I understand that PASSWORD change can be performed via MSCHAPv2.
I could explain to you, why MSCHAPv2 does not work with OTP.
But we would have to dive into your setup a bit deeper. And I am not
willing to invest my time here to explain to you your Many-Bucks-Juniper
setup. Go and ask your Juniper support!!!
!!!
!
!!!
After all - you payed for that!
Besides - I also stressed the problem with MSChapv2 and OTP a lot on
different channels. So google might be your friend here.Am Montag, den 22.08.2016, 03:17 -0700 schrieb jmdeking:
Hi again Cornerlius,
I noticed this feature got released in 2.14-1trusty.
I enabled it and applied it to the only realm i got.
I set a pincode for a ldap user and when looking at the token it
says, next_pin_change: 22/08/16 11:55.
But when i log in to my netscaler using freeradius i do not get
prompted by a radius message to change the pin.
How come.
On Monday, June 20, 2016 at 10:31:48 AM UTC+2, Cornelius Kölbel wrote:
Hi Johan,
have you tried entering "do_what_i_mean"? ;-)
...sorry - could not resist this...
Kind regards
Cornelius
Am Montag, den 20.06.2016, 01:30 -0700 schrieb jmdeking:
> Now when enabling pinhandling and setting the value to "send
pin" i
> get the error Item in ``from list'' not a string
>
> On Monday, June 20, 2016 at 10:19:28 AM UTC+2, jmdeking wrote:
> Sorry but its not clear how this works exactly when
reading
> the document.
>
>
> I apply'd the otp_pin_random option and assigned a
token to a
> user without setting a pin. But the user doesnt
receive a
> email or anything so not sure how to know what the
random code
> is.
>
>
> Gr.
> Johan
>
> On Monday, June 20, 2016 at 10:09:22 AM UTC+2, Cornelius Kölbel wrote:
> The 2nd is already possible.
>
http://privacyidea.readthedocs.io/en/latest/policies/enrollment.html#otp-pin-random
>
>
> Am Montag, den 20.06.2016, 01:07 -0700 schrieb
> jmdeking:
> > Thanks Cornleius,
> >
> >
> > Looks good. Just to clarify my use case is
the
> following:
> >
> >
> > An administrator assigns a challenge
response token
> (email or sms)
> > with a pincode. But this pincode should
not be known
> to the
> > administrator cause its personal so in my
view one
> of the following 2
> > things can be done about this.
> >
> >
> > 1. My users log in to their citrix desktop
using
> Citrix Netscaler with
> > Radius request to the privacyidea server.
The
> privacyidea server
> > detects the 'initial' pincode is used and
asks for a
> challenge
> > response to change the pin to its own
value.
> > 2. When an administrator assigns an token
he can
> leave the pin field
> > empty for the system to generate a random
pin that
> is being send
> > automatically using the chosen token
method. (email
> of SMS)
> >
> >
> > You think this is possible?
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> > On Sunday, June 19, 2016 at 11:02:16 AM UTC+2, Cornelius Kölbel wrote:
> > I added an issue
> >
>
https://github.com/privacyidea/privacyidea/issues/429
> >
> > Am Samstag, den 18.06.2016, 05:35
-0700
> schrieb jmdeking:
> > > Hi Cornelius,
> > >
> > >
> > > I want to suggest a feature
request, the
> software we use at
> > the moment
> > > (RSA) has the ability to assign
a token
> with an initial
> > pincode.
> > > After the user uses this pincode
for the
> first time to
> > > login/authenticatie to our
frontend he
> will be asked to
> > change this to
> > > his own value.
> > > This makes assigning tokens for
other
> people possible, can
> > you look
> > > into this?
> > >
> > >
> > > Thanks
> > > --
> > > Please read the blog post about
getting
> help
> > >
> https://www.privacyidea.org/getting-help/.
> > >
> > > For professional services and
consultancy
> regarding two
> > factor
> > > authentication please visit
> > >
>
https://netknights.it/en/leistungen/one-time-services/
> > >
> > > In an enterprise environment you
should
> get a SERVICE LEVEL
> > AGREEMENT
> > > which suites your needs for
SECURITY,
> AVAILABILITY and
> > LIABILITY:
> > >
> >
>
https://netknights.it/en/leistungen/service-level-agreements/
> > > ---
> > > You received this message
because you are
> subscribed to the
> > Google
> > > Groups "privacyidea" group.
> > > To unsubscribe from this group
and stop
> receiving emails
> > from it, send
> > > an email to
> privacyidea...@googlegroups.com.
> > > To post to this group, send
email to
> > priva...@googlegroups.com.
> > > Visit this group at
> >
>
https://groups.google.com/group/privacyidea.
> > > To view this discussion on the
web visit
> > >
> >
>
https://groups.google.com/d/msgid/privacyidea/d5243197-6d8b-4f6e-8c2e-554ab48126cc%40googlegroups.com.
> > > For more options, visit
> https://groups.google.com/d/optout.
> >
> > --
> > Cornelius Kölbel
> > corneliu...@netknights.it
> > +49 151 2960 1417
> >
> > NetKnights GmbH
> > http://www.netknights.it
> > Landgraf-Karl-Str. 19, 34131
Kassel,
> Germany
> > Tel: +49 561 3166797, Fax: +49 561
3166798
> >
> > Amtsgericht Kassel, HRB 16405
> > Geschäftsführer: Cornelius Kölbel
> >
> >
> > --
> > Please read the blog post about getting
help
> >
https://www.privacyidea.org/getting-help/.
> >
> > For professional services and consultancy
regarding
> two factor
> > authentication please visit
> >
>
https://netknights.it/en/leistungen/one-time-services/
> >
> > In an enterprise environment you should
get a
> SERVICE LEVEL AGREEMENT
> > which suites your needs for SECURITY,
AVAILABILITY
> and LIABILITY:
> >
>
https://netknights.it/en/leistungen/service-level-agreements/
> > ---
> > You received this message because you are
subscribed
> to the Google
> > Groups "privacyidea" group.
> > To unsubscribe from this group and stop
receiving
> emails from it, send
> > an email to
privacyidea...@googlegroups.com.
> > To post to this group, send email to
> priva...@googlegroups.com.
> > Visit this group at
>
https://groups.google.com/group/privacyidea.
> > To view this discussion on the web visit
> >
>
https://groups.google.com/d/msgid/privacyidea/449848c1-cec1-4ab7-93b6-5d6561ddcbdc%40googlegroups.com.
> > For more options, visit
> https://groups.google.com/d/optout.
>
> --
> Cornelius Kölbel
> corneliu...@netknights.it
> +49 151 2960 1417
>
> NetKnights GmbH
> http://www.netknights.it
> Landgraf-Karl-Str. 19, 34131 Kassel,
Germany
> Tel: +49 561 3166797, Fax: +49 561 3166798
>
> Amtsgericht Kassel, HRB 16405
> Geschäftsführer: Cornelius Kölbel
>
>
> --
> Please read the blog post about getting help
> https://www.privacyidea.org/getting-help/.
>
> For professional services and consultancy regarding two
factor
> authentication please visit
> https://netknights.it/en/leistungen/one-time-services/
>
> In an enterprise environment you should get a SERVICE LEVEL
AGREEMENT
> which suites your needs for SECURITY, AVAILABILITY and
LIABILITY:
>
https://netknights.it/en/leistungen/service-level-agreements/
> ---
> You received this message because you are subscribed to the
Google
> Groups "privacyidea" group.
> To unsubscribe from this group and stop receiving emails
from it, send
> an email to privacyidea...@googlegroups.com.
> To post to this group, send email to
priva...@googlegroups.com.
> Visit this group at
https://groups.google.com/group/privacyidea.
> To view this discussion on the web visit
>
https://groups.google.com/d/msgid/privacyidea/98e6cda2-398b-4fe2-9a5b-7ea55208049e%40googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.
--
Cornelius Kölbel
corneliu...@netknights.it
+49 151 2960 1417
NetKnights GmbH
http://www.netknights.it
Landgraf-Karl-Str. 19, 34131 Kassel, Germany
Tel: +49 561 3166797, Fax: +49 561 3166798
Amtsgericht Kassel, HRB 16405
Geschäftsführer: Cornelius Kölbel
–
Please read the blog post about getting help
https://www.privacyidea.org/getting-help/.
For professional services and consultancy regarding two factor
authentication please visit
https://netknights.it/en/leistungen/one-time-services/
In an enterprise environment you should get a SERVICE LEVEL AGREEMENT
which suites your needs for SECURITY, AVAILABILITY and LIABILITY:
https://netknights.it/en/leistungen/service-level-agreements/
You received this message because you are subscribed to the Google
Groups “privacyidea” group.
To unsubscribe from this group and stop receiving emails from it, send
an email to privacyidea+unsubscribe@googlegroups.com.
To post to this group, send email to privacyidea@googlegroups.com.
Visit this group at https://groups.google.com/group/privacyidea.
To view this discussion on the web visit
https://groups.google.com/d/msgid/privacyidea/aaae7048-73c6-4cde-9c7d-5d5db74af67c%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
–
Cornelius Kölbel
@cornelinux
+49 151 2960 1417
NetKnights GmbH
http://www.netknights.it
Landgraf-Karl-Str. 19, 34131 Kassel, Germany
Tel: +49 561 3166797, Fax: +49 561 3166798
Amtsgericht Kassel, HRB 16405
Geschäftsführer: Cornelius Kölbel
signature.asc (836 Bytes)