So, It looks like tokens are working on LDAP too. Is there any way to disable 2FA on LDAP?
Thanks On Thu, Feb 22, 2018 at 3:52 PM, Maciej Drobniuch <m...@collective-sense.com> wrote: > Hey All, > > I want to authenticate with an external app to ldap ipa. > > So I've created a user for the bind: > dn: uid=sysaccount,cn=sysaccounts,cn=etc,dc=example,dc=com > changetype: add > objectclass: account > objectclass: simplesecurityobject > uid: system > userPassword: somepass123 > passwordExpirationTime: 20380119031407Z > nsIdleTimeout: 0 > > The external app runs the LDAP check successfully and can see the users > that belong to the group that's allowed to login. > > Problem: > I can not login with the default "admin" account but I can not login with > any other account that's in the dn into the app. > Response is: "Invalid credentials" > > base: 'cn=users,cn=accounts,dc=example,dc=com' > user_filter: '(memberOf=cn=gitlab-users,cn=groups,cn=accounts,dc=example, > dc=com)' > > Any ideas? > > Thank You! > > -- > Best regards > > Maciej Drobniuch > Network Security Engineer > Collective-Sense,LLC > -- Best regards Maciej Drobniuch Network Security Engineer Collective-Sense,LLC
_______________________________________________ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org