Thanks you all. Let me give a try.

Thanks


On Thu, Jul 11, 2013 at 11:47 PM, Dan White <dwhite@olp.net> wrote:
On 07/11/13 18:49 +0200, Dieter Klünter wrote:
Am Thu, 11 Jul 2013 21:46:40 +0530
schrieb Vishesh kumar <linuxtovishesh@gmail.com>:

Do anyone point me right direction for setting up OTP authentication
in openldap. Reference to URL or guide will be sufficient.

If openldap has been compiled with cyrus-sasl, you have to add otp to
the sasl mechanism list. Read on opie(4), opiepasswd(1) and opiekeys(5)
in order to create keys.

If cyrus-sasl is compiled with opie disabled, it will use your configured
auxprop plugin to store and retrieve the otp keys. Slapd will, by
default, store those keys internally within the user's entry.

You'll need an appropriate schema definition such as
http://web.olp.net/dwhite/openldap/cmusasl.schema.

With this approach, you can populate the otp key for a given user by using
the ldapdb auxprop plugin, and with saslpasswd2:

cat > /usr/lib/sasl2/saslpasswd.conf <<EOF
auxprop_plugin: ldapdb
ldapdb_uri: ldapi:///
ldapdb_mech: EXTERNAL
EOF

saslpasswd2 -n jsmith@example.org

--
Dan White




--
http://linuxmantra.com