Hi Jose,
great that it works now! :)
you can setup a write user the same way, e.g.:
access to dn.subtree="dc=test,dc=lan"
to
attrs=objectClass,oathSecret,oathTokenSerialNumber,oathTOTPToken,oathTOTPParams
by dn.base="uid=bindrw,dc=test,dc=lan" write
by * break
See e.g.
Hi Roland.
Got it working with your suggestion and the Symas How-To Guide "Two-Factor
Authentication".
I was able generate a QR code from the self-service portal and was able to do a
'ldapwhoami' on my account by entering the password followed by the OTP code.
I have one issue, according to
Hi Jose,
please check your self service profile. On tab "Module settings" there
is "OpenLDAP TOTP" where you can specify the DN with the DN of the TOTP
parameters.
This DN must contain oathHMACAlgorithm, oathOTPLength,
oathTOTPTimeStepPeriod.
Best regards
Roland
Am 09.11.21 um 00:19
Howdy.
Stood up a test VM running CentOS 7 with Symas OpenLDAP 2.5 with LAM Pro 7.7.
Added the otp overlay and module in slapd.conf and did a slaptest -f
slapd.conf. No errors.
I did a slapcat from the production OpenLDAP 2.4 server and did a slapadd on
the test VM.
I was able to view the
