Hi folks,
I'm testing getting a samba server working against IPA.
Now, when adding a user via the interface, I get
IPA Error 4205: ObjectclassViolation
missing attribute "ipaNTSecurityIdentifier" required by object class
"ipaNTUserAt
7/24/15, 1:43 AM, "Martin Kosek" wrote:
>On 07/16/2015 06:58 PM, Bendl, Kurt wrote:
>> I'm planning our implementation of IdM/IPA, and I'm unclear about how I
>>can implement IPA's OTP for privileged access.
>>
>> I need to be able to set up
I'm planning our implementation of IdM/IPA, and I'm unclear about how I can
implement IPA's OTP for privileged access.
I need to be able to set up systems so:
* accounts can auth using traditional userid/password
* privileged access (sudo) requires OTP
We've done some testing, injecting a 3rd
gy 4225 E. Windrose Dr. Phoenix, AZ 85032
>
>-Original Message-
>From: freeipa-users-boun...@redhat.com
>[mailto:freeipa-users-boun...@redhat.com] On Behalf Of Bendl, Kurt
>Sent: Thursday, July 09, 2015 3:16 PM
>To: freeipa-users@redhat.com
>Subject: [Freeipa
Hello,
I've been given a list of DNS info [ipaddress, FQDN]
to import into FreeIPA. The current DNS setup doesn't
allow me to do a zone transfer so the zone2dyndb-ldif
tool won't help me at the moment.
I'm hoping there is another method I can leverage to
do the import. Some kind of API call would
"There is no way to define per-service target 2FA yet in FreeIPA."
Oh, man... there you go using the "yet" word! ;-)
Thanks to you and Ben for the ideas. I'll hack around to see what makes
sense.
Thanks,
Kurt
On 5/27/15, 12:33 PM, "Alexander Bokovoy"
Hi,
I want to know if I can configure FreeIPA's native OTP solution to require an
account to use OTP when authenticating from a specific app (OpenVPN or
StrongSwan) but not require 2FA when logging into a system/server or the IPA
app.
My (not completely baked) thought is to provision the VPN s