[Freeipa-users] Re: 2FA only for certain hosts/host groups

Ronald Wimmer via FreeIPA-users Wed, 29 Mar 2023 13:48:25 -0700

On 29.03.23 22:30, Ronald Wimmer via FreeIPA-users wrote:

Is it possible to enforce the second factor for a user only when tryingto login to specific hosts/host groups?
List here says yes...https://blog.delouw.ch/2016/10/16/freeipa-selective-2fa-authentication-indicators/
I'm gonna give it a try.

Sorry. Clicked on send to early... As I understand the link above, itwould just be a


ipa host-mod  --auth-ind=otp secure.linuxhost.at

instead of enabling the option for some user. Right?

(or ipa service-mod --auth-ind=otp http/secure.linuxhost.at for acertain service)

But when I set the auth indicator on a host it does not seem to work.What am I missing?


Cheers,
Ronald
_______________________________________________
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org
Do not reply to spam, report it: 
https://pagure.io/fedora-infrastructure/new_issue

[Freeipa-users] Re: 2FA only for certain hosts/host groups

Reply via email to