On 4/28/15 6:44 AM, Nathaniel McCallum wrote:
On Fri, 2015-04-17 at 20:21 -0700, Janelle wrote:
On 4/17/15 5:59 PM, Dmitri Pal wrote:
On 04/17/2015 08:07 PM, Janelle wrote:
On Apr 17, 2015, at 16:36, Dmitri Pal <d...@redhat.com> wrote:
<snip> for shorter thread....
Sorry - I just got around to testing this and it does resolve the
problem - HOWEVER, you took away the ability to "Name" the tokens? They
are now "assigned" unique IDs??
Simple. And my test made it simple.
Stand up new vm running fc21/freeipa.
Login to the vm with the user created using password. Kerberos
ticket assigned, all is well.
Login to web interface with admin. Change user to OTP only.
Go to web UI and click sync OTP.
Enter username, password and 2 OTP sequences. Click sync. Error
Now, ssh to same vm using OTP username. Enter password + OTP
I can reproduce this issue with demo instance.
I will file a bug later today.
I think it is a bug with sync.
Which token do you use time based or event based?
Hmm, makes me wonder - with HOTP fail the same? Off to try it.
This should just affect TOTP. I have posted a patch that should fix
this problem. Are you able to test it?
Was this intentional?
Manage your subscription for the Freeipa-users mailing list:
Go to http://freeipa.org for more info on the project