Hi,
I am looking a olc config example for totp module. I like to try TOTP module. But I don't get it to work. Because I am not sure how to load it and set it up. Also I don't no what to except once it loaded.
I using Ubuntu Wily 64-bit server which used on-line configuration (OLC).
Compiled it from git. Used tag OPENLDAP_REL_ENG_2_4_42 and cherry-pick the totp directory from HEAD. ./configure --prefix=/usr/local/openldap --enable-overlays=yes --enable-ldap --enable-spasswd --enable-modules Also compiled the totp module in the directory self and installed.
ls -al /usr/local/libexec/openldap -rw-r--r-- 1 root root 93234 Nov 13 22:51 pw-sha2.a -rw-r--r-- 1 root root 928 Nov 13 22:51 pw-sha2.la lrwxrwxrwx 1 root root 16 Nov 13 22:51 pw-sha2.so -> pw-sha2.so.0.0.0 lrwxrwxrwx 1 root root 16 Nov 13 22:51 pw-sha2.so.0 -> pw-sha2.so.0.0.0 -rwxr-xr-x 1 root root 72512 Nov 13 22:51 pw-sha2.so.0.0.0 -rw-r--r-- 1 root root 102352 Nov 13 22:50 pw-totp.a -rw-r--r-- 1 root root 928 Nov 13 22:50 pw-totp.la lrwxrwxrwx 1 root root 16 Nov 13 22:50 pw-totp.so -> pw-totp.so.0.0.0 lrwxrwxrwx 1 root root 16 Nov 13 22:50 pw-totp.so.0 -> pw-totp.so.0.0.0 -rwxr-xr-x 1 root root 69696 Nov 13 22:50 pw-totp.so.0.0.0
I modfied the config file /etc/ldap/slapd.d/cn=config/cn=module{0}.ldif. Which look like this.
dn: cn=module{0} objectClass: olcModuleList cn: module{0} olcModulePath: /usr/lib/ldap olcModuleLoad: {0}back_hdb structuralObjectClass: olcModuleList entryUUID: 628d5926-2244-1034-90e2-d7e1d71167a8 creatorsName: cn=config createTimestamp: 20141227184617Z entryCSN: 20141227184617.050515Z#000000#000#000000 modifiersName: cn=config modifyTimestamp: 20141227184617Z
dn: cn=module objectClass: olcModuleList cn: module olcModulePath: /usr/local/libexec/openldap olcModuleLoad: pw-totp
dn: olcOverlay=totp,olcDatabase=hdb,cn=config olcOverlay: totp
I can run it with /usr/local/openldap/libexec/slapd -u openldap -g openldap -F /etc/ldap/slapd.d -d config.
Again I don't know what to expect if the modules is load. Who can help me futher.
Greats,
René van Dorst.
--On Saturday, November 14, 2015 6:44 PM +0000 René van Dorst opensource@vdorst.com wrote:
Hi,
I am looking a olc config example for totp module. I like to try TOTP module. But I don't get it to work. Because I am not sure how to load it and set it up. Also I don't no what to except once it loaded.
In your example, you're mixing loading modules from two different builds of OpenLDAP -- The OS provided build and your build in /usr/local, which could lead to all sorts of problems.
You likely want something more like:
dn: cn=module{0} objectClass: olcModuleList cn: module{0} olcModulePath: /usr/local/libexec/openldap olcModuleLoad: {0}back_hdb olcModuleLoad: {1}pw-totp structuralObjectClass: olcModuleList entryUUID: 628d5926-2244-1034-90e2-d7e1d71167a8 creatorsName: cn=config createTimestamp: 20141227184617Z entryCSN: 20141227184617.050515Z#000000#000#000000 modifiersName: cn=config modifyTimestamp: 20141227184617Z
--Quanah
--
Quanah Gibson-Mount Platform Architect Zimbra, Inc. -------------------- Zimbra :: the leader in open source messaging and collaboration
Am Sat, 14 Nov 2015 18:44:46 +0000 schrieb René van Dorst opensource@vdorst.com:
Hi,
I am looking a olc config example for totp module. I like to try TOTP module. But I don't get it to work. Because I am not sure how to load it and set it up. Also I don't no what to except once it loaded.
[...]
I can run it with /usr/local/openldap/libexec/slapd -u openldap -g openldap -F /etc/ldap/slapd.d -d config.
Again I don't know what to expect if the modules is load. Who can help me futher.
https://sys4.de/de/blog/2015/11/09/totp-time-based-one-time-password-authent...
-Dieter
openldap-technical@openldap.org
-
Dieter Klünter -
Quanah Gibson-Mount -
René van Dorst