Hello Nick, thanks for clarifying this, even though it was in the manual of how to setup LDAP! (RTFM...) Got it working now!
Best regards Benjamin > Nick Couchman <[email protected]> hat am 18. Februar 2019 um 16:59 geschrieben: > > On Mon, Feb 18, 2019 at 10:47 AM Benjamin Griese < [email protected] > mailto:[email protected] > wrote: > > > > Hello everybody, > > > > this is kind of a uplicate of a post made by someone on > > guacamole-issues ML[1]. > > > > I've setup a Guacamole system in my home environment for remote > > access. > > In order to make things secure, I thought I setup TOTP 2 factor > > authentication in conjunction with LDAP. > > > > I've found out the local guacadmin is successfully being asked for > > TOTP init. > > Even though LDAP users and even additional local users are not > > getting asked for TOTP init. > > > > I am using this docker-image in a kubernetes setup, if it does > > matter. > > https://github.com/oznu/docker-guacamole > > > > > > Is this a bug or a misconfigured setup? > > > > > > This is perhaps a nuance of the configuration and how it works. First, > you need the users to exist in the database authentication module, because > that's where the TOTP information gets stored. Second, the users in the DB > module need to be allowed to update their own passwords (basically update > their own account), as that's what determines whether or not the user can > store information about themselves. > > -Nick > > > > > > > > >
