Dave Macias wrote: > I too have been wondering about TOTP with openldap but always found it > hard to find documentation on it. Any chance to have this documented? > Dont see it in the site
Which of the three solutions / sites do you mean? Ciao, Michael. > On Wed, May 16, 2018 at 7:23 AM Peter <[email protected] > <mailto:[email protected]>> wrote: > > Hi Michael, > > Thanks for this summary, to which I can only add the english page of > the > Russian activity: > > http://cargosoft.ru/en/rm/118/119 > > Cheers, > > Peter > > > > Am 15.05.2018 um 19:06 schrieb Michael Ströder: > > Douglas Duckworth wrote: > >> Does OpenLDAP support use of one time passwords or 2FA for the > Manager > >> account? > > > > There are several solutions: > > > > 1. contrib/slapd-modules/passwd/totp/ > > A proof of concept overlay which AFAICS replaces checking a normal > > password by checking a generated TOTP value. So not really 2FA. > > > > 2. OATH HOTP LDAP Plugin by cargosoft.ru <http://cargosoft.ru> > > Sorry, I only found a Russian site: http://cargosoft.ru/ru/rm/113/115 > > I never checked this myself anyway and therefore can't comment. > > > > 3. OATH-LDAP > > Most flexible solution but hard to setup, especially since not fully > > documented yet. It's currently directly integrated into Æ-DIR but > > could be used stand-alone. Being the author I'm biased of course. > > > > Ciao, Michael.
