PiP or package for mission critical useage?

Hey guys,

I’m a Debian guy and want to run the software with the latest Debian 8. The
documentation tells me to use the Ubuntu packages, but I’m a bit afraid it
this is a long term solution?
Also the packages are only available fot Ubuntu LTS 14.4, not the 16.4.

So what is the best way for a mission critical use with some LTS type? Use
of PiP? Use old LTS? Use Debian 7 and wait for a stable Debian 8 package?
I don’t like CentOS, so this is not a real alternative for me.

Thanks!
Michael

Forget it, found the function in the user table UI, works perfectly, also
with the freeradius plugin.
Now it’s time for the CA. :)2016-06-06 13:37 GMT+02:00 Michael Muenz <@Michael_Muenz>:

Thanks, really appreciate your help! :slight_smile:
I’ll set up a local CA, shouldn’t be an issue.

I there also a link to check the token vadility via curl?

Am Montag, 6. Juni 2016 13:19:21 UTC+2 schrieb Cornelius Kölbel:

Hi Michael,

in case of CA take a look here:

http://privacyidea.readthedocs.io/en/latest/configuration/caconnectors.html

privacyIDEA comes with a basic local CA connector, which is calling a
local openssl configuration. The CA connector concept is the idea of
allowing different kind of CA. If someone wants to dive into RPC you
could also connect to a microsoft CA.

The CA functionality for local CA was improved in the latest version,
but still - as the trust of the CA does not come from privacyIDEA itself
but from the underlying CA - you need to do some setup in openssl.

Kind regards
Cornelius

Am Montag, den 06.06.2016, 03:45 -0700 schrieb Michael Muenz:

Sadly … yes :slight_smile:

Ok, I’ve installed the Trusty packages with Jessie so collect some
ideas of how all things work.

Now I have a fresh setup and was able to import some users from ldap.
Will try to import some Safenet and Feitian tokens and test the
WebCA :))

Michael

Am Montag, 6. Juni 2016 11:21:03 UTC+2 schrieb Cornelius Kölbel:
Do you have such a poor standing at the support team? :wink:

    Of course you will not run it with py-mange the same way you
    will not
    run linotp with the crappy old paster!

    You will not need an init script, since it runs as a web
    service.

    Read

http://privacyidea.readthedocs.io/en/latest/installation/system/wsgiscript.html

    and here you will see the real killer feature, i.e.
    you can run several independent instances of privacyIDEA on
    one machine!

    Kind regards
    Cornelius


    Am Montag, den 06.06.2016, 02:15 -0700 schrieb Michael Muenz:
    > I checked the PIP stuff, but is this really usable for
    productive
    > usage?
    > This seems to me like a virtual testing environment.
    >
    >
    > Is there a init.script or will I have to start it always
    via
    > py-manage?
    >
    >
    > When I think about a support team and teach it how stuff
    works, they
    > will kill me when they see a new thing like this :)
    >
    >
    >
    >
    > Michael
    >
    > Am Montag, 6. Juni 2016 11:00:55 UTC+2 schrieb Cornelius
    Kölbel:
    >         Hi Michael,
    >
    >         I think there are also some other interesting
    things, besides
    >         the
    >         mordern UI and the redesigned REST API like
    >
    >         * assign tokens to machines
    >         * offline OTP
    >         * radius migration
    >         * event handler
    >         to name a few...
    >
    >         Nevertheless, I am curious for your feedback.
    >
    >         Kind regards
    >         Cornelius
    >
    >         Am Montag, den 06.06.2016, 01:20 -0700 schrieb
    Michael Muenz:
    >         > Cornelius,
    >         >
    >         >
    >         > Thanks for your fast reply! Until now I'm very
    familiar with
    >         LinOTP
    >         > and it works pretty good with Debian 8, but your
    new feature
    >         to manage
    >         > certificates could be a killer (for LinOTP).
    >         > I'll have a look at PIP and try to migrate some
    accounts for
    >         testing.
    >         >
    >         >
    >         > Keep up with the good work!
    >         >
    >         >
    >         > Michael
    >         >
    >         > On Monday, June 6, 2016 at 10:05:11 AM UTC+2, Cornelius Kölbel wrote:
    >         >         Hello Michael,
    >         >
    >         >         I would recommend using pip with a
    virtual
    >         environment.
    >         >         Honestly I am also thinking about
    switching packages
    >         to
    >         >         virtual
    >         >         environments. PIP installations are also
    supported
    >         by the
    >         >         enterprise
    >         >         SLAs. So you can be sure, that this is no
    dead end.
    >         >
    >         >         The 14.04 packages have dependencies to
    python
    >         modules. The
    >         >         privacyidea
    >         >         modules reside in the systems module
    path.
    >         >         Dependent modules are also taken from the
    system.
    >         Which is
    >         >         sometimes
    >         >         difficult, due to version differences!
    >         >         And with 16.04 there is also a naming
    conflict in
    >         dependent
    >         >         modules.
    >         >
    >         >         So I am in fact thinking about having the
    packages
    >         >         (deb-packages)
    >         >         containing self contained python virtual
    envs.
    >         >         The debian package and the RPM packages
    already work
    >         this
    >         >         way...
    >         >
    >         >         So when updating your system with apt-get
    the pip
    >         installed
    >         >         self
    >         >         contained privacyidea virtualenv will also
    be
    >         updated.
    >         >
    >         >         Kind regards
    >         >         Cornelius
    >         >
    >         >
    >         >         Am Montag, den 06.06.2016, 00:43 -0700 schrieb
    >         Michael Muenz:
    >         >         > Hey guys,
    >         >         >
    >         >         >
    >         >         > I'm a Debian guy and want to run the
    software with
    >         the
    >         >         latest Debian
    >         >         > 8. The documentation tells me to use the
    Ubuntu
    >         packages,
    >         >         but I'm a
    >         >         > bit afraid it this is a long term
    solution?
    >         >         > Also the packages are only available fot
    Ubuntu
    >         LTS 14.4,
    >         >         not the
    >         >         > 16.4.
    >         >         >
    >         >         >
    >         >         > So what is the best way for a mission
    critical use
    >         with some
    >         >         LTS type?
    >         >         > Use of PiP? Use old LTS? Use Debian 7
    and wait for
    >         a stable
    >         >         Debian 8
    >         >         > package?
    >         >         > I don't like CentOS, so this is not a
    real
    >         alternative for
    >         >         me.
    >         >         >
    >         >         >
    >         >         > Thanks!
    >         >         > Michael
    >         >         > --
    >         >         > Please read the blog post about getting
    help
    >         >         >
    https://www.privacyidea.org/getting-help/.
    >         >         >
    >         >         > For professional services and
    consultancy
    >         regarding two
    >         >         factor
    >         >         > authentication please visit
    >         >         >
    >
    https://netknights.it/en/leistungen/one-time-services/
    >         >         >
    >         >         > In an enterprise environment you should
    get a
    >         SERVICE LEVEL
    >         >         AGREEMENT
    >         >         > which suites your needs for SECURITY,
    AVAILABILITY
    >         and
    >         >         LIABILITY:
    >         >         >
    >         >
    >
    https://netknights.it/en/leistungen/service-level-agreements/
    >         >         > ---
    >         >         > You received this message because you
    are
    >         subscribed to the
    >         >         Google
    >         >         > Groups "privacyidea" group.
    >         >         > To unsubscribe from this group and stop
    receiving
    >         emails
    >         >         from it, send
    >         >         > an email to
    privacyidea...@googlegroups.com.
    >         >         > To post to this group, send email to
    >         >         priva...@googlegroups.com.
    >         >         > Visit this group at
    >         >
    https://groups.google.com/group/privacyidea.
    >         >         > To view this discussion on the web
    visit
    >         >         >
    >         >
    >

https://groups.google.com/d/msgid/privacyidea/77685887-ce6c-4003-820f-a8b4679e6cf5%40googlegroups.com.

    >         >         > For more options, visit
    >         https://groups.google.com/d/optout.
    >         >
    >         >         --
    >         >         Cornelius Kölbel
    >         >         corneliu...@netknights.it
    >         >         +49 151 2960 1417
    >         >
    >         >         NetKnights GmbH
    >         >         http://www.netknights.it
    >         >         Landgraf-Karl-Str. 19, 34131 Kassel,
    Germany
    >         >         Tel: +49 561 3166797, Fax: +49 561
    3166798
    >         >
    >         >         Amtsgericht Kassel, HRB 16405
    >         >         Geschäftsführer: Cornelius Kölbel
    >         >
    >         >
    >         > --
    >         > Please read the blog post about getting help
    >         > https://www.privacyidea.org/getting-help/.
    >         >
    >         > For professional services and consultancy
    regarding two
    >         factor
    >         > authentication please visit
    >         >
    https://netknights.it/en/leistungen/one-time-services/
    >         >
    >         > In an enterprise environment you should get a
    SERVICE LEVEL
    >         AGREEMENT
    >         > which suites your needs for SECURITY, AVAILABILITY
    and
    >         LIABILITY:
    >         >
    >
    https://netknights.it/en/leistungen/service-level-agreements/
    >         > ---
    >         > You received this message because you are
    subscribed to the
    >         Google
    >         > Groups "privacyidea" group.
    >         > To unsubscribe from this group and stop receiving
    emails
    >         from it, send
    >         > an email to privacyidea...@googlegroups.com.
    >         > To post to this group, send email to
    >         priva...@googlegroups.com.
    >         > Visit this group at
    >         https://groups.google.com/group/privacyidea.
    >         > To view this discussion on the web visit
    >         >
    >

https://groups.google.com/d/msgid/privacyidea/456dda03-aac7-4d04-9b72-1d69cfeed0f2%40googlegroups.com.

    >         > For more options, visit
    https://groups.google.com/d/optout.
    >
    >         --
    >         Cornelius Kölbel
    >         corneliu...@netknights.it
    >         +49 151 2960 1417
    >
    >         NetKnights GmbH
    >         http://www.netknights.it
    >         Landgraf-Karl-Str. 19, 34131 Kassel, Germany
    >         Tel: +49 561 3166797, Fax: +49 561 3166798
    >
    >         Amtsgericht Kassel, HRB 16405
    >         Geschäftsführer: Cornelius Kölbel
    >
    >
    > --
    > Please read the blog post about getting help
    > https://www.privacyidea.org/getting-help/.
    >
    > For professional services and consultancy regarding two
    factor
    > authentication please visit
    > https://netknights.it/en/leistungen/one-time-services/
    >
    > In an enterprise environment you should get a SERVICE LEVEL
    AGREEMENT
    > which suites your needs for SECURITY, AVAILABILITY and
    LIABILITY:
    >
    https://netknights.it/en/leistungen/service-level-agreements/
    > ---
    > You received this message because you are subscribed to the
    Google
    > Groups "privacyidea" group.
    > To unsubscribe from this group and stop receiving emails
    from it, send
    > an email to privacyidea...@googlegroups.com.
    > To post to this group, send email to
    priva...@googlegroups.com.
    > Visit this group at
    https://groups.google.com/group/privacyidea.
    > To view this discussion on the web visit
    >

https://groups.google.com/d/msgid/privacyidea/dbbdfdaf-6afe-4b8a-b4e2-27aa8f6734d1%40googlegroups.com.

    > For more options, visit https://groups.google.com/d/optout.

    --
    Cornelius Kölbel
    corneliu...@netknights.it
    +49 151 2960 1417

    NetKnights GmbH
    http://www.netknights.it
    Landgraf-Karl-Str. 19, 34131 Kassel, Germany
    Tel: +49 561 3166797, Fax: +49 561 3166798

    Amtsgericht Kassel, HRB 16405
    Geschäftsführer: Cornelius Kölbel


Please read the blog post about getting help
https://www.privacyidea.org/getting-help/.

For professional services and consultancy regarding two factor
authentication please visit
https://netknights.it/en/leistungen/one-time-services/

In an enterprise environment you should get a SERVICE LEVEL AGREEMENT
which suites your needs for SECURITY, AVAILABILITY and LIABILITY:
https://netknights.it/en/leistungen/service-level-agreements/

You received this message because you are subscribed to the Google
Groups “privacyidea” group.
To unsubscribe from this group and stop receiving emails from it, send
an email to privacyidea...@googlegroups.com.
To post to this group, send email to priva...@googlegroups.com.
Visit this group at https://groups.google.com/group/privacyidea.
To view this discussion on the web visit

https://groups.google.com/d/msgid/privacyidea/fed4185c-58de-4da5-88f5-896511763722%40googlegroups.com.

For more options, visit https://groups.google.com/d/optout.


Cornelius Kölbel
corneliu...@netknights.it
+49 151 2960 1417

NetKnights GmbH
http://www.netknights.it
Landgraf-Karl-Str. 19, 34131 Kassel, Germany
Tel: +49 561 3166797, Fax: +49 561 3166798

Amtsgericht Kassel, HRB 16405
Geschäftsführer: Cornelius Kölbel


Please read the blog post about getting help
https://www.privacyidea.org/getting-help/.

For professional services and consultancy regarding two factor
authentication please visit
https://netknights.it/en/leistungen/one-time-services/

In an enterprise environment you should get a SERVICE LEVEL AGREEMENT
which suites your needs for SECURITY, AVAILABILITY and LIABILITY:
https://netknights.it/en/leistungen/service-level-agreements/

You received this message because you are subscribed to a topic in the
Google Groups “privacyidea” group.
To unsubscribe from this topic, visit
https://groups.google.com/d/topic/privacyidea/f9ueFECvKG8/unsubscribe.
To unsubscribe from this group and all its topics, send an email to
privacyidea+unsubscribe@googlegroups.com.
To post to this group, send email to privacyidea@googlegroups.com.
Visit this group at https://groups.google.com/group/privacyidea.
To view this discussion on the web visit
https://groups.google.com/d/msgid/privacyidea/a221fe35-2575-4a6c-b30e-9548e8994822%40googlegroups.com
https://groups.google.com/d/msgid/privacyidea/a221fe35-2575-4a6c-b30e-9548e8994822%40googlegroups.com?utm_medium=email&utm_source=footer
.

For more options, visit https://groups.google.com/d/optout.

Hi Michael,

I think there are also some other interesting things, besides the
mordern UI and the redesigned REST API like

  • assign tokens to machines
  • offline OTP
  • radius migration
  • event handler
    to name a few…

Nevertheless, I am curious for your feedback.

Kind regards
CorneliusAm Montag, den 06.06.2016, 01:20 -0700 schrieb Michael Muenz:

Cornelius,

Thanks for your fast reply! Until now I’m very familiar with LinOTP
and it works pretty good with Debian 8, but your new feature to manage
certificates could be a killer (for LinOTP).
I’ll have a look at PIP and try to migrate some accounts for testing.

Keep up with the good work!

Michael

On Monday, June 6, 2016 at 10:05:11 AM UTC+2, Cornelius Kölbel wrote:
Hello Michael,

    I would recommend using pip with a virtual environment. 
    Honestly I am also thinking about switching packages to
    virtual 
    environments. PIP installations are also supported by the
    enterprise 
    SLAs. So you can be sure, that this is no dead end. 
    
    The 14.04 packages have dependencies to python modules. The
    privacyidea 
    modules reside in the systems module path. 
    Dependent modules are also taken from the system. Which is
    sometimes 
    difficult, due to version differences! 
    And with 16.04 there is also a naming conflict in dependent
    modules. 
    
    So I am in fact thinking about having the packages
    (deb-packages) 
    containing self contained python virtual envs. 
    The debian package and the RPM packages already work this
    way... 
    
    So when updating your system with apt-get the pip installed
    self 
    contained privacyidea virtualenv will also be updated. 
    
    Kind regards 
    Cornelius 
    
    
    Am Montag, den 06.06.2016, 00:43 -0700 schrieb Michael Muenz: 
    > Hey guys, 
    > 
    > 
    > I'm a Debian guy and want to run the software with the
    latest Debian 
    > 8. The documentation tells me to use the Ubuntu packages,
    but I'm a 
    > bit afraid it this is a long term solution? 
    > Also the packages are only available fot Ubuntu LTS 14.4,
    not the 
    > 16.4. 
    > 
    > 
    > So what is the best way for a mission critical use with some
    LTS type? 
    > Use of PiP? Use old LTS? Use Debian 7 and wait for a stable
    Debian 8 
    > package? 
    > I don't like CentOS, so this is not a real alternative for
    me. 
    > 
    > 
    > Thanks! 
    > Michael 
    > -- 
    > Please read the blog post about getting help 
    > https://www.privacyidea.org/getting-help/. 
    >   
    > For professional services and consultancy regarding two
    factor 
    > authentication please visit 
    > https://netknights.it/en/leistungen/one-time-services/ 
    >   
    > In an enterprise environment you should get a SERVICE LEVEL
    AGREEMENT 
    > which suites your needs for SECURITY, AVAILABILITY and
    LIABILITY: 
    >
    https://netknights.it/en/leistungen/service-level-agreements/ 
    > --- 
    > You received this message because you are subscribed to the
    Google 
    > Groups "privacyidea" group. 
    > To unsubscribe from this group and stop receiving emails
    from it, send 
    > an email to privacyidea...@googlegroups.com. 
    > To post to this group, send email to
    priva...@googlegroups.com. 
    > Visit this group at
    https://groups.google.com/group/privacyidea. 
    > To view this discussion on the web visit 
    >
    https://groups.google.com/d/msgid/privacyidea/77685887-ce6c-4003-820f-a8b4679e6cf5%40googlegroups.com. 
    > For more options, visit https://groups.google.com/d/optout. 
    
    -- 
    Cornelius Kölbel 
    corneliu...@netknights.it 
    +49 151 2960 1417 
    
    NetKnights GmbH 
    http://www.netknights.it 
    Landgraf-Karl-Str. 19, 34131 Kassel, Germany 
    Tel: +49 561 3166797, Fax: +49 561 3166798 
    
    Amtsgericht Kassel, HRB 16405 
    Geschäftsführer: Cornelius Kölbel 


Please read the blog post about getting help
https://www.privacyidea.org/getting-help/.

For professional services and consultancy regarding two factor
authentication please visit
https://netknights.it/en/leistungen/one-time-services/

In an enterprise environment you should get a SERVICE LEVEL AGREEMENT
which suites your needs for SECURITY, AVAILABILITY and LIABILITY:
https://netknights.it/en/leistungen/service-level-agreements/

You received this message because you are subscribed to the Google
Groups “privacyidea” group.
To unsubscribe from this group and stop receiving emails from it, send
an email to privacyidea+unsubscribe@googlegroups.com.
To post to this group, send email to privacyidea@googlegroups.com.
Visit this group at https://groups.google.com/group/privacyidea.
To view this discussion on the web visit
https://groups.google.com/d/msgid/privacyidea/456dda03-aac7-4d04-9b72-1d69cfeed0f2%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


Cornelius Kölbel
@cornelinux
+49 151 2960 1417

NetKnights GmbH
http://www.netknights.it
Landgraf-Karl-Str. 19, 34131 Kassel, Germany
Tel: +49 561 3166797, Fax: +49 561 3166798

Amtsgericht Kassel, HRB 16405
Geschäftsführer: Cornelius Kölbel

signature.asc (836 Bytes)

Hi Michael,

in case of CA take a look here:
http://privacyidea.readthedocs.io/en/latest/configuration/caconnectors.html

privacyIDEA comes with a basic local CA connector, which is calling a
local openssl configuration. The CA connector concept is the idea of
allowing different kind of CA. If someone wants to dive into RPC you
could also connect to a microsoft CA.

The CA functionality for local CA was improved in the latest version,
but still - as the trust of the CA does not come from privacyIDEA itself
but from the underlying CA - you need to do some setup in openssl.

Kind regards
CorneliusAm Montag, den 06.06.2016, 03:45 -0700 schrieb Michael Muenz:

Sadly … yes :slight_smile:

Ok, I’ve installed the Trusty packages with Jessie so collect some
ideas of how all things work.

Now I have a fresh setup and was able to import some users from ldap.
Will try to import some Safenet and Feitian tokens and test the
WebCA :))

Michael

Am Montag, 6. Juni 2016 11:21:03 UTC+2 schrieb Cornelius Kölbel:
Do you have such a poor standing at the support team? :wink:

    Of course you will not run it with py-mange the same way you
    will not 
    run linotp with the crappy old paster! 
    
    You will not need an init script, since it runs as a web
    service. 
    
    Read 
    http://privacyidea.readthedocs.io/en/latest/installation/system/wsgiscript.html 
    and here you will see the real killer feature, i.e. 
    you can run several independent instances of privacyIDEA on
    one machine! 
    
    Kind regards 
    Cornelius 
    
    
    Am Montag, den 06.06.2016, 02:15 -0700 schrieb Michael Muenz: 
    > I checked the PIP stuff, but is this really usable for
    productive 
    > usage? 
    > This seems to me like a virtual testing environment. 
    > 
    > 
    > Is there a init.script or will I have to start it always
    via 
    > py-manage? 
    > 
    > 
    > When I think about a support team and teach it how stuff
    works, they 
    > will kill me when they see a new thing like this :) 
    > 
    > 
    > 
    > 
    > Michael 
    > 
    > Am Montag, 6. Juni 2016 11:00:55 UTC+2 schrieb Cornelius
    Kölbel: 
    >         Hi Michael, 
    >         
    >         I think there are also some other interesting
    things, besides 
    >         the 
    >         mordern UI and the redesigned REST API like 
    >         
    >         * assign tokens to machines 
    >         * offline OTP 
    >         * radius migration 
    >         * event handler 
    >         to name a few... 
    >         
    >         Nevertheless, I am curious for your feedback. 
    >         
    >         Kind regards 
    >         Cornelius 
    >         
    >         Am Montag, den 06.06.2016, 01:20 -0700 schrieb
    Michael Muenz: 
    >         > Cornelius, 
    >         > 
    >         > 
    >         > Thanks for your fast reply! Until now I'm very
    familiar with 
    >         LinOTP 
    >         > and it works pretty good with Debian 8, but your
    new feature 
    >         to manage 
    >         > certificates could be a killer (for LinOTP). 
    >         > I'll have a look at PIP and try to migrate some
    accounts for 
    >         testing. 
    >         > 
    >         > 
    >         > Keep up with the good work! 
    >         > 
    >         > 
    >         > Michael 
    >         > 
    >         > On Monday, June 6, 2016 at 10:05:11 AM UTC+2, Cornelius  Kölbel wrote: 
    >         >         Hello Michael, 
    >         >         
    >         >         I would recommend using pip with a
    virtual 
    >         environment. 
    >         >         Honestly I am also thinking about
    switching packages 
    >         to 
    >         >         virtual 
    >         >         environments. PIP installations are also
    supported 
    >         by the 
    >         >         enterprise 
    >         >         SLAs. So you can be sure, that this is no
    dead end. 
    >         >         
    >         >         The 14.04 packages have dependencies to
    python 
    >         modules. The 
    >         >         privacyidea 
    >         >         modules reside in the systems module
    path. 
    >         >         Dependent modules are also taken from the
    system. 
    >         Which is 
    >         >         sometimes 
    >         >         difficult, due to version differences! 
    >         >         And with 16.04 there is also a naming
    conflict in 
    >         dependent 
    >         >         modules. 
    >         >         
    >         >         So I am in fact thinking about having the
    packages 
    >         >         (deb-packages) 
    >         >         containing self contained python virtual
    envs. 
    >         >         The debian package and the RPM packages
    already work 
    >         this 
    >         >         way... 
    >         >         
    >         >         So when updating your system with apt-get
    the pip 
    >         installed 
    >         >         self 
    >         >         contained privacyidea virtualenv will also
    be 
    >         updated. 
    >         >         
    >         >         Kind regards 
    >         >         Cornelius 
    >         >         
    >         >         
    >         >         Am Montag, den 06.06.2016, 00:43 -0700 schrieb 
    >         Michael Muenz: 
    >         >         > Hey guys, 
    >         >         > 
    >         >         > 
    >         >         > I'm a Debian guy and want to run the
    software with 
    >         the 
    >         >         latest Debian 
    >         >         > 8. The documentation tells me to use the
    Ubuntu 
    >         packages, 
    >         >         but I'm a 
    >         >         > bit afraid it this is a long term
    solution? 
    >         >         > Also the packages are only available fot
    Ubuntu 
    >         LTS 14.4, 
    >         >         not the 
    >         >         > 16.4. 
    >         >         > 
    >         >         > 
    >         >         > So what is the best way for a mission
    critical use 
    >         with some 
    >         >         LTS type? 
    >         >         > Use of PiP? Use old LTS? Use Debian 7
    and wait for 
    >         a stable 
    >         >         Debian 8 
    >         >         > package? 
    >         >         > I don't like CentOS, so this is not a
    real 
    >         alternative for 
    >         >         me. 
    >         >         > 
    >         >         > 
    >         >         > Thanks! 
    >         >         > Michael 
    >         >         > -- 
    >         >         > Please read the blog post about getting
    help 
    >         >         >
    https://www.privacyidea.org/getting-help/. 
    >         >         >   
    >         >         > For professional services and
    consultancy 
    >         regarding two 
    >         >         factor 
    >         >         > authentication please visit 
    >         >         > 
    >
    https://netknights.it/en/leistungen/one-time-services/ 
    >         >         >   
    >         >         > In an enterprise environment you should
    get a 
    >         SERVICE LEVEL 
    >         >         AGREEMENT 
    >         >         > which suites your needs for SECURITY,
    AVAILABILITY 
    >         and 
    >         >         LIABILITY: 
    >         >         > 
    >         > 
    >
    https://netknights.it/en/leistungen/service-level-agreements/ 
    >         >         > --- 
    >         >         > You received this message because you
    are 
    >         subscribed to the 
    >         >         Google 
    >         >         > Groups "privacyidea" group. 
    >         >         > To unsubscribe from this group and stop
    receiving 
    >         emails 
    >         >         from it, send 
    >         >         > an email to
    privacyidea...@googlegroups.com. 
    >         >         > To post to this group, send email to 
    >         >         priva...@googlegroups.com. 
    >         >         > Visit this group at 
    >         >
    https://groups.google.com/group/privacyidea. 
    >         >         > To view this discussion on the web
    visit 
    >         >         > 
    >         > 
    >
    https://groups.google.com/d/msgid/privacyidea/77685887-ce6c-4003-820f-a8b4679e6cf5%40googlegroups.com. 
    >         >         > For more options, visit 
    >         https://groups.google.com/d/optout. 
    >         >         
    >         >         -- 
    >         >         Cornelius Kölbel 
    >         >         corneliu...@netknights.it 
    >         >         +49 151 2960 1417 
    >         >         
    >         >         NetKnights GmbH 
    >         >         http://www.netknights.it 
    >         >         Landgraf-Karl-Str. 19, 34131 Kassel,
    Germany 
    >         >         Tel: +49 561 3166797, Fax: +49 561
    3166798 
    >         >         
    >         >         Amtsgericht Kassel, HRB 16405 
    >         >         Geschäftsführer: Cornelius Kölbel 
    >         >         
    >         >         
    >         > -- 
    >         > Please read the blog post about getting help 
    >         > https://www.privacyidea.org/getting-help/. 
    >         >   
    >         > For professional services and consultancy
    regarding two 
    >         factor 
    >         > authentication please visit 
    >         >
    https://netknights.it/en/leistungen/one-time-services/ 
    >         >   
    >         > In an enterprise environment you should get a
    SERVICE LEVEL 
    >         AGREEMENT 
    >         > which suites your needs for SECURITY, AVAILABILITY
    and 
    >         LIABILITY: 
    >         > 
    >
    https://netknights.it/en/leistungen/service-level-agreements/ 
    >         > --- 
    >         > You received this message because you are
    subscribed to the 
    >         Google 
    >         > Groups "privacyidea" group. 
    >         > To unsubscribe from this group and stop receiving
    emails 
    >         from it, send 
    >         > an email to privacyidea...@googlegroups.com. 
    >         > To post to this group, send email to 
    >         priva...@googlegroups.com. 
    >         > Visit this group at 
    >         https://groups.google.com/group/privacyidea. 
    >         > To view this discussion on the web visit 
    >         > 
    >
    https://groups.google.com/d/msgid/privacyidea/456dda03-aac7-4d04-9b72-1d69cfeed0f2%40googlegroups.com. 
    >         > For more options, visit
    https://groups.google.com/d/optout. 
    >         
    >         -- 
    >         Cornelius Kölbel 
    >         corneliu...@netknights.it 
    >         +49 151 2960 1417 
    >         
    >         NetKnights GmbH 
    >         http://www.netknights.it 
    >         Landgraf-Karl-Str. 19, 34131 Kassel, Germany 
    >         Tel: +49 561 3166797, Fax: +49 561 3166798 
    >         
    >         Amtsgericht Kassel, HRB 16405 
    >         Geschäftsführer: Cornelius Kölbel 
    >         
    >         
    > -- 
    > Please read the blog post about getting help 
    > https://www.privacyidea.org/getting-help/. 
    >   
    > For professional services and consultancy regarding two
    factor 
    > authentication please visit 
    > https://netknights.it/en/leistungen/one-time-services/ 
    >   
    > In an enterprise environment you should get a SERVICE LEVEL
    AGREEMENT 
    > which suites your needs for SECURITY, AVAILABILITY and
    LIABILITY: 
    >
    https://netknights.it/en/leistungen/service-level-agreements/ 
    > --- 
    > You received this message because you are subscribed to the
    Google 
    > Groups "privacyidea" group. 
    > To unsubscribe from this group and stop receiving emails
    from it, send 
    > an email to privacyidea...@googlegroups.com. 
    > To post to this group, send email to
    priva...@googlegroups.com. 
    > Visit this group at
    https://groups.google.com/group/privacyidea. 
    > To view this discussion on the web visit 
    >
    https://groups.google.com/d/msgid/privacyidea/dbbdfdaf-6afe-4b8a-b4e2-27aa8f6734d1%40googlegroups.com. 
    > For more options, visit https://groups.google.com/d/optout. 
    
    -- 
    Cornelius Kölbel 
    corneliu...@netknights.it 
    +49 151 2960 1417 
    
    NetKnights GmbH 
    http://www.netknights.it 
    Landgraf-Karl-Str. 19, 34131 Kassel, Germany 
    Tel: +49 561 3166797, Fax: +49 561 3166798 
    
    Amtsgericht Kassel, HRB 16405 
    Geschäftsführer: Cornelius Kölbel 


Please read the blog post about getting help
https://www.privacyidea.org/getting-help/.

For professional services and consultancy regarding two factor
authentication please visit
https://netknights.it/en/leistungen/one-time-services/

In an enterprise environment you should get a SERVICE LEVEL AGREEMENT
which suites your needs for SECURITY, AVAILABILITY and LIABILITY:
https://netknights.it/en/leistungen/service-level-agreements/

You received this message because you are subscribed to the Google
Groups “privacyidea” group.
To unsubscribe from this group and stop receiving emails from it, send
an email to privacyidea+unsubscribe@googlegroups.com.
To post to this group, send email to privacyidea@googlegroups.com.
Visit this group at https://groups.google.com/group/privacyidea.
To view this discussion on the web visit
https://groups.google.com/d/msgid/privacyidea/fed4185c-58de-4da5-88f5-896511763722%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


Cornelius Kölbel
@cornelinux
+49 151 2960 1417

NetKnights GmbH
http://www.netknights.it
Landgraf-Karl-Str. 19, 34131 Kassel, Germany
Tel: +49 561 3166797, Fax: +49 561 3166798

Amtsgericht Kassel, HRB 16405
Geschäftsführer: Cornelius Kölbel

signature.asc (836 Bytes)

Hello Michael,

I would recommend using pip with a virtual environment.
Honestly I am also thinking about switching packages to virtual
environments. PIP installations are also supported by the enterprise
SLAs. So you can be sure, that this is no dead end.

The 14.04 packages have dependencies to python modules. The privacyidea
modules reside in the systems module path.
Dependent modules are also taken from the system. Which is sometimes
difficult, due to version differences!
And with 16.04 there is also a naming conflict in dependent modules.

So I am in fact thinking about having the packages (deb-packages)
containing self contained python virtual envs.
The debian package and the RPM packages already work this way…

So when updating your system with apt-get the pip installed self
contained privacyidea virtualenv will also be updated.

Kind regards
CorneliusAm Montag, den 06.06.2016, 00:43 -0700 schrieb Michael Muenz:

Hey guys,

I’m a Debian guy and want to run the software with the latest Debian
8. The documentation tells me to use the Ubuntu packages, but I’m a
bit afraid it this is a long term solution?
Also the packages are only available fot Ubuntu LTS 14.4, not the
16.4.

So what is the best way for a mission critical use with some LTS type?
Use of PiP? Use old LTS? Use Debian 7 and wait for a stable Debian 8
package?
I don’t like CentOS, so this is not a real alternative for me.

Thanks!
Michael

Please read the blog post about getting help
https://www.privacyidea.org/getting-help/.

For professional services and consultancy regarding two factor
authentication please visit
https://netknights.it/en/leistungen/one-time-services/

In an enterprise environment you should get a SERVICE LEVEL AGREEMENT
which suites your needs for SECURITY, AVAILABILITY and LIABILITY:
https://netknights.it/en/leistungen/service-level-agreements/

You received this message because you are subscribed to the Google
Groups “privacyidea” group.
To unsubscribe from this group and stop receiving emails from it, send
an email to privacyidea+unsubscribe@googlegroups.com.
To post to this group, send email to privacyidea@googlegroups.com.
Visit this group at https://groups.google.com/group/privacyidea.
To view this discussion on the web visit
https://groups.google.com/d/msgid/privacyidea/77685887-ce6c-4003-820f-a8b4679e6cf5%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


Cornelius Kölbel
@cornelinux
+49 151 2960 1417

NetKnights GmbH
http://www.netknights.it
Landgraf-Karl-Str. 19, 34131 Kassel, Germany
Tel: +49 561 3166797, Fax: +49 561 3166798

Amtsgericht Kassel, HRB 16405
Geschäftsführer: Cornelius Kölbel

signature.asc (836 Bytes)

Full code documentation
http://privacyidea.readthedocs.io/en/latest/modules/index.html

And REST validate API
http://privacyidea.readthedocs.io/en/latest/modules/api/validate.htmlAm Montag, den 06.06.2016, 04:37 -0700 schrieb Michael Muenz:

Thanks, really appreciate your help! :slight_smile:
I’ll set up a local CA, shouldn’t be an issue.

I there also a link to check the token vadility via curl?

Am Montag, 6. Juni 2016 13:19:21 UTC+2 schrieb Cornelius Kölbel:
Hi Michael,

    in case of CA take a look here: 
    http://privacyidea.readthedocs.io/en/latest/configuration/caconnectors.html 
    
    privacyIDEA comes with a basic local CA connector, which is
    calling a 
    local openssl configuration. The CA connector concept is the
    idea of 
    allowing different kind of CA. If someone wants to dive into
    RPC you 
    could also connect to a microsoft CA. 
    
    The CA functionality for local CA was improved in the latest
    version, 
    but still - as the trust of the CA does not come from
    privacyIDEA itself 
    but from the underlying CA - you need to do some setup in
    openssl. 
    
    Kind regards 
    Cornelius 
    
    Am Montag, den 06.06.2016, 03:45 -0700 schrieb Michael Muenz: 
    > Sadly ... yes :) 
    > 
    > 
    > Ok, I've installed the Trusty packages with Jessie so
    collect some 
    > ideas of how all things work. 
    > 
    > 
    > Now I have a fresh setup and was able to import some users
    from ldap. 
    > Will try to import some Safenet and Feitian tokens and test
    the 
    > WebCA :)) 
    > 
    > 
    > Michael 
    > 
    > Am Montag, 6. Juni 2016 11:21:03 UTC+2 schrieb Cornelius
    Kölbel: 
    >         Do you have such a poor standing at the support
    team? ;-) 
    >         
    >         Of course you will not run it with py-mange the same
    way you 
    >         will not 
    >         run linotp with the crappy old paster! 
    >         
    >         You will not need an init script, since it runs as a
    web 
    >         service. 
    >         
    >         Read 
    >
    http://privacyidea.readthedocs.io/en/latest/installation/system/wsgiscript.html 
    >         and here you will see the real killer feature, i.e. 
    >         you can run several independent instances of
    privacyIDEA on 
    >         one machine! 
    >         
    >         Kind regards 
    >         Cornelius 
    >         
    >         
    >         Am Montag, den 06.06.2016, 02:15 -0700 schrieb
    Michael Muenz: 
    >         > I checked the PIP stuff, but is this really usable
    for 
    >         productive 
    >         > usage? 
    >         > This seems to me like a virtual testing
    environment. 
    >         > 
    >         > 
    >         > Is there a init.script or will I have to start it
    always 
    >         via 
    >         > py-manage? 
    >         > 
    >         > 
    >         > When I think about a support team and teach it how
    stuff 
    >         works, they 
    >         > will kill me when they see a new thing like
    this :) 
    >         > 
    >         > 
    >         > 
    >         > 
    >         > Michael 
    >         > 
    >         > Am Montag, 6. Juni 2016 11:00:55 UTC+2 schrieb
    Cornelius 
    >         Kölbel: 
    >         >         Hi Michael, 
    >         >         
    >         >         I think there are also some other
    interesting 
    >         things, besides 
    >         >         the 
    >         >         mordern UI and the redesigned REST API
    like 
    >         >         
    >         >         * assign tokens to machines 
    >         >         * offline OTP 
    >         >         * radius migration 
    >         >         * event handler 
    >         >         to name a few... 
    >         >         
    >         >         Nevertheless, I am curious for your
    feedback. 
    >         >         
    >         >         Kind regards 
    >         >         Cornelius 
    >         >         
    >         >         Am Montag, den 06.06.2016, 01:20 -0700 schrieb 
    >         Michael Muenz: 
    >         >         > Cornelius, 
    >         >         > 
    >         >         > 
    >         >         > Thanks for your fast reply! Until now
    I'm very 
    >         familiar with 
    >         >         LinOTP 
    >         >         > and it works pretty good with Debian 8,
    but your 
    >         new feature 
    >         >         to manage 
    >         >         > certificates could be a killer (for
    LinOTP). 
    >         >         > I'll have a look at PIP and try to
    migrate some 
    >         accounts for 
    >         >         testing. 
    >         >         > 
    >         >         > 
    >         >         > Keep up with the good work! 
    >         >         > 
    >         >         > 
    >         >         > Michael 
    >         >         > 
    >         >         > On Monday, June 6, 2016 at 10:05:11 AM UTC+2,  Cornelius  Kölbel wrote: 
    >         >         >         Hello Michael, 
    >         >         >         
    >         >         >         I would recommend using pip with
    a 
    >         virtual 
    >         >         environment. 
    >         >         >         Honestly I am also thinking
    about 
    >         switching packages 
    >         >         to 
    >         >         >         virtual 
    >         >         >         environments. PIP installations
    are also 
    >         supported 
    >         >         by the 
    >         >         >         enterprise 
    >         >         >         SLAs. So you can be sure, that
    this is no 
    >         dead end. 
    >         >         >         
    >         >         >         The 14.04 packages have
    dependencies to 
    >         python 
    >         >         modules. The 
    >         >         >         privacyidea 
    >         >         >         modules reside in the systems
    module 
    >         path. 
    >         >         >         Dependent modules are also taken
    from the 
    >         system. 
    >         >         Which is 
    >         >         >         sometimes 
    >         >         >         difficult, due to version
    differences! 
    >         >         >         And with 16.04 there is also a
    naming 
    >         conflict in 
    >         >         dependent 
    >         >         >         modules. 
    >         >         >         
    >         >         >         So I am in fact thinking about
    having the 
    >         packages 
    >         >         >         (deb-packages) 
    >         >         >         containing self contained python
    virtual 
    >         envs. 
    >         >         >         The debian package and the RPM
    packages 
    >         already work 
    >         >         this 
    >         >         >         way... 
    >         >         >         
    >         >         >         So when updating your system
    with apt-get 
    >         the pip 
    >         >         installed 
    >         >         >         self 
    >         >         >         contained privacyidea virtualenv
    will also 
    >         be 
    >         >         updated. 
    >         >         >         
    >         >         >         Kind regards 
    >         >         >         Cornelius 
    >         >         >         
    >         >         >         
    >         >         >         Am Montag, den 06.06.2016, 00:43 0700  schrieb 
    >         >         Michael Muenz: 
    >         >         >         > Hey guys, 
    >         >         >         > 
    >         >         >         > 
    >         >         >         > I'm a Debian guy and want to
    run the 
    >         software with 
    >         >         the 
    >         >         >         latest Debian 
    >         >         >         > 8. The documentation tells me
    to use the 
    >         Ubuntu 
    >         >         packages, 
    >         >         >         but I'm a 
    >         >         >         > bit afraid it this is a long
    term 
    >         solution? 
    >         >         >         > Also the packages are only
    available fot 
    >         Ubuntu 
    >         >         LTS 14.4, 
    >         >         >         not the 
    >         >         >         > 16.4. 
    >         >         >         > 
    >         >         >         > 
    >         >         >         > So what is the best way for a
    mission 
    >         critical use 
    >         >         with some 
    >         >         >         LTS type? 
    >         >         >         > Use of PiP? Use old LTS? Use
    Debian 7 
    >         and wait for 
    >         >         a stable 
    >         >         >         Debian 8 
    >         >         >         > package? 
    >         >         >         > I don't like CentOS, so this
    is not a 
    >         real 
    >         >         alternative for 
    >         >         >         me. 
    >         >         >         > 
    >         >         >         > 
    >         >         >         > Thanks! 
    >         >         >         > Michael 
    >         >         >         > -- 
    >         >         >         > Please read the blog post
    about getting 
    >         help 
    >         >         >         > 
    >         https://www.privacyidea.org/getting-help/. 
    >         >         >         >   
    >         >         >         > For professional services and 
    >         consultancy 
    >         >         regarding two 
    >         >         >         factor 
    >         >         >         > authentication please visit 
    >         >         >         > 
    >         > 
    >
    https://netknights.it/en/leistungen/one-time-services/ 
    >         >         >         >   
    >         >         >         > In an enterprise environment
    you should 
    >         get a 
    >         >         SERVICE LEVEL 
    >         >         >         AGREEMENT 
    >         >         >         > which suites your needs for
    SECURITY, 
    >         AVAILABILITY 
    >         >         and 
    >         >         >         LIABILITY: 
    >         >         >         > 
    >         >         > 
    >         > 
    >
    https://netknights.it/en/leistungen/service-level-agreements/ 
    >         >         >         > --- 
    >         >         >         > You received this message
    because you 
    >         are 
    >         >         subscribed to the 
    >         >         >         Google 
    >         >         >         > Groups "privacyidea" group. 
    >         >         >         > To unsubscribe from this group
    and stop 
    >         receiving 
    >         >         emails 
    >         >         >         from it, send 
    >         >         >         > an email to 
    >         privacyidea...@googlegroups.com. 
    >         >         >         > To post to this group, send
    email to 
    >         >         >         priva...@googlegroups.com. 
    >         >         >         > Visit this group at 
    >         >         > 
    >         https://groups.google.com/group/privacyidea. 
    >         >         >         > To view this discussion on the
    web 
    >         visit 
    >         >         >         > 
    >         >         > 
    >         > 
    >
    https://groups.google.com/d/msgid/privacyidea/77685887-ce6c-4003-820f-a8b4679e6cf5%40googlegroups.com. 
    >         >         >         > For more options, visit 
    >         >         https://groups.google.com/d/optout. 
    >         >         >         
    >         >         >         -- 
    >         >         >         Cornelius Kölbel 
    >         >         >         corneliu...@netknights.it 
    >         >         >         +49 151 2960 1417 
    >         >         >         
    >         >         >         NetKnights GmbH 
    >         >         >         http://www.netknights.it 
    >         >         >         Landgraf-Karl-Str. 19, 34131
    Kassel, 
    >         Germany 
    >         >         >         Tel: +49 561 3166797, Fax: +49
    561 
    >         3166798 
    >         >         >         
    >         >         >         Amtsgericht Kassel, HRB 16405 
    >         >         >         Geschäftsführer: Cornelius
    Kölbel 
    >         >         >         
    >         >         >         
    >         >         > -- 
    >         >         > Please read the blog post about getting
    help 
    >         >         >
    https://www.privacyidea.org/getting-help/. 
    >         >         >   
    >         >         > For professional services and
    consultancy 
    >         regarding two 
    >         >         factor 
    >         >         > authentication please visit 
    >         >         > 
    >
    https://netknights.it/en/leistungen/one-time-services/ 
    >         >         >   
    >         >         > In an enterprise environment you should
    get a 
    >         SERVICE LEVEL 
    >         >         AGREEMENT 
    >         >         > which suites your needs for SECURITY,
    AVAILABILITY 
    >         and 
    >         >         LIABILITY: 
    >         >         > 
    >         > 
    >
    https://netknights.it/en/leistungen/service-level-agreements/ 
    >         >         > --- 
    >         >         > You received this message because you
    are 
    >         subscribed to the 
    >         >         Google 
    >         >         > Groups "privacyidea" group. 
    >         >         > To unsubscribe from this group and stop
    receiving 
    >         emails 
    >         >         from it, send 
    >         >         > an email to
    privacyidea...@googlegroups.com. 
    >         >         > To post to this group, send email to 
    >         >         priva...@googlegroups.com. 
    >         >         > Visit this group at 
    >         >
    https://groups.google.com/group/privacyidea. 
    >         >         > To view this discussion on the web
    visit 
    >         >         > 
    >         > 
    >
    https://groups.google.com/d/msgid/privacyidea/456dda03-aac7-4d04-9b72-1d69cfeed0f2%40googlegroups.com. 
    >         >         > For more options, visit 
    >         https://groups.google.com/d/optout. 
    >         >         
    >         >         -- 
    >         >         Cornelius Kölbel 
    >         >         corneliu...@netknights.it 
    >         >         +49 151 2960 1417 
    >         >         
    >         >         NetKnights GmbH 
    >         >         http://www.netknights.it 
    >         >         Landgraf-Karl-Str. 19, 34131 Kassel,
    Germany 
    >         >         Tel: +49 561 3166797, Fax: +49 561
    3166798 
    >         >         
    >         >         Amtsgericht Kassel, HRB 16405 
    >         >         Geschäftsführer: Cornelius Kölbel 
    >         >         
    >         >         
    >         > -- 
    >         > Please read the blog post about getting help 
    >         > https://www.privacyidea.org/getting-help/. 
    >         >   
    >         > For professional services and consultancy
    regarding two 
    >         factor 
    >         > authentication please visit 
    >         >
    https://netknights.it/en/leistungen/one-time-services/ 
    >         >   
    >         > In an enterprise environment you should get a
    SERVICE LEVEL 
    >         AGREEMENT 
    >         > which suites your needs for SECURITY, AVAILABILITY
    and 
    >         LIABILITY: 
    >         > 
    >
    https://netknights.it/en/leistungen/service-level-agreements/ 
    >         > --- 
    >         > You received this message because you are
    subscribed to the 
    >         Google 
    >         > Groups "privacyidea" group. 
    >         > To unsubscribe from this group and stop receiving
    emails 
    >         from it, send 
    >         > an email to privacyidea...@googlegroups.com. 
    >         > To post to this group, send email to 
    >         priva...@googlegroups.com. 
    >         > Visit this group at 
    >         https://groups.google.com/group/privacyidea. 
    >         > To view this discussion on the web visit 
    >         > 
    >
    https://groups.google.com/d/msgid/privacyidea/dbbdfdaf-6afe-4b8a-b4e2-27aa8f6734d1%40googlegroups.com. 
    >         > For more options, visit
    https://groups.google.com/d/optout. 
    >         
    >         -- 
    >         Cornelius Kölbel 
    >         corneliu...@netknights.it 
    >         +49 151 2960 1417 
    >         
    >         NetKnights GmbH 
    >         http://www.netknights.it 
    >         Landgraf-Karl-Str. 19, 34131 Kassel, Germany 
    >         Tel: +49 561 3166797, Fax: +49 561 3166798 
    >         
    >         Amtsgericht Kassel, HRB 16405 
    >         Geschäftsführer: Cornelius Kölbel 
    >         
    >         
    > -- 
    > Please read the blog post about getting help 
    > https://www.privacyidea.org/getting-help/. 
    >   
    > For professional services and consultancy regarding two
    factor 
    > authentication please visit 
    > https://netknights.it/en/leistungen/one-time-services/ 
    >   
    > In an enterprise environment you should get a SERVICE LEVEL
    AGREEMENT 
    > which suites your needs for SECURITY, AVAILABILITY and
    LIABILITY: 
    >
    https://netknights.it/en/leistungen/service-level-agreements/ 
    > --- 
    > You received this message because you are subscribed to the
    Google 
    > Groups "privacyidea" group. 
    > To unsubscribe from this group and stop receiving emails
    from it, send 
    > an email to privacyidea...@googlegroups.com. 
    > To post to this group, send email to
    priva...@googlegroups.com. 
    > Visit this group at
    https://groups.google.com/group/privacyidea. 
    > To view this discussion on the web visit 
    >
    https://groups.google.com/d/msgid/privacyidea/fed4185c-58de-4da5-88f5-896511763722%40googlegroups.com. 
    > For more options, visit https://groups.google.com/d/optout. 
    
    -- 
    Cornelius Kölbel 
    corneliu...@netknights.it 
    +49 151 2960 1417 
    
    NetKnights GmbH 
    http://www.netknights.it 
    Landgraf-Karl-Str. 19, 34131 Kassel, Germany 
    Tel: +49 561 3166797, Fax: +49 561 3166798 
    
    Amtsgericht Kassel, HRB 16405 
    Geschäftsführer: Cornelius Kölbel 


Please read the blog post about getting help
https://www.privacyidea.org/getting-help/.

For professional services and consultancy regarding two factor
authentication please visit
https://netknights.it/en/leistungen/one-time-services/

In an enterprise environment you should get a SERVICE LEVEL AGREEMENT
which suites your needs for SECURITY, AVAILABILITY and LIABILITY:
https://netknights.it/en/leistungen/service-level-agreements/

You received this message because you are subscribed to the Google
Groups “privacyidea” group.
To unsubscribe from this group and stop receiving emails from it, send
an email to privacyidea+unsubscribe@googlegroups.com.
To post to this group, send email to privacyidea@googlegroups.com.
Visit this group at https://groups.google.com/group/privacyidea.
To view this discussion on the web visit
https://groups.google.com/d/msgid/privacyidea/a221fe35-2575-4a6c-b30e-9548e8994822%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


Cornelius Kölbel
@cornelinux
+49 151 2960 1417

NetKnights GmbH
http://www.netknights.it
Landgraf-Karl-Str. 19, 34131 Kassel, Germany
Tel: +49 561 3166797, Fax: +49 561 3166798

Amtsgericht Kassel, HRB 16405
Geschäftsführer: Cornelius Kölbel

signature.asc (836 Bytes)

Thanks, really appreciate your help! :slight_smile:
I’ll set up a local CA, shouldn’t be an issue.

I there also a link to check the token vadility via curl?Am Montag, 6. Juni 2016 13:19:21 UTC+2 schrieb Cornelius Kölbel:

Hi Michael,

in case of CA take a look here:
http://privacyidea.readthedocs.io/en/latest/configuration/caconnectors.html

privacyIDEA comes with a basic local CA connector, which is calling a
local openssl configuration. The CA connector concept is the idea of
allowing different kind of CA. If someone wants to dive into RPC you
could also connect to a microsoft CA.

The CA functionality for local CA was improved in the latest version,
but still - as the trust of the CA does not come from privacyIDEA itself
but from the underlying CA - you need to do some setup in openssl.

Kind regards
Cornelius

Am Montag, den 06.06.2016, 03:45 -0700 schrieb Michael Muenz:

Sadly … yes :slight_smile:

Ok, I’ve installed the Trusty packages with Jessie so collect some
ideas of how all things work.

Now I have a fresh setup and was able to import some users from ldap.
Will try to import some Safenet and Feitian tokens and test the
WebCA :))

Michael

Am Montag, 6. Juni 2016 11:21:03 UTC+2 schrieb Cornelius Kölbel:
Do you have such a poor standing at the support team? :wink:

    Of course you will not run it with py-mange the same way you 
    will not 
    run linotp with the crappy old paster! 
    
    You will not need an init script, since it runs as a web 
    service. 
    
    Read 

http://privacyidea.readthedocs.io/en/latest/installation/system/wsgiscript.html

    and here you will see the real killer feature, i.e. 
    you can run several independent instances of privacyIDEA on 
    one machine! 
    
    Kind regards 
    Cornelius 
    
    
    Am Montag, den 06.06.2016, 02:15 -0700 schrieb Michael Muenz: 
    > I checked the PIP stuff, but is this really usable for 
    productive 
    > usage? 
    > This seems to me like a virtual testing environment. 
    > 
    > 
    > Is there a init.script or will I have to start it always 
    via 
    > py-manage? 
    > 
    > 
    > When I think about a support team and teach it how stuff 
    works, they 
    > will kill me when they see a new thing like this :) 
    > 
    > 
    > 
    > 
    > Michael 
    > 
    > Am Montag, 6. Juni 2016 11:00:55 UTC+2 schrieb Cornelius 
    Kölbel: 
    >         Hi Michael, 
    >         
    >         I think there are also some other interesting 
    things, besides 
    >         the 
    >         mordern UI and the redesigned REST API like 
    >         
    >         * assign tokens to machines 
    >         * offline OTP 
    >         * radius migration 
    >         * event handler 
    >         to name a few... 
    >         
    >         Nevertheless, I am curious for your feedback. 
    >         
    >         Kind regards 
    >         Cornelius 
    >         
    >         Am Montag, den 06.06.2016, 01:20 -0700 schrieb 
    Michael Muenz: 
    >         > Cornelius, 
    >         > 
    >         > 
    >         > Thanks for your fast reply! Until now I'm very 
    familiar with 
    >         LinOTP 
    >         > and it works pretty good with Debian 8, but your 
    new feature 
    >         to manage 
    >         > certificates could be a killer (for LinOTP). 
    >         > I'll have a look at PIP and try to migrate some 
    accounts for 
    >         testing. 
    >         > 
    >         > 
    >         > Keep up with the good work! 
    >         > 
    >         > 
    >         > Michael 
    >         > 
    >         > On Monday, June 6, 2016 at 10:05:11 AM UTC+2,  Cornelius  Kölbel wrote: 
    >         >         Hello Michael, 
    >         >         
    >         >         I would recommend using pip with a 
    virtual 
    >         environment. 
    >         >         Honestly I am also thinking about 
    switching packages 
    >         to 
    >         >         virtual 
    >         >         environments. PIP installations are also 
    supported 
    >         by the 
    >         >         enterprise 
    >         >         SLAs. So you can be sure, that this is no 
    dead end. 
    >         >         
    >         >         The 14.04 packages have dependencies to 
    python 
    >         modules. The 
    >         >         privacyidea 
    >         >         modules reside in the systems module 
    path. 
    >         >         Dependent modules are also taken from the 
    system. 
    >         Which is 
    >         >         sometimes 
    >         >         difficult, due to version differences! 
    >         >         And with 16.04 there is also a naming 
    conflict in 
    >         dependent 
    >         >         modules. 
    >         >         
    >         >         So I am in fact thinking about having the 
    packages 
    >         >         (deb-packages) 
    >         >         containing self contained python virtual 
    envs. 
    >         >         The debian package and the RPM packages 
    already work 
    >         this 
    >         >         way... 
    >         >         
    >         >         So when updating your system with apt-get 
    the pip 
    >         installed 
    >         >         self 
    >         >         contained privacyidea virtualenv will also 
    be 
    >         updated. 
    >         >         
    >         >         Kind regards 
    >         >         Cornelius 
    >         >         
    >         >         
    >         >         Am Montag, den 06.06.2016, 00:43 -0700  schrieb 
    >         Michael Muenz: 
    >         >         > Hey guys, 
    >         >         > 
    >         >         > 
    >         >         > I'm a Debian guy and want to run the 
    software with 
    >         the 
    >         >         latest Debian 
    >         >         > 8. The documentation tells me to use the 
    Ubuntu 
    >         packages, 
    >         >         but I'm a 
    >         >         > bit afraid it this is a long term 
    solution? 
    >         >         > Also the packages are only available fot 
    Ubuntu 
    >         LTS 14.4, 
    >         >         not the 
    >         >         > 16.4. 
    >         >         > 
    >         >         > 
    >         >         > So what is the best way for a mission 
    critical use 
    >         with some 
    >         >         LTS type? 
    >         >         > Use of PiP? Use old LTS? Use Debian 7 
    and wait for 
    >         a stable 
    >         >         Debian 8 
    >         >         > package? 
    >         >         > I don't like CentOS, so this is not a 
    real 
    >         alternative for 
    >         >         me. 
    >         >         > 
    >         >         > 
    >         >         > Thanks! 
    >         >         > Michael 
    >         >         > -- 
    >         >         > Please read the blog post about getting 
    help 
    >         >         > 
    https://www.privacyidea.org/getting-help/. 
    >         >         >   
    >         >         > For professional services and 
    consultancy 
    >         regarding two 
    >         >         factor 
    >         >         > authentication please visit 
    >         >         > 
    > 
    https://netknights.it/en/leistungen/one-time-services/ 
    >         >         >   
    >         >         > In an enterprise environment you should 
    get a 
    >         SERVICE LEVEL 
    >         >         AGREEMENT 
    >         >         > which suites your needs for SECURITY, 
    AVAILABILITY 
    >         and 
    >         >         LIABILITY: 
    >         >         > 
    >         > 
    > 
    https://netknights.it/en/leistungen/service-level-agreements/ 
    >         >         > --- 
    >         >         > You received this message because you 
    are 
    >         subscribed to the 
    >         >         Google 
    >         >         > Groups "privacyidea" group. 
    >         >         > To unsubscribe from this group and stop 
    receiving 
    >         emails 
    >         >         from it, send 
    >         >         > an email to 
    privacyidea...@googlegroups.com. 
    >         >         > To post to this group, send email to 
    >         >         priva...@googlegroups.com. 
    >         >         > Visit this group at 
    >         > 
    https://groups.google.com/group/privacyidea. 
    >         >         > To view this discussion on the web 
    visit 
    >         >         > 
    >         > 
    > 

https://groups.google.com/d/msgid/privacyidea/77685887-ce6c-4003-820f-a8b4679e6cf5%40googlegroups.com.

    >         >         > For more options, visit 
    >         https://groups.google.com/d/optout. 
    >         >         
    >         >         -- 
    >         >         Cornelius Kölbel 
    >         >         corneliu...@netknights.it 
    >         >         +49 151 2960 1417 
    >         >         
    >         >         NetKnights GmbH 
    >         >         http://www.netknights.it 
    >         >         Landgraf-Karl-Str. 19, 34131 Kassel, 
    Germany 
    >         >         Tel: +49 561 3166797, Fax: +49 561 
    3166798 
    >         >         
    >         >         Amtsgericht Kassel, HRB 16405 
    >         >         Geschäftsführer: Cornelius Kölbel 
    >         >         
    >         >         
    >         > -- 
    >         > Please read the blog post about getting help 
    >         > https://www.privacyidea.org/getting-help/. 
    >         >   
    >         > For professional services and consultancy 
    regarding two 
    >         factor 
    >         > authentication please visit 
    >         > 
    https://netknights.it/en/leistungen/one-time-services/ 
    >         >   
    >         > In an enterprise environment you should get a 
    SERVICE LEVEL 
    >         AGREEMENT 
    >         > which suites your needs for SECURITY, AVAILABILITY 
    and 
    >         LIABILITY: 
    >         > 
    > 
    https://netknights.it/en/leistungen/service-level-agreements/ 
    >         > --- 
    >         > You received this message because you are 
    subscribed to the 
    >         Google 
    >         > Groups "privacyidea" group. 
    >         > To unsubscribe from this group and stop receiving 
    emails 
    >         from it, send 
    >         > an email to privacyidea...@googlegroups.com. 
    >         > To post to this group, send email to 
    >         priva...@googlegroups.com. 
    >         > Visit this group at 
    >         https://groups.google.com/group/privacyidea. 
    >         > To view this discussion on the web visit 
    >         > 
    > 

https://groups.google.com/d/msgid/privacyidea/456dda03-aac7-4d04-9b72-1d69cfeed0f2%40googlegroups.com.

    >         > For more options, visit 
    https://groups.google.com/d/optout. 
    >         
    >         -- 
    >         Cornelius Kölbel 
    >         corneliu...@netknights.it 
    >         +49 151 2960 1417 
    >         
    >         NetKnights GmbH 
    >         http://www.netknights.it 
    >         Landgraf-Karl-Str. 19, 34131 Kassel, Germany 
    >         Tel: +49 561 3166797, Fax: +49 561 3166798 
    >         
    >         Amtsgericht Kassel, HRB 16405 
    >         Geschäftsführer: Cornelius Kölbel 
    >         
    >         
    > -- 
    > Please read the blog post about getting help 
    > https://www.privacyidea.org/getting-help/. 
    >   
    > For professional services and consultancy regarding two 
    factor 
    > authentication please visit 
    > https://netknights.it/en/leistungen/one-time-services/ 
    >   
    > In an enterprise environment you should get a SERVICE LEVEL 
    AGREEMENT 
    > which suites your needs for SECURITY, AVAILABILITY and 
    LIABILITY: 
    > 
    https://netknights.it/en/leistungen/service-level-agreements/ 
    > --- 
    > You received this message because you are subscribed to the 
    Google 
    > Groups "privacyidea" group. 
    > To unsubscribe from this group and stop receiving emails 
    from it, send 
    > an email to privacyidea...@googlegroups.com. 
    > To post to this group, send email to 
    priva...@googlegroups.com. 
    > Visit this group at 
    https://groups.google.com/group/privacyidea. 
    > To view this discussion on the web visit 
    > 

https://groups.google.com/d/msgid/privacyidea/dbbdfdaf-6afe-4b8a-b4e2-27aa8f6734d1%40googlegroups.com.

    > For more options, visit https://groups.google.com/d/optout. 
    
    -- 
    Cornelius Kölbel 
    corneliu...@netknights.it 
    +49 151 2960 1417 
    
    NetKnights GmbH 
    http://www.netknights.it 
    Landgraf-Karl-Str. 19, 34131 Kassel, Germany 
    Tel: +49 561 3166797, Fax: +49 561 3166798 
    
    Amtsgericht Kassel, HRB 16405 
    Geschäftsführer: Cornelius Kölbel 


Please read the blog post about getting help
https://www.privacyidea.org/getting-help/.

For professional services and consultancy regarding two factor
authentication please visit
https://netknights.it/en/leistungen/one-time-services/

In an enterprise environment you should get a SERVICE LEVEL AGREEMENT
which suites your needs for SECURITY, AVAILABILITY and LIABILITY:
https://netknights.it/en/leistungen/service-level-agreements/

You received this message because you are subscribed to the Google
Groups “privacyidea” group.
To unsubscribe from this group and stop receiving emails from it, send
an email to privacyidea...@googlegroups.com <javascript:>.
To post to this group, send email to priva...@googlegroups.com
<javascript:>.
Visit this group at https://groups.google.com/group/privacyidea.
To view this discussion on the web visit

https://groups.google.com/d/msgid/privacyidea/fed4185c-58de-4da5-88f5-896511763722%40googlegroups.com.

For more options, visit https://groups.google.com/d/optout.


Cornelius Kölbel
corneliu...@netknights.it <javascript:>
+49 151 2960 1417

NetKnights GmbH
http://www.netknights.it
Landgraf-Karl-Str. 19, 34131 Kassel, Germany
Tel: +49 561 3166797, Fax: +49 561 3166798

Amtsgericht Kassel, HRB 16405
Geschäftsführer: Cornelius Kölbel

Do you have such a poor standing at the support team? :wink:

Of course you will not run it with py-mange the same way you will not
run linotp with the crappy old paster!

You will not need an init script, since it runs as a web service.

Read
http://privacyidea.readthedocs.io/en/latest/installation/system/wsgiscript.html
and here you will see the real killer feature, i.e.
you can run several independent instances of privacyIDEA on one machine!

Kind regards
CorneliusAm Montag, den 06.06.2016, 02:15 -0700 schrieb Michael Muenz:

I checked the PIP stuff, but is this really usable for productive
usage?
This seems to me like a virtual testing environment.

Is there a init.script or will I have to start it always via
py-manage?

When I think about a support team and teach it how stuff works, they
will kill me when they see a new thing like this :slight_smile:

Michael

Am Montag, 6. Juni 2016 11:00:55 UTC+2 schrieb Cornelius Kölbel:
Hi Michael,

    I think there are also some other interesting things, besides
    the 
    mordern UI and the redesigned REST API like 
    
    * assign tokens to machines 
    * offline OTP 
    * radius migration 
    * event handler 
    to name a few... 
    
    Nevertheless, I am curious for your feedback. 
    
    Kind regards 
    Cornelius 
    
    Am Montag, den 06.06.2016, 01:20 -0700 schrieb Michael Muenz: 
    > Cornelius, 
    > 
    > 
    > Thanks for your fast reply! Until now I'm very familiar with
    LinOTP 
    > and it works pretty good with Debian 8, but your new feature
    to manage 
    > certificates could be a killer (for LinOTP). 
    > I'll have a look at PIP and try to migrate some accounts for
    testing. 
    > 
    > 
    > Keep up with the good work! 
    > 
    > 
    > Michael 
    > 
    > On Monday, June 6, 2016 at 10:05:11 AM UTC+2, Cornelius Kölbel wrote: 
    >         Hello Michael, 
    >         
    >         I would recommend using pip with a virtual
    environment. 
    >         Honestly I am also thinking about switching packages
    to 
    >         virtual 
    >         environments. PIP installations are also supported
    by the 
    >         enterprise 
    >         SLAs. So you can be sure, that this is no dead end. 
    >         
    >         The 14.04 packages have dependencies to python
    modules. The 
    >         privacyidea 
    >         modules reside in the systems module path. 
    >         Dependent modules are also taken from the system.
    Which is 
    >         sometimes 
    >         difficult, due to version differences! 
    >         And with 16.04 there is also a naming conflict in
    dependent 
    >         modules. 
    >         
    >         So I am in fact thinking about having the packages 
    >         (deb-packages) 
    >         containing self contained python virtual envs. 
    >         The debian package and the RPM packages already work
    this 
    >         way... 
    >         
    >         So when updating your system with apt-get the pip
    installed 
    >         self 
    >         contained privacyidea virtualenv will also be
    updated. 
    >         
    >         Kind regards 
    >         Cornelius 
    >         
    >         
    >         Am Montag, den 06.06.2016, 00:43 -0700 schrieb
    Michael Muenz: 
    >         > Hey guys, 
    >         > 
    >         > 
    >         > I'm a Debian guy and want to run the software with
    the 
    >         latest Debian 
    >         > 8. The documentation tells me to use the Ubuntu
    packages, 
    >         but I'm a 
    >         > bit afraid it this is a long term solution? 
    >         > Also the packages are only available fot Ubuntu
    LTS 14.4, 
    >         not the 
    >         > 16.4. 
    >         > 
    >         > 
    >         > So what is the best way for a mission critical use
    with some 
    >         LTS type? 
    >         > Use of PiP? Use old LTS? Use Debian 7 and wait for
    a stable 
    >         Debian 8 
    >         > package? 
    >         > I don't like CentOS, so this is not a real
    alternative for 
    >         me. 
    >         > 
    >         > 
    >         > Thanks! 
    >         > Michael 
    >         > -- 
    >         > Please read the blog post about getting help 
    >         > https://www.privacyidea.org/getting-help/. 
    >         >   
    >         > For professional services and consultancy
    regarding two 
    >         factor 
    >         > authentication please visit 
    >         >
    https://netknights.it/en/leistungen/one-time-services/ 
    >         >   
    >         > In an enterprise environment you should get a
    SERVICE LEVEL 
    >         AGREEMENT 
    >         > which suites your needs for SECURITY, AVAILABILITY
    and 
    >         LIABILITY: 
    >         > 
    >
    https://netknights.it/en/leistungen/service-level-agreements/ 
    >         > --- 
    >         > You received this message because you are
    subscribed to the 
    >         Google 
    >         > Groups "privacyidea" group. 
    >         > To unsubscribe from this group and stop receiving
    emails 
    >         from it, send 
    >         > an email to privacyidea...@googlegroups.com. 
    >         > To post to this group, send email to 
    >         priva...@googlegroups.com. 
    >         > Visit this group at 
    >         https://groups.google.com/group/privacyidea. 
    >         > To view this discussion on the web visit 
    >         > 
    >
    https://groups.google.com/d/msgid/privacyidea/77685887-ce6c-4003-820f-a8b4679e6cf5%40googlegroups.com. 
    >         > For more options, visit
    https://groups.google.com/d/optout. 
    >         
    >         -- 
    >         Cornelius Kölbel 
    >         corneliu...@netknights.it 
    >         +49 151 2960 1417 
    >         
    >         NetKnights GmbH 
    >         http://www.netknights.it 
    >         Landgraf-Karl-Str. 19, 34131 Kassel, Germany 
    >         Tel: +49 561 3166797, Fax: +49 561 3166798 
    >         
    >         Amtsgericht Kassel, HRB 16405 
    >         Geschäftsführer: Cornelius Kölbel 
    >         
    >         
    > -- 
    > Please read the blog post about getting help 
    > https://www.privacyidea.org/getting-help/. 
    >   
    > For professional services and consultancy regarding two
    factor 
    > authentication please visit 
    > https://netknights.it/en/leistungen/one-time-services/ 
    >   
    > In an enterprise environment you should get a SERVICE LEVEL
    AGREEMENT 
    > which suites your needs for SECURITY, AVAILABILITY and
    LIABILITY: 
    >
    https://netknights.it/en/leistungen/service-level-agreements/ 
    > --- 
    > You received this message because you are subscribed to the
    Google 
    > Groups "privacyidea" group. 
    > To unsubscribe from this group and stop receiving emails
    from it, send 
    > an email to privacyidea...@googlegroups.com. 
    > To post to this group, send email to
    priva...@googlegroups.com. 
    > Visit this group at
    https://groups.google.com/group/privacyidea. 
    > To view this discussion on the web visit 
    >
    https://groups.google.com/d/msgid/privacyidea/456dda03-aac7-4d04-9b72-1d69cfeed0f2%40googlegroups.com. 
    > For more options, visit https://groups.google.com/d/optout. 
    
    -- 
    Cornelius Kölbel 
    corneliu...@netknights.it 
    +49 151 2960 1417 
    
    NetKnights GmbH 
    http://www.netknights.it 
    Landgraf-Karl-Str. 19, 34131 Kassel, Germany 
    Tel: +49 561 3166797, Fax: +49 561 3166798 
    
    Amtsgericht Kassel, HRB 16405 
    Geschäftsführer: Cornelius Kölbel 


Please read the blog post about getting help
https://www.privacyidea.org/getting-help/.

For professional services and consultancy regarding two factor
authentication please visit
https://netknights.it/en/leistungen/one-time-services/

In an enterprise environment you should get a SERVICE LEVEL AGREEMENT
which suites your needs for SECURITY, AVAILABILITY and LIABILITY:
https://netknights.it/en/leistungen/service-level-agreements/

You received this message because you are subscribed to the Google
Groups “privacyidea” group.
To unsubscribe from this group and stop receiving emails from it, send
an email to privacyidea+unsubscribe@googlegroups.com.
To post to this group, send email to privacyidea@googlegroups.com.
Visit this group at https://groups.google.com/group/privacyidea.
To view this discussion on the web visit
https://groups.google.com/d/msgid/privacyidea/dbbdfdaf-6afe-4b8a-b4e2-27aa8f6734d1%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


Cornelius Kölbel
@cornelinux
+49 151 2960 1417

NetKnights GmbH
http://www.netknights.it
Landgraf-Karl-Str. 19, 34131 Kassel, Germany
Tel: +49 561 3166797, Fax: +49 561 3166798

Amtsgericht Kassel, HRB 16405
Geschäftsführer: Cornelius Kölbel

signature.asc (836 Bytes)

Cornelius,

Thanks for your fast reply! Until now I’m very familiar with LinOTP and it
works pretty good with Debian 8, but your new feature to manage
certificates could be a killer (for LinOTP).
I’ll have a look at PIP and try to migrate some accounts for testing.

Keep up with the good work!

MichaelOn Monday, June 6, 2016 at 10:05:11 AM UTC+2, Cornelius Kölbel wrote:

Hello Michael,

I would recommend using pip with a virtual environment.
Honestly I am also thinking about switching packages to virtual
environments. PIP installations are also supported by the enterprise
SLAs. So you can be sure, that this is no dead end.

The 14.04 packages have dependencies to python modules. The privacyidea
modules reside in the systems module path.
Dependent modules are also taken from the system. Which is sometimes
difficult, due to version differences!
And with 16.04 there is also a naming conflict in dependent modules.

So I am in fact thinking about having the packages (deb-packages)
containing self contained python virtual envs.
The debian package and the RPM packages already work this way…

So when updating your system with apt-get the pip installed self
contained privacyidea virtualenv will also be updated.

Kind regards
Cornelius

Am Montag, den 06.06.2016, 00:43 -0700 schrieb Michael Muenz:

Hey guys,

I’m a Debian guy and want to run the software with the latest Debian
8. The documentation tells me to use the Ubuntu packages, but I’m a
bit afraid it this is a long term solution?
Also the packages are only available fot Ubuntu LTS 14.4, not the
16.4.

So what is the best way for a mission critical use with some LTS type?
Use of PiP? Use old LTS? Use Debian 7 and wait for a stable Debian 8
package?
I don’t like CentOS, so this is not a real alternative for me.

Thanks!
Michael

Please read the blog post about getting help
https://www.privacyidea.org/getting-help/.

For professional services and consultancy regarding two factor
authentication please visit
https://netknights.it/en/leistungen/one-time-services/

In an enterprise environment you should get a SERVICE LEVEL AGREEMENT
which suites your needs for SECURITY, AVAILABILITY and LIABILITY:
https://netknights.it/en/leistungen/service-level-agreements/

You received this message because you are subscribed to the Google
Groups “privacyidea” group.
To unsubscribe from this group and stop receiving emails from it, send
an email to privacyidea...@googlegroups.com <javascript:>.
To post to this group, send email to priva...@googlegroups.com
<javascript:>.
Visit this group at https://groups.google.com/group/privacyidea.
To view this discussion on the web visit

https://groups.google.com/d/msgid/privacyidea/77685887-ce6c-4003-820f-a8b4679e6cf5%40googlegroups.com.

For more options, visit https://groups.google.com/d/optout.


Cornelius Kölbel
corneliu...@netknights.it <javascript:>
+49 151 2960 1417

NetKnights GmbH
http://www.netknights.it
Landgraf-Karl-Str. 19, 34131 Kassel, Germany
Tel: +49 561 3166797, Fax: +49 561 3166798

Amtsgericht Kassel, HRB 16405
Geschäftsführer: Cornelius Kölbel

Sadly … yes :slight_smile:

Ok, I’ve installed the Trusty packages with Jessie so collect some ideas of
how all things work.

Now I have a fresh setup and was able to import some users from ldap.
Will try to import some Safenet and Feitian tokens and test the WebCA :))

MichaelAm Montag, 6. Juni 2016 11:21:03 UTC+2 schrieb Cornelius Kölbel:

Do you have such a poor standing at the support team? :wink:

Of course you will not run it with py-mange the same way you will not
run linotp with the crappy old paster!

You will not need an init script, since it runs as a web service.

Read

http://privacyidea.readthedocs.io/en/latest/installation/system/wsgiscript.html
and here you will see the real killer feature, i.e.
you can run several independent instances of privacyIDEA on one machine!

Kind regards
Cornelius

Am Montag, den 06.06.2016, 02:15 -0700 schrieb Michael Muenz:

I checked the PIP stuff, but is this really usable for productive
usage?
This seems to me like a virtual testing environment.

Is there a init.script or will I have to start it always via
py-manage?

When I think about a support team and teach it how stuff works, they
will kill me when they see a new thing like this :slight_smile:

Michael

Am Montag, 6. Juni 2016 11:00:55 UTC+2 schrieb Cornelius Kölbel:
Hi Michael,

    I think there are also some other interesting things, besides 
    the 
    mordern UI and the redesigned REST API like 
    
    * assign tokens to machines 
    * offline OTP 
    * radius migration 
    * event handler 
    to name a few... 
    
    Nevertheless, I am curious for your feedback. 
    
    Kind regards 
    Cornelius 
    
    Am Montag, den 06.06.2016, 01:20 -0700 schrieb Michael Muenz: 
    > Cornelius, 
    > 
    > 
    > Thanks for your fast reply! Until now I'm very familiar with 
    LinOTP 
    > and it works pretty good with Debian 8, but your new feature 
    to manage 
    > certificates could be a killer (for LinOTP). 
    > I'll have a look at PIP and try to migrate some accounts for 
    testing. 
    > 
    > 
    > Keep up with the good work! 
    > 
    > 
    > Michael 
    > 
    > On Monday, June 6, 2016 at 10:05:11 AM UTC+2, Cornelius  Kölbel wrote: 
    >         Hello Michael, 
    >         
    >         I would recommend using pip with a virtual 
    environment. 
    >         Honestly I am also thinking about switching packages 
    to 
    >         virtual 
    >         environments. PIP installations are also supported 
    by the 
    >         enterprise 
    >         SLAs. So you can be sure, that this is no dead end. 
    >         
    >         The 14.04 packages have dependencies to python 
    modules. The 
    >         privacyidea 
    >         modules reside in the systems module path. 
    >         Dependent modules are also taken from the system. 
    Which is 
    >         sometimes 
    >         difficult, due to version differences! 
    >         And with 16.04 there is also a naming conflict in 
    dependent 
    >         modules. 
    >         
    >         So I am in fact thinking about having the packages 
    >         (deb-packages) 
    >         containing self contained python virtual envs. 
    >         The debian package and the RPM packages already work 
    this 
    >         way... 
    >         
    >         So when updating your system with apt-get the pip 
    installed 
    >         self 
    >         contained privacyidea virtualenv will also be 
    updated. 
    >         
    >         Kind regards 
    >         Cornelius 
    >         
    >         
    >         Am Montag, den 06.06.2016, 00:43 -0700 schrieb 
    Michael Muenz: 
    >         > Hey guys, 
    >         > 
    >         > 
    >         > I'm a Debian guy and want to run the software with 
    the 
    >         latest Debian 
    >         > 8. The documentation tells me to use the Ubuntu 
    packages, 
    >         but I'm a 
    >         > bit afraid it this is a long term solution? 
    >         > Also the packages are only available fot Ubuntu 
    LTS 14.4, 
    >         not the 
    >         > 16.4. 
    >         > 
    >         > 
    >         > So what is the best way for a mission critical use 
    with some 
    >         LTS type? 
    >         > Use of PiP? Use old LTS? Use Debian 7 and wait for 
    a stable 
    >         Debian 8 
    >         > package? 
    >         > I don't like CentOS, so this is not a real 
    alternative for 
    >         me. 
    >         > 
    >         > 
    >         > Thanks! 
    >         > Michael 
    >         > -- 
    >         > Please read the blog post about getting help 
    >         > https://www.privacyidea.org/getting-help/. 
    >         >   
    >         > For professional services and consultancy 
    regarding two 
    >         factor 
    >         > authentication please visit 
    >         > 
    https://netknights.it/en/leistungen/one-time-services/ 
    >         >   
    >         > In an enterprise environment you should get a 
    SERVICE LEVEL 
    >         AGREEMENT 
    >         > which suites your needs for SECURITY, AVAILABILITY 
    and 
    >         LIABILITY: 
    >         > 
    > 
    https://netknights.it/en/leistungen/service-level-agreements/ 
    >         > --- 
    >         > You received this message because you are 
    subscribed to the 
    >         Google 
    >         > Groups "privacyidea" group. 
    >         > To unsubscribe from this group and stop receiving 
    emails 
    >         from it, send 
    >         > an email to privacyidea...@googlegroups.com. 
    >         > To post to this group, send email to 
    >         priva...@googlegroups.com. 
    >         > Visit this group at 
    >         https://groups.google.com/group/privacyidea. 
    >         > To view this discussion on the web visit 
    >         > 
    > 

https://groups.google.com/d/msgid/privacyidea/77685887-ce6c-4003-820f-a8b4679e6cf5%40googlegroups.com.

    >         > For more options, visit 
    https://groups.google.com/d/optout. 
    >         
    >         -- 
    >         Cornelius Kölbel 
    >         corneliu...@netknights.it 
    >         +49 151 2960 1417 
    >         
    >         NetKnights GmbH 
    >         http://www.netknights.it 
    >         Landgraf-Karl-Str. 19, 34131 Kassel, Germany 
    >         Tel: +49 561 3166797, Fax: +49 561 3166798 
    >         
    >         Amtsgericht Kassel, HRB 16405 
    >         Geschäftsführer: Cornelius Kölbel 
    >         
    >         
    > -- 
    > Please read the blog post about getting help 
    > https://www.privacyidea.org/getting-help/. 
    >   
    > For professional services and consultancy regarding two 
    factor 
    > authentication please visit 
    > https://netknights.it/en/leistungen/one-time-services/ 
    >   
    > In an enterprise environment you should get a SERVICE LEVEL 
    AGREEMENT 
    > which suites your needs for SECURITY, AVAILABILITY and 
    LIABILITY: 
    > 
    https://netknights.it/en/leistungen/service-level-agreements/ 
    > --- 
    > You received this message because you are subscribed to the 
    Google 
    > Groups "privacyidea" group. 
    > To unsubscribe from this group and stop receiving emails 
    from it, send 
    > an email to privacyidea...@googlegroups.com. 
    > To post to this group, send email to 
    priva...@googlegroups.com. 
    > Visit this group at 
    https://groups.google.com/group/privacyidea. 
    > To view this discussion on the web visit 
    > 

https://groups.google.com/d/msgid/privacyidea/456dda03-aac7-4d04-9b72-1d69cfeed0f2%40googlegroups.com.

    > For more options, visit https://groups.google.com/d/optout. 
    
    -- 
    Cornelius Kölbel 
    corneliu...@netknights.it 
    +49 151 2960 1417 
    
    NetKnights GmbH 
    http://www.netknights.it 
    Landgraf-Karl-Str. 19, 34131 Kassel, Germany 
    Tel: +49 561 3166797, Fax: +49 561 3166798 
    
    Amtsgericht Kassel, HRB 16405 
    Geschäftsführer: Cornelius Kölbel 


Please read the blog post about getting help
https://www.privacyidea.org/getting-help/.

For professional services and consultancy regarding two factor
authentication please visit
https://netknights.it/en/leistungen/one-time-services/

In an enterprise environment you should get a SERVICE LEVEL AGREEMENT
which suites your needs for SECURITY, AVAILABILITY and LIABILITY:
https://netknights.it/en/leistungen/service-level-agreements/

You received this message because you are subscribed to the Google
Groups “privacyidea” group.
To unsubscribe from this group and stop receiving emails from it, send
an email to privacyidea...@googlegroups.com <javascript:>.
To post to this group, send email to priva...@googlegroups.com
<javascript:>.
Visit this group at https://groups.google.com/group/privacyidea.
To view this discussion on the web visit

https://groups.google.com/d/msgid/privacyidea/dbbdfdaf-6afe-4b8a-b4e2-27aa8f6734d1%40googlegroups.com.

For more options, visit https://groups.google.com/d/optout.


Cornelius Kölbel
corneliu...@netknights.it <javascript:>
+49 151 2960 1417

NetKnights GmbH
http://www.netknights.it
Landgraf-Karl-Str. 19, 34131 Kassel, Germany
Tel: +49 561 3166797, Fax: +49 561 3166798

Amtsgericht Kassel, HRB 16405
Geschäftsführer: Cornelius Kölbel

I checked the PIP stuff, but is this really usable for productive usage?
This seems to me like a virtual testing environment.

Is there a init.script or will I have to start it always via py-manage?

When I think about a support team and teach it how stuff works, they will
kill me when they see a new thing like this :slight_smile:

MichaelAm Montag, 6. Juni 2016 11:00:55 UTC+2 schrieb Cornelius Kölbel:

Hi Michael,

I think there are also some other interesting things, besides the
mordern UI and the redesigned REST API like

  • assign tokens to machines
  • offline OTP
  • radius migration
  • event handler
    to name a few…

Nevertheless, I am curious for your feedback.

Kind regards
Cornelius

Am Montag, den 06.06.2016, 01:20 -0700 schrieb Michael Muenz:

Cornelius,

Thanks for your fast reply! Until now I’m very familiar with LinOTP
and it works pretty good with Debian 8, but your new feature to manage
certificates could be a killer (for LinOTP).
I’ll have a look at PIP and try to migrate some accounts for testing.

Keep up with the good work!

Michael

On Monday, June 6, 2016 at 10:05:11 AM UTC+2, Cornelius Kölbel wrote:
Hello Michael,

    I would recommend using pip with a virtual environment. 
    Honestly I am also thinking about switching packages to 
    virtual 
    environments. PIP installations are also supported by the 
    enterprise 
    SLAs. So you can be sure, that this is no dead end. 
    
    The 14.04 packages have dependencies to python modules. The 
    privacyidea 
    modules reside in the systems module path. 
    Dependent modules are also taken from the system. Which is 
    sometimes 
    difficult, due to version differences! 
    And with 16.04 there is also a naming conflict in dependent 
    modules. 
    
    So I am in fact thinking about having the packages 
    (deb-packages) 
    containing self contained python virtual envs. 
    The debian package and the RPM packages already work this 
    way... 
    
    So when updating your system with apt-get the pip installed 
    self 
    contained privacyidea virtualenv will also be updated. 
    
    Kind regards 
    Cornelius 
    
    
    Am Montag, den 06.06.2016, 00:43 -0700 schrieb Michael Muenz: 
    > Hey guys, 
    > 
    > 
    > I'm a Debian guy and want to run the software with the 
    latest Debian 
    > 8. The documentation tells me to use the Ubuntu packages, 
    but I'm a 
    > bit afraid it this is a long term solution? 
    > Also the packages are only available fot Ubuntu LTS 14.4, 
    not the 
    > 16.4. 
    > 
    > 
    > So what is the best way for a mission critical use with some 
    LTS type? 
    > Use of PiP? Use old LTS? Use Debian 7 and wait for a stable 
    Debian 8 
    > package? 
    > I don't like CentOS, so this is not a real alternative for 
    me. 
    > 
    > 
    > Thanks! 
    > Michael 
    > -- 
    > Please read the blog post about getting help 
    > https://www.privacyidea.org/getting-help/. 
    >   
    > For professional services and consultancy regarding two 
    factor 
    > authentication please visit 
    > https://netknights.it/en/leistungen/one-time-services/ 
    >   
    > In an enterprise environment you should get a SERVICE LEVEL 
    AGREEMENT 
    > which suites your needs for SECURITY, AVAILABILITY and 
    LIABILITY: 
    > 
    https://netknights.it/en/leistungen/service-level-agreements/ 
    > --- 
    > You received this message because you are subscribed to the 
    Google 
    > Groups "privacyidea" group. 
    > To unsubscribe from this group and stop receiving emails 
    from it, send 
    > an email to privacyidea...@googlegroups.com. 
    > To post to this group, send email to 
    priva...@googlegroups.com. 
    > Visit this group at 
    https://groups.google.com/group/privacyidea. 
    > To view this discussion on the web visit 
    > 

https://groups.google.com/d/msgid/privacyidea/77685887-ce6c-4003-820f-a8b4679e6cf5%40googlegroups.com.

    > For more options, visit https://groups.google.com/d/optout. 
    
    -- 
    Cornelius Kölbel 
    corneliu...@netknights.it 
    +49 151 2960 1417 
    
    NetKnights GmbH 
    http://www.netknights.it 
    Landgraf-Karl-Str. 19, 34131 Kassel, Germany 
    Tel: +49 561 3166797, Fax: +49 561 3166798 
    
    Amtsgericht Kassel, HRB 16405 
    Geschäftsführer: Cornelius Kölbel 


Please read the blog post about getting help
https://www.privacyidea.org/getting-help/.

For professional services and consultancy regarding two factor
authentication please visit
https://netknights.it/en/leistungen/one-time-services/

In an enterprise environment you should get a SERVICE LEVEL AGREEMENT
which suites your needs for SECURITY, AVAILABILITY and LIABILITY:
https://netknights.it/en/leistungen/service-level-agreements/

You received this message because you are subscribed to the Google
Groups “privacyidea” group.
To unsubscribe from this group and stop receiving emails from it, send
an email to privacyidea...@googlegroups.com <javascript:>.
To post to this group, send email to priva...@googlegroups.com
<javascript:>.
Visit this group at https://groups.google.com/group/privacyidea.
To view this discussion on the web visit

https://groups.google.com/d/msgid/privacyidea/456dda03-aac7-4d04-9b72-1d69cfeed0f2%40googlegroups.com.

For more options, visit https://groups.google.com/d/optout.


Cornelius Kölbel
corneliu...@netknights.it <javascript:>
+49 151 2960 1417

NetKnights GmbH
http://www.netknights.it
Landgraf-Karl-Str. 19, 34131 Kassel, Germany
Tel: +49 561 3166797, Fax: +49 561 3166798

Amtsgericht Kassel, HRB 16405
Geschäftsführer: Cornelius Kölbel