Hi!
You should really find out the difference of BASE64 in LDIF that follows single or a double colon 😉 Trying is probably a bad idea.
Kind regards, Ulrich Windl
-----Original Message----- From: Christoph Pleger Christoph.Pleger@cs.tu-dortmund.de Sent: Tuesday, February 11, 2025 11:31 AM To: OndÅ™ej KuznÃk ondra@mistotebe.net Cc: Bastian Tweddell b.tweddell@fz-juelich.de; openldap- technical@openldap.org Subject: [EXT] Re: TOTP and OpenLDAP
Hello,
I assume that's because you wrote the base64 value to the entry, what you want to store in the database is the raw secret (output of base32 -d). But if you want to use ldapmodify, you need to use LDIF and that's where you use base64 and "::" to indicate the data you provided is base64 encoded, that's what's described in the guide.
Thank you, it's working now. Probably, the missing second ':' was the problem - I had it in my ldif in the beginning, but at some point removed it because I thought it was a typo ...
Regards Christoph