1 ! 14]
[Download RAW message or body]



--On Thursday, February 1, 2024 10:55 AM +0100 Bastian Tweddell 
<b.tweddell@fz-juelich.de> wrote:

> Our setup is to use TOTP as 2FA for ssh logins against the centralized
> LDAP infrstructure. The ssh-login 1FA is ssh pubkey (also in LDAP) and
> 2FA is TOTP. To achieve this we use a PAM module which does an ldapbind
> against the user-DN which has the userPassword schema '{TOTP1}'.
>
> Maybe I wrong or outdated here and slapo-opt also supports TOTP-only
> authentication now?

Ok, makes sense. Yeah, OTP does not support that scenario at this time.

--Quanah


[prev in list] [next in list] [prev in thread] [next in thread]