A bug und some ideas for privacyIDEA

Hi,
I just installed privacyIDEA 2.7. It is really nice. I just found some
glitches.

  • How is it possible to define the scope of the LDAP searches?
  • It would be nice to make the display PIN and OTP during 'Test Token’
    optional.
  • It would be nice to set the default token type in some of the config
    options.
  • It would be nice to set the Token Infos (validity…) during token
    enrollment.

I also found a small bug. If you edit the ‘Validity End’ of a pw token,
e.g. lostTOTP, then the date decremented by one. If you set "Validity End"
to “18/10/15” the value “validity_period_end:” 17/10/15 22:00.

Kind Regards,

Jürgen

Hello Jürgen,

juergen.f.koller@gmail.com:

Hi,
I just installed privacyIDEA 2.7. It is really nice. I just found some
glitches.

thanks for this general and positive feedback!

  * How is it possible to define the scope of the LDAP searches?

Admitted: The scope is always “SUB”. Thus it will always look for users
within the specified BaseDN and underneath.

  * It would be nice to make the display PIN and OTP during 'Test
    Token' optional.

OK. Sounds sensible.

  * It would be nice to set the default token type in some of the
    config options.

You mean the default token type for “enroll token” in the UI?

  * It would be nice to set the Token Infos (validity...) during
    token enrollment.

Phew. You are one of the few who probably use the validity period :wink:
So setting it during enrollment is a real request.
I think there could be a checkbox, button or accordion, that can open
some details.

Setting the validity period during the API enrollment call is not
possible.
So probably we would have to improve the API, too.

I also found a small bug. If you edit the ‘Validity End’ of a pw
token, e.g. lostTOTP, then the date decremented by one. If you set
“Validity End” to “18/10/15” the value “validity_period_end:”
17/10/15 22:00.

Strange. Thanks a lot!

I will file some issues at github, later.
If you have the possibility to do so, you are welcome to file your
findings including my comments.

Kind regards
CorneliusAm Donnerstag, den 15.10.2015, 03:07 -0700 schrieb

Kind Regards,

Jürgen

You received this message because you are subscribed to the Google
Groups “privacyidea” group.
To unsubscribe from this group and stop receiving emails from it, send
an email to privacyidea+unsubscribe@googlegroups.com.
To post to this group, send email to privacyidea@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/privacyidea/ab2413df-e1f5-4557-8555-ef16572b1400%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


Cornelius Kölbel
@cornelinux
+49 151 2960 1417

NetKnights GmbH
http://www.netknights.it
Landgraf-Karl-Str. 19, 34131 Kassel, Germany
Tel: +49 561 3166797, Fax: +49 561 3166798

Amtsgericht Kassel, HRB 16405
Geschäftsführer: Cornelius Kölbel

signature.asc (836 Bytes)

Sorry for being so late.Am Donnerstag, 15. Oktober 2015 12:16:27 UTC+2 schrieb Cornelinux K:

Am Donnerstag, den 15.10.2015, 03:07 -0700 schrieb
juergen....@gmail.com <javascript:>:

  * How is it possible to define the scope of the LDAP searches? 

Admitted: The scope is always “SUB”. Thus it will always look for users
within the specified BaseDN and underneath.

  * It would be nice to make the display PIN and OTP during 'Test 
    Token' optional. 

OK. Sounds sensible.

  * It would be nice to set the default token type in some of the 
    config options. 

You mean the default token type for “enroll token” in the UI?

  * It would be nice to set the Token Infos (validity...) during 
    token enrollment. 

Phew. You are one of the few who probably use the validity period :wink:
So setting it during enrollment is a real request.
I think there could be a checkbox, button or accordion, that can open
some details.

Setting the validity period during the API enrollment call is not
possible.
So probably we would have to improve the API, too.

I also found a small bug. If you edit the ‘Validity End’ of a pw
token, e.g. lostTOTP, then the date decremented by one. If you set
"Validity End" to “18/10/15” the value "validity_period_end:"
17/10/15 22:00.

Strange. Thanks a lot!

I will file some issues at github, later.
If you have the possibility to do so, you are welcome to file your
findings including my comments.

Should I get an account on github for you? :slight_smile: If this would be much easier
for you, then I will get one.

To add just one more bug:
ich you set a policy with scoe user, then under “Users” there is an error
:“User actions are defined, but this action is not allowed!”. Perhaps I
only missed a button in the policy.

Jürgen

juergen.f.koller@gmail.com:

Hi,
I just installed privacyIDEA 2.7. It is really nice. I just found some
glitches.

  * How is it possible to define the scope of the LDAP searches?

done:

  * It would be nice to make the display PIN and OTP during 'Test
    Token' optional.

done:
https://github.com/privacyidea/privacyidea/issues/236Am Donnerstag, den 15.10.2015, 03:07 -0700 schrieb

  * It would be nice to set the default token type in some of the
    config options.
  * It would be nice to set the Token Infos (validity...) during
    token enrollment.

I also found a small bug. If you edit the ‘Validity End’ of a pw
token, e.g. lostTOTP, then the date decremented by one. If you set
“Validity End” to “18/10/15” the value “validity_period_end:”
17/10/15 22:00.

Kind Regards,

Jürgen

You received this message because you are subscribed to the Google
Groups “privacyidea” group.
To unsubscribe from this group and stop receiving emails from it, send
an email to privacyidea+unsubscribe@googlegroups.com.
To post to this group, send email to privacyidea@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/privacyidea/ab2413df-e1f5-4557-8555-ef16572b1400%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


Cornelius Kölbel
@cornelinux
+49 151 2960 1417

NetKnights GmbH
http://www.netknights.it
Landgraf-Karl-Str. 19, 34131 Kassel, Germany
Tel: +49 561 3166797, Fax: +49 561 3166798

Amtsgericht Kassel, HRB 16405
Geschäftsführer: Cornelius Kölbel

signature.asc (836 Bytes)