License of PrivacyIDEA

naruto89 · January 10, 2023, 3:31am

Hi all,

Now I have a project to deployed 2FA for VPN client to site which use Global Protect of PaloAlto with Radius authentications. After researching, I see PrivacyIDEA is bestchoice.
But I still have confuse about 2 things for Privacy IDEA edition opensource :

How many users I can apply token TOTP for ?
Are there any limitations on simultaneous connections ( Session Limit and/or limit concurrent user logins ) ?
→ I have checked in forum, it’s unlimited. That 's right ?

Besides, I want to ask about Privacy IDEA edition Enterprise.
-The difference with edition opensource ?
-The detail price Privacy IDEA edition Enterprise ? How to I can buy license ?

cornelinux · January 10, 2023, 5:27pm

Hello Naruto,

welcome to privacyIDEA.

unlimited.

no.

From a standpoint of code they are the same.
The commuity edition of the privacyIDEA server will nag you one day, that you have more than 50 users with tokens assigned.

A subscription file will stop this.

There are plugins (e.g. privacyIDEA Credential Provider), that require the enterprise edition (see
GitHub - privacyidea/privacyidea: 🔐 multi factor authentication system (2FA, MFA, OTP Server))

The main point of the enterprise edition is
a) proffessional support and services
b) liability
c) stable packaging for ubuntu and RHEL
d) notifications about updates and bugs
e) …

Regards
Cornelius

naruto89 · January 11, 2023, 4:07am

Thanks @cornelinux very much.
I want to ask more about upgrade 2fa system of PI from free edition to enterprise edition :

We will need only add file subscription in WebUI : Components -Subscriptions - Upload Subscription File ?
And does this job affect to 2fa system which running ?

cornelinux · January 11, 2023, 5:03pm

Usually this is:

upload subscription file
change the from the community repo to the enterprise repo

no need to change the running code.

naruto89 · January 13, 2023, 2:08am

Thanks @cornelinux.
I have finished deploying 2fa Privacy IDEA for VPN.
Now I am registering the token for users.
I want to ask how to registering the token for many user faster instead of registering the token one by one ?
Example : permit to add file excel which have all user information to Privacy IDEA and auto send qr code to email of users ?

naruto89 · January 16, 2023, 5:09am

Can you clear for me : “change the from the community repo to the enterprise repo” ?
Because we running 2fa system for production, i don’t want 2fa system is disconnect when have change.
Thanks.

cornelinux · January 17, 2023, 5:02pm

It is simply changing the apt respository and editing a file in /etc/apt/sources… which will only take effect when you run an update.

clemens.bergmann · January 31, 2023, 5:56pm

Hi, in [1] you say

you can get a subscription from the company NetKnights or if you have a very good understanding of this Open Source code, you could create a subscription on your own.

do I understand it correctly that you are fine with me creating my own subscription file without having a customer relationship with NetKnights?

[1] GitHub - privacyidea/privacyidea: 🔐 multi factor authentication system (2FA, MFA, OTP Server)

naruto89 · February 1, 2023, 9:21am

As you mention, I will only need change the urls in file sources.list ?

cornelinux · February 1, 2023, 4:28pm

Yes,
(123456789012345)

cornelinux · February 1, 2023, 4:29pm

Well I am not sure if I would be fine.
But this is legally possible