On Tue, 22 Sep 2015, Duncan McNaught wrote:
I realize that, thanks.
That's currently the only problem for us - getting 2FA to work.
Given that we rely on socket activation for ipa-otpd, you would need to
make a wrapper that would listen a unix domain socket and forward the
data between ipa-otpd stdin/stdout and that socket. This is what
provided to us by systemd.


Thanks
--Duncan
____________________________

Duncan McNaught
Infrastructure Engineer
Technologies | www.bitnet.io
+1 720 240 6575

On Tue, Sep 22, 2015 at 12:12 PM, Nathaniel McCallum <npmccal...@redhat.com>
wrote:

Running IPA in a container is very bleading edge. I would not be
surprised at all if you run into lots of problems.

On Tue, 2015-09-22 at 12:10 -0600, Duncan McNaught wrote:
> Thanks Nathaniel,
>   I am running with Jan's Centos-7 container and I'd like to have
> Multi-factor Authentication/2FA enabled.
> He mentioned that systemd is not running in the container, so I
> guess that explains why 2FA is failing. I wonder if I can get
> systemd running there.
> --Duncan
>
>
> Thanks
> --Duncan
> ____________________________
> Duncan McNaught
> Infrastructure Engineer
>  Technologies | www.bitnet.io
> +1 720 240 6575
>
> On Tue, Sep 22, 2015 at 6:55 AM, Nathaniel McCallum <npmccallum@redha
> t.com> wrote:
> > On Mon, 2015-09-21 at 16:49 -0600, Duncan McNaught wrote:
> > > Dear freeipa-users,
> > >
> > > I'm having an issue with otp in freeipa. I can set up the
> > service as
> > > described in the blog post for TOTP or HOTP, and sync the token
> > fine.
> > > When I try to login to the admin tools or an ipa-managed client
> > > (with <password><token>) , I get a password incorrect message.
> > > Here are some more details: https://github.com/adelton/docker-fre
> > eipa
> > > /issues/34
> > > Can anyone help me to debug/get this working?
> >
> > I'm very unclear as to what you are trying to do. Are you trying to
> > run FreeIPA in a container? If so, Jan is probably your man. AFAIK,
> > ipa-otpd will require systemd in the container.
> >
> > If you are trying to run this on CentOS 7.1 (not a container), it
> > seems to me that your LDAP server isn't running or something is
> > wrong
> > with ldapi.
> >
> > Can you explain your setup in more detail?
> >
> > Nathaniel
> >


--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project


--
/ Alexander Bokovoy

--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

Reply via email to