Sorry, looks like i got a bit confused So, 2FA not just plain OTP. So password+OTP is what im looking for.
On Thu, May 17, 2018 at 10:52 AM Dave Macias <[email protected]> wrote: > Thank you for the reply Michael, > > This one in: > 3. OATH-LDAP > > But in general just want to test a way to add OTP to openldap, which ever > works > > -dave > > On Wed, May 16, 2018 at 9:25 AM Michael Ströder <[email protected]> > wrote: > >> Dave Macias wrote: >> > I too have been wondering about TOTP with openldap but always found it >> > hard to find documentation on it. Any chance to have this documented? >> > Dont see it in the site >> >> Which of the three solutions / sites do you mean? >> >> Ciao, Michael. >> >> > On Wed, May 16, 2018 at 7:23 AM Peter <[email protected] >> > <mailto:[email protected]>> wrote: >> > >> > Hi Michael, >> > >> > Thanks for this summary, to which I can only add the english page of >> > the >> > Russian activity: >> > >> > http://cargosoft.ru/en/rm/118/119 >> > >> > Cheers, >> > >> > Peter >> > >> > >> > >> > Am 15.05.2018 um 19:06 schrieb Michael Ströder: >> > > Douglas Duckworth wrote: >> > >> Does OpenLDAP support use of one time passwords or 2FA for the >> > Manager >> > >> account? >> > > >> > > There are several solutions: >> > > >> > > 1. contrib/slapd-modules/passwd/totp/ >> > > A proof of concept overlay which AFAICS replaces checking a normal >> > > password by checking a generated TOTP value. So not really 2FA. >> > > >> > > 2. OATH HOTP LDAP Plugin by cargosoft.ru <http://cargosoft.ru> >> > > Sorry, I only found a Russian site: >> http://cargosoft.ru/ru/rm/113/115 >> > > I never checked this myself anyway and therefore can't comment. >> > > >> > > 3. OATH-LDAP >> > > Most flexible solution but hard to setup, especially since not >> fully >> > > documented yet. It's currently directly integrated into Æ-DIR but >> > > could be used stand-alone. Being the author I'm biased of course. >> > > >> > > Ciao, Michael. >> >
