I have been working on an OpenLDAP Self Registration/Password Reset Portal in Go that I will be releasing under a BSD license. Its still very much embryonic but if you are interested in taking an early look, please let me know. I'd love to get feedback on it.
Kind regards, Killian
I would a modern replacement for PWM....
On Jan 29, 2025, at 9:28 AM, killian.greig@gmail.com wrote:
I have been working on an OpenLDAP Self Registration/Password Reset Portal in Go that I will be releasing under a BSD license. Its still very much embryonic but if you are interested in taking an early look, please let me know. I'd love to get feedback on it.
Kind regards, Killian
I am working since a long time on LTB Self Service Password: https://github.com/ltb-project/self-service-password/
It is written in PHP and wortks with OpenLDAP and other LDAP directories
We don't hae yet the self registration feature, but it is available in LemonLDAP::NG, another product on which I work: https://lemonldap-ng.org/documentation/latest/register.html
We also have a user creation workflow in the roadmap of LTB Service Desk: https://github.com/ltb-project/service-desk/issues/59
Any help is welcome!
Clément.
Le ven. 31 janv. 2025 à 00:10, ogg@sr375.com a écrit :
I would a modern replacement for PWM....
On Jan 29, 2025, at 9:28 AM, killian.greig@gmail.com wrote:
I have been working on an OpenLDAP Self Registration/Password Reset
Portal in Go that I will be releasing under a BSD license. Its still very much embryonic but if you are interested in taking an early look, please let me know. I'd love to get feedback on it.
Kind regards, Killian
would like to avoid php as much as possible. just a personal choice
On Jan 31, 2025, at 8:16 AM, Clément OUDOT clem.oudot@gmail.com wrote:
I am working since a long time on LTB Self Service Password: https://github.com/ltb-project/self-service-password/
It is written in PHP and wortks with OpenLDAP and other LDAP directories
We don't hae yet the self registration feature, but it is available in LemonLDAP::NG, another product on which I work: https://lemonldap-ng.org/documentation/latest/register.html
We also have a user creation workflow in the roadmap of LTB Service Desk: https://github.com/ltb-project/service-desk/issues/59
Any help is welcome!
Clément.
Le ven. 31 janv. 2025 à 00:10, <ogg@sr375.com mailto:ogg@sr375.com> a écrit :
I would a modern replacement for PWM....
On Jan 29, 2025, at 9:28 AM, killian.greig@gmail.com mailto:killian.greig@gmail.com wrote:
I have been working on an OpenLDAP Self Registration/Password Reset Portal in Go that I will be releasing under a BSD license. Its still very much embryonic but if you are interested in taking an early look, please let me know. I'd love to get feedback on it.
Kind regards, Killian
Is it a CGI script, or is it more like a standalone web server, or is it completely different? Maybe present some README here 😉
Kind regards, Ulrich Windl
-----Original Message----- From: killian.greig@gmail.com killian.greig@gmail.com Sent: Wednesday, January 29, 2025 6:29 PM To: openldap-technical@openldap.org Subject: [EXT] OpenLDAP Self Registration/Password Reset Portal
I have been working on an OpenLDAP Self Registration/Password Reset Portal in Go that I will be releasing under a BSD license. Its still very much embryonic but if you are interested in taking an early look, please let me know. I'd love to get feedback on it.
Kind regards, Killian
Hello,
so far, I used libpam-google-authenticator as a second factor for two-factor-authentication, the first factor is OpenLDAP.
Now, I read that OpenLDAP supports google-authenticator-like authentication directly - but I do not want to create new 2FA-secrets.
So:
Is it possible to convert the secret from ${HOME}/.google_authenticator to OpenLDAP format?
Regards Christoph
On Tue, Feb 04, 2025 at 04:38:23PM +0100, Christoph Pleger wrote:
Hello,
so far, I used libpam-google-authenticator as a second factor for two-factor-authentication, the first factor is OpenLDAP.
Now, I read that OpenLDAP supports google-authenticator-like authentication directly - but I do not want to create new 2FA-secrets.
So:
Is it possible to convert the secret from ${HOME}/.google_authenticator to OpenLDAP format?
Hi Christoph, yes, should be possible to use the otp overlay for this: https://openldap.org/software/man.cgi?query=slapo-otp
You can look at test080/081 in the OpenLDAP test suite on how to set it up or there's also a Symas KB article[0] you can follow. https://kb.symas.com/configure-time-based-one-time-passwords-totp.html
Regards,
openldap-technical@openldap.org
-
Christoph Pleger -
Clément OUDOT -
killian.greig@gmail.com -
ogg@sr375.com -
Ondřej Kuzník -
Windl, Ulrich