On a related point to this note - Duncan, did you try to run your setup with
RPM version of FreeIPA? FreeIPA 4.2 is included both in RHEL-7.2 Beta or in
Fedora 23 Beta updates-testing repo, so you can try the latest and greatest
version there and thus find out if the problems you are seeing are specific to
the containerization or rather a general issue.

On 09/22/2015 08:12 PM, Nathaniel McCallum wrote:
> Running IPA in a container is very bleading edge. I would not be
> surprised at all if you run into lots of problems.
> On Tue, 2015-09-22 at 12:10 -0600, Duncan McNaught wrote:
>> Thanks Nathaniel,
>>   I am running with Jan's Centos-7 container and I'd like to have
>> Multi-factor Authentication/2FA enabled.
>> He mentioned that systemd is not running in the container, so I
>> guess that explains why 2FA is failing. I wonder if I can get
>> systemd running there.
>> --Duncan
>> Thanks
>> --Duncan
>> ____________________________
>> Duncan McNaught
>> Infrastructure Engineer
>>  Technologies | www.bitnet.io
>> +1 720 240 6575
>> On Tue, Sep 22, 2015 at 6:55 AM, Nathaniel McCallum <npmccallum@redha
>> t.com> wrote:
>>> On Mon, 2015-09-21 at 16:49 -0600, Duncan McNaught wrote:
>>>> Dear freeipa-users,
>>>> I'm having an issue with otp in freeipa. I can set up the
>>> service as
>>>> described in the blog post for TOTP or HOTP, and sync the token
>>> fine.
>>>> When I try to login to the admin tools or an ipa-managed client
>>>> (with <password><token>) , I get a password incorrect message.
>>>> Here are some more details: https://github.com/adelton/docker-fre
>>> eipa
>>>> /issues/34
>>>> Can anyone help me to debug/get this working?
>>> I'm very unclear as to what you are trying to do. Are you trying to
>>> run FreeIPA in a container? If so, Jan is probably your man. AFAIK,
>>> ipa-otpd will require systemd in the container.
>>> If you are trying to run this on CentOS 7.1 (not a container), it
>>> seems to me that your LDAP server isn't running or something is
>>> wrong
>>> with ldapi.
>>> Can you explain your setup in more detail?
>>> Nathaniel

Manage your subscription for the Freeipa-users mailing list:
Go to http://freeipa.org for more info on the project

Reply via email to