On Tue, Sep 22, 2015 at 08:55:53AM -0400, Nathaniel McCallum wrote:
> On Mon, 2015-09-21 at 16:49 -0600, Duncan McNaught wrote:
> > Dear freeipa-users,
> > 
> > I'm having an issue with otp in freeipa. I can set up the service as
> > described in the blog post for TOTP or HOTP, and sync the token fine.
> > When I try to login to the admin tools or an ipa-managed client
> > (with <password><token>) , I get a password incorrect message.
> > Here are some more details: https://github.com/adelton/docker-freeipa
> > /issues/34
> > Can anyone help me to debug/get this working?
> I'm very unclear as to what you are trying to do. Are you trying to
> run FreeIPA in a container? If so, Jan is probably your man. AFAIK,
> ipa-otpd will require systemd in the container.

Well, we have separate daemon listening on the
/var/run/krb5kdc/DEFAULT.socket in the container which should start
the ipa-otpd@.service when there's a connection made to it. But
somehow it does not seem to be happening even if I fix the parsing of
/etc/ipa/default.conf that ipa-otpd@.service is doing.

What is the simplest way to trigger the connection to
/var/run/krb5kdc/DEFAULT.socket, for debugging purposes?

I haven't even been able to sync the token properly, which Duncan says


was working for him.

Jan Pazdziora
Senior Principal Software Engineer, Identity Management Engineering, Red Hat

Manage your subscription for the Freeipa-users mailing list:
Go to http://freeipa.org for more info on the project

Reply via email to