Hi Jose,
please check your self service profile. On tab "Module settings" there
is "OpenLDAP TOTP" where you can specify the DN with the DN of the TOTP
parameters.
This DN must contain oathHMACAlgorithm, oathOTPLength,
oathTOTPTimeStepPeriod.
Best regards
Roland
Am 09.11.21 um 00:19 schrieb Gomez-Rubio, J L. via Lam-public:
Howdy.
Stood up a test VM running CentOS 7 with Symas OpenLDAP 2.5 with LAM Pro 7.7.
Added the otp overlay and module in slapd.conf and did a slaptest -f
slapd.conf. No errors.
I did a slapcat from the production OpenLDAP 2.4 server and did a slapadd on
the test VM.
I was able to view the DIT using both the Manager and Bind User credentials
using ldapsearch on the test VM.
Followed the steps in the LAM Manual to set up OTP by adding the TOTP module
for users and the Self Service OpenLDAP TOTP steps.
Went to the Self Service page and logged in with my account and got the
following error under the TOTP line:
“The OTP parameters could not be read.”
I’m guessing it’s because the original production DIT never had TOTP object
class of oathTOTPParams for user accounts?
Jose
_______________________________________________
Lam-public mailing list
Lam-public@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/lam-public
_______________________________________________
Lam-public mailing list
Lam-public@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/lam-public
