18 Jan
2023
18 Jan
'23
8:29 a.m.
While working on this matter I discovered that there is not only the slap-totp contrib module, but also the slapo-otp openldap module.
With that one, I managed to get bind-authentication + 2FA to work; thanks to the test code in openldap. This work so far when the user entry has a userPassword attribute and is allowed to bind. The bind call also gives the userpassword and 2FA token in the credentials.
Now I would like to achieve, that only TOTP authentication is done. Would this be possible with slapo-otp? Or am I in a dead end here?
(see attached info.txt ldif, console and slapd debug)
Many thanks,
--
Bastian Tweddell Juelich Supercomputing Centre
phone: +49 (2461) 61-6586 HPC in Neuroscience, HPS
-------------------------------------------------------------------------------
-------------------------------------------------------------------------------
Forschungszentrum Juelich GmbH
52425 Juelich
Sitz der Gesellschaft: Juelich
Eingetragen im Handelsregister des Amtsgerichts Dueren Nr. HR B 3498
Vorsitzender des Aufsichtsrats: MinDir Volker Rieke
Geschaeftsfuehrung: Prof. Dr.-Ing. Wolfgang Marquardt (Vorsitzender),
Karsten Beneke (stellv. Vorsitzender), Dr. Ir. Pieter Jansens,
Prof. Dr. Astrid Lambrecht, Prof. Dr. Frauke Melchior
-------------------------------------------------------------------------------
-------------------------------------------------------------------------------