WebUI Policy "default_tokentype" doesnt work

Hi there,

I use the following setup:

Ubuntu 14.04 with Privacyidea 2.7 from the provided repo.

When i set a system wide policy to set the default_token type to email a
user logs in but doesnt get the default token i setup in the WebUI policy:

10.200.200.183 - - [13/Jun/2016:12:20:55 +0200] 404 “GET
/static/components/token/views/token.enrolled.email.html HTTP/1.1” 233
"https://changed/" “Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36
(KHTML, like Gecko) Ubuntu Chromium/49.0.2623.108 Chrome/49.0.2623.108
Safari/537.36"
10.200.200.183 - - [13/Jun/2016:12:20:55 +0200] 404 “GET
/static/components/token/views/token.enrolled.sms.html HTTP/1.1” 233
"https://changed/” “Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36
(KHTML, like Gecko) Ubuntu Chromium/49.0.2623.108 Chrome/49.0.2623.108
Safari/537.36”

Do you know what i going wrong here?

PI.CFG:

import logging

The realm, where users are allowed to login as administrators

SUPERUSER_REALM = [‘super’]

Your database

#SQLALCHEMY_DATABASE_URI = ‘sqlite:////etc/privacyidea/data.sqlite’

This is used to encrypt the auth_token

#SECRET_KEY = ‘t0p s3cr3t’

This is used to encrypt the admin passwords

#PI_PEPPER = “Never know…”

This is used to encrypt the token data and token passwords

PI_ENCFILE = ‘/etc/privacyidea/enckey’

This is used to sign the audit log

This is the dummy base class

#PI_AUDIT_MODULE = ‘privacyidea.lib.auditmodules.base’

This is the default

#PI_AUDIT_MODULE = ‘privacyidea.lib.auditmodules.sqlaudit’

This is used to sign the audit log

PI_AUDIT_KEY_PRIVATE = '/etc/privacyidea/private.pem’
PI_AUDIT_KEY_PUBLIC = '/etc/privacyidea/public.pem’
PI_LOGFILE = '/var/log/privacyidea/privacyidea.log’
PI_LOGLEVEL = logging.INFO

#PI_CUSTOMIZATION = “/”

#PI_CSS = ‘/static/customize/css/bootstrap-theme.css’

PI_PEPPER = 'changed’
SECRET_KEY = 'changed’
SQLALCHEMY_DATABASE_URI = ‘mysql://pi:changed@localhost/pi’

Hi,

this behaviour was changed/fixed/clarified in version 2.8.

Kind regards
CorneliusAm Montag, den 13.06.2016, 03:29 -0700 schrieb jmdeking:

To be clear, the files do exist in the directory so i am not sure what
is happening here.

On Monday, June 13, 2016 at 12:23:27 PM UTC+2, jmdeking wrote:
Hi there,

    I use the following setup:
    
    
    Ubuntu 14.04 with Privacyidea 2.7 from the provided repo.
    
    
    
    
    When i set a system wide policy to set the default_token type
    to email a user logs in but doesnt get the default token i
    setup in the WebUI policy:
    
    
    10.200.200.183 - - [13/Jun/2016:12:20:55 +0200] 404
    "GET /static/components/token/views/token.enrolled.email.html
    HTTP/1.1"  233 "https://changed/" "Mozilla/5.0 (X11; Linux
    x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu
    Chromium/49.0.2623.108 Chrome/49.0.2623.108 Safari/537.36"
    10.200.200.183 - - [13/Jun/2016:12:20:55 +0200] 404
    "GET /static/components/token/views/token.enrolled.sms.html
    HTTP/1.1"  233 "https://changed/" "Mozilla/5.0 (X11; Linux
    x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu
    Chromium/49.0.2623.108 Chrome/49.0.2623.108 Safari/537.36"
    
    
    Do you know what i going wrong here?
    
    
    
    
    
    
    PI.CFG:
    
    
    import logging
    # The realm, where users are allowed to login as
    administrators
    SUPERUSER_REALM = ['super']
    # Your database
    #SQLALCHEMY_DATABASE_URI =
    'sqlite:////etc/privacyidea/data.sqlite'
    # This is used to encrypt the auth_token
    #SECRET_KEY = 't0p s3cr3t'
    # This is used to encrypt the admin passwords
    #PI_PEPPER = "Never know..."
    # This is used to encrypt the token data and token passwords
    PI_ENCFILE = '/etc/privacyidea/enckey'
    # This is used to sign the audit log
    # This is the dummy base class
    #PI_AUDIT_MODULE = 'privacyidea.lib.auditmodules.base'
    # This is the default
    #PI_AUDIT_MODULE = 'privacyidea.lib.auditmodules.sqlaudit'
    # This is used to sign the audit log
    PI_AUDIT_KEY_PRIVATE = '/etc/privacyidea/private.pem'
    PI_AUDIT_KEY_PUBLIC = '/etc/privacyidea/public.pem'
    PI_LOGFILE = '/var/log/privacyidea/privacyidea.log'
    PI_LOGLEVEL = logging.INFO
    
    
    #PI_CUSTOMIZATION = "/"
    
    
    #PI_CSS = '/static/customize/css/bootstrap-theme.css'
    
    
    PI_PEPPER = 'changed'
    SECRET_KEY = 'changed'
    SQLALCHEMY_DATABASE_URI = 'mysql://pi:changed@localhost/pi'


Please read the blog post about getting help
https://www.privacyidea.org/getting-help/.

For professional services and consultancy regarding two factor
authentication please visit
https://netknights.it/en/leistungen/one-time-services/

In an enterprise environment you should get a SERVICE LEVEL AGREEMENT
which suites your needs for SECURITY, AVAILABILITY and LIABILITY:
https://netknights.it/en/leistungen/service-level-agreements/

You received this message because you are subscribed to the Google
Groups “privacyidea” group.
To unsubscribe from this group and stop receiving emails from it, send
an email to privacyidea+unsubscribe@googlegroups.com.
To post to this group, send email to privacyidea@googlegroups.com.
Visit this group at https://groups.google.com/group/privacyidea.
To view this discussion on the web visit
https://groups.google.com/d/msgid/privacyidea/74fc71fb-b8ea-4076-a8d2-a7b16bdb7bb6%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


Cornelius Kölbel
@cornelinux
+49 151 2960 1417

NetKnights GmbH
http://www.netknights.it
Landgraf-Karl-Str. 19, 34131 Kassel, Germany
Tel: +49 561 3166797, Fax: +49 561 3166798

Amtsgericht Kassel, HRB 16405
Geschäftsführer: Cornelius Kölbel

signature.asc (836 Bytes)

Action:
I create a WebUI policy with the setting “default_tokentype” to the value
email or sms or whatever and assign it to my realm.

Result:
User logs in to webportal and when he clicks “Enroll Token” the first
option is sms.
Above is good! Great!

Problem:
i also create a User policy with a random setting and assign it to my realm.

Problem:
User logs io to webportal and when he clicks “Enroll token” the first
option is not sms, but another available token type. (in this case email
or totp)

Question: What is going wrong?

Things i have try’d to solve the problem:

  • Reverted to ;last snapshot without any configuration and after
    configuring the same result so no success.
  • in the webui profile checked everything off except the
    "default_tokentype" alas no success.
  • in the user profile checked everything off except enroll email and enroll
    sms but no success.-----------------
    *** My Setup ***

Privacyidea Version: 2.12.1 (from ubuntu repo)
2x LDAP Backend in a realm.

pi.cfg
import logging

The realm, where users are allowed to login as administrators

SUPERUSER_REALM = [‘super’]

Your database

#SQLALCHEMY_DATABASE_URI = ‘sqlite:////etc/privacyidea/data.sqlite’

This is used to encrypt the auth_token

#SECRET_KEY = ‘changed

This is used to encrypt the admin passwords

#PI_PEPPER = “Never know…”

This is used to encrypt the token data and token passwords

PI_ENCFILE = ‘/etc/privacyidea/enckey’

This is used to sign the audit log

This is the dummy base class

#PI_AUDIT_MODULE = ‘privacyidea.lib.auditmodules.base’

This is the default

#PI_AUDIT_MODULE = ‘privacyidea.lib.auditmodules.sqlaudit’

This is used to sign the audit log

PI_AUDIT_KEY_PRIVATE = '/etc/privacyidea/private.pem’
PI_AUDIT_KEY_PUBLIC = '/etc/privacyidea/public.pem’
PI_LOGFILE = '/var/log/privacyidea/privacyidea.log’
PI_LOGLEVEL = logging.INFO

PI_PEPPER = 'changed
SECRET_KEY = 'changed
SQLALCHEMY_DATABASE_URI = ‘mysql://pi:changed@localhost/pi’

ssl_access.log when of i access the “Enroll Token” page.
10.200.200.183 - - [06/Jun/2016:14:07:01 +0200] 200 "GET /policy/ HTTP/1.1"
1741 “https://changed/” "Mozilla/5.0 (X11; Linux x86_64)
AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu Chromium/49.0.2623.108
Chrome/49.0.2623.108 Safari/537.36"
10.200.200.183 - - [06/Jun/2016:14:07:07 +0200] 200 "POST /auth HTTP/1.1"
1816 “https://changed/” "Mozilla/5.0 (X11; Linux x86_64)
AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu Chromium/49.0.2623.108
Chrome/49.0.2623.108 Safari/537.36"
10.200.200.183 - - [06/Jun/2016:14:07:07 +0200] 200 "GET /token/ HTTP/1.1"
854 “https://changed/” "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36
(KHTML, like Gecko) Ubuntu Chromium/49.0.2623.108 Chrome/49.0.2623.108
Safari/537.36"
10.200.200.183 - - [06/Jun/2016:14:07:07 +0200] 200 "GET /token/ HTTP/1.1"
854 “https://changedl/” "Mozilla/5.0 (X11; Linux x86_64)
AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu Chromium/49.0.2623.108
Chrome/49.0.2623.108 Safari/537.36"
10.200.200.183 - - [06/Jun/2016:14:07:09 +0200] 404 “GET
/static/components/token/views/token.enrolled.email.html HTTP/1.1” 233 “
https://changed/” "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36
(KHTML, like Gecko) Ubuntu Chromium/49.0.2623.108 Chrome/49.0.2623.108
Safari/537.36"
10.200.200.183 - - [06/Jun/2016:14:07:09 +0200] 200 “GET /auth/rights
HTTP/1.1” 926 “https://changed/” "Mozilla/5.0 (X11; Linux x86_64)
AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu Chromium/49.0.2623.108
Chrome/49.0.2623.108 Safari/537.36"
10.200.200.183 - - [06/Jun/2016:14:07:10 +0200] 404 “GET
/static/components/token/views/token.enrolled.sms.html HTTP/1.1” 233 “
https://changed/” "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36
(KHTML, like Gecko) Ubuntu Chromium/49.0.2623.108 Chrome/49.0.2623.108
Safari/537.36"
10.200.200.183 - - [06/Jun/2016:14:07:09 +0200] 200 “GET /radiusserver/
HTTP/1.1” 789 “https://changed/” "Mozilla/5.0 (X11; Linux x86_64)
AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu Chromium/49.0.2623.108
Chrome/49.0.2623.108 Safari/537.36"
10.200.200.183 - - [06/Jun/2016:14:07:09 +0200] 200 "GET /system/ HTTP/1.1"
834 “https://changed/” "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36
(KHTML, like Gecko) Ubuntu Chromium/49.0.2623.108 Chrome/49.0.2623.108
Safari/537.36"
10.200.200.183 - - [06/Jun/2016:14:07:09 +0200] 200 “GET /caconnector/
HTTP/1.1” 789 “https://changed/ https://privacyidea.olvg.nl/
“Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko)
Ubuntu Chromium/49.0.2623.108 Chrome/49.0.2623.108 Safari/537.36”

On Monday, June 13, 2016 at 2:00:52 PM UTC+2, Cornelius Kölbel wrote:

My magic glass ball does not work.
Please send more information, what you have configured, what you are
doing, what you are seeing and what you expect.

https://www.privacyidea.org/getting-help/

Am Montag, den 13.06.2016, 04:06 -0700 schrieb jmdeking:

I think i am running the latest version.

sudo apt-get install python-privacyidea
Pakketlijsten worden ingelezen… Klaar
Boom van vereisten wordt opgebouwd
De status informatie wordt gelezen… Klaar
python-privacyidea is already latest version.

sudo apt-cache show python-privacyidea
Package: python-privacyidea
Priority: optional
Section: python
Installed-Size: 7811
Maintainer: Cornelius Kölbel <
Architecture: all
Version: 2.12.1-1trusty
Replaces: privacyidea (<< 2.0)
Depends: python (>= 2.7), python (<< 2.8), python:any (>=
2.7.1-0ubuntu2), python-flask, python-flask-migrate,
python-flask-sqlalchemy, python-flask-script, python-jinja2,
python-mako, python-markupsafe, python-pymysql, python-pillow,
python-pyjwt, python-yaml, python-pygments, python-sqlalchemy,
python-werkzeug, alembic, python-bcrypt, python-bs4, python-cffi,
python-configobj, python-docutils, python-funcparserlib,
python-itsdangerous, python-ldap3, python-netaddr, python-passlib,
python-pyasn1, python-openssl, python-pycparser, python-crypto,
python-pyrad, python-usb, python-qrcode, python-requests,
python-sqlsoup, python-ecdsa, python-lxml, python-pandas,
python-matplotlib
Breaks: privacyidea (<< 2.0)
Filename:
pool/main/p/python-privacyidea/python-privacyidea_2.12.1-1trusty_all.deb
Size: 1668282
MD5sum: 33323220961aa83251d79fa768cf61a6
SHA1: a3e951809b8490c9b05931583bf9450d373b97ad
SHA256:
d511d991903ac319b3d72cff34435cb8da7aff12adacbfb54e36635a448f747e
Description-en: two-factor authentication system e.g. for OTP devices
privacyIDEA: identity, multifactor authentication, authorization.
This package contains the python module for privacyIDEA. If you want
to run it in a productive webserver you might want to install
privacyidea-nginx or privacyidea-apache2.
privacyIDEA is an open solution for strong two-factor authentication.
privacyIDEA aims to not bind you to any decision of the
authentication protocol
or it does not dictate you where your user information should be
stored.
This is achieved by its totally modular architecture.
privacyIDEA is not only open as far as its modular architecture is
concerned.
But privacyIDEA is completely licensed under the AGPLv3.
Description-md5: d83384f70b39fc92f22fd9110f628dd2

On Monday, June 13, 2016 at 12:46:51 PM UTC+2, Cornelius Kölbel wrote:
Hi,

    this behaviour was changed/fixed/clarified in version 2.8. 

https://github.com/privacyidea/privacyidea/blob/master/Changelog#L119

    Kind regards 
    Cornelius 
    
    Am Montag, den 13.06.2016, 03:29 -0700 schrieb jmdeking: 
    > To be clear, the files do exist in the directory so i am not 
    sure what 
    > is happening here. 
    > 
    > 
    > 
    > 
    > On Monday, June 13, 2016 at 12:23:27 PM UTC+2, jmdeking  wrote: 
    >         Hi there, 
    >         
    >         
    >         I use the following setup: 
    >         
    >         
    >         Ubuntu 14.04 with Privacyidea 2.7 from the provided 
    repo. 
    >         
    >         
    >         
    >         
    >         When i set a system wide policy to set the 
    default_token type 
    >         to email a user logs in but doesnt get the default 
    token i 
    >         setup in the WebUI policy: 
    >         
    >         
    >         10.200.200.183 - - [13/Jun/2016:12:20:55 +0200] 404 
    > 
    "GET /static/components/token/views/token.enrolled.email.html 
    >         HTTP/1.1"  233 "https://changed/" "Mozilla/5.0 (X11; 
    Linux 
    >         x86_64) AppleWebKit/537.36 (KHTML, like Gecko) 
    Ubuntu 
    >         Chromium/49.0.2623.108 Chrome/49.0.2623.108 
    Safari/537.36" 
    >         10.200.200.183 - - [13/Jun/2016:12:20:55 +0200] 404 
    > 
    "GET /static/components/token/views/token.enrolled.sms.html 
    >         HTTP/1.1"  233 "https://changed/" "Mozilla/5.0 (X11; 
    Linux 
    >         x86_64) AppleWebKit/537.36 (KHTML, like Gecko) 
    Ubuntu 
    >         Chromium/49.0.2623.108 Chrome/49.0.2623.108 
    Safari/537.36" 
    >         
    >         
    >         Do you know what i going wrong here? 
    >         
    >         
    >         
    >         
    >         
    >         
    >         PI.CFG: 
    >         
    >         
    >         import logging 
    >         # The realm, where users are allowed to login as 
    >         administrators 
    >         SUPERUSER_REALM = ['super'] 
    >         # Your database 
    >         #SQLALCHEMY_DATABASE_URI = 
    >         'sqlite:////etc/privacyidea/data.sqlite' 
    >         # This is used to encrypt the auth_token 
    >         #SECRET_KEY = 't0p s3cr3t' 
    >         # This is used to encrypt the admin passwords 
    >         #PI_PEPPER = "Never know..." 
    >         # This is used to encrypt the token data and token 
    passwords 
    >         PI_ENCFILE = '/etc/privacyidea/enckey' 
    >         # This is used to sign the audit log 
    >         # This is the dummy base class 
    >         #PI_AUDIT_MODULE = 
    'privacyidea.lib.auditmodules.base' 
    >         # This is the default 
    >         #PI_AUDIT_MODULE = 
    'privacyidea.lib.auditmodules.sqlaudit' 
    >         # This is used to sign the audit log 
    >         PI_AUDIT_KEY_PRIVATE = 
    '/etc/privacyidea/private.pem' 
    >         PI_AUDIT_KEY_PUBLIC = '/etc/privacyidea/public.pem' 
    >         PI_LOGFILE = '/var/log/privacyidea/privacyidea.log' 
    >         PI_LOGLEVEL = logging.INFO 
    >         
    >         
    >         #PI_CUSTOMIZATION = "/" 
    >         
    >         
    >         #PI_CSS = 
    '/static/customize/css/bootstrap-theme.css' 
    >         
    >         
    >         PI_PEPPER = 'changed' 
    >         SECRET_KEY = 'changed' 
    >         SQLALCHEMY_DATABASE_URI = 
    'mysql://pi:changed@localhost/pi' 
    > -- 
    > Please read the blog post about getting help 
    > https://www.privacyidea.org/getting-help/. 
    >   
    > For professional services and consultancy regarding two 
    factor 
    > authentication please visit 
    > https://netknights.it/en/leistungen/one-time-services/ 
    >   
    > In an enterprise environment you should get a SERVICE LEVEL 
    AGREEMENT 
    > which suites your needs for SECURITY, AVAILABILITY and 
    LIABILITY: 
    > 
    https://netknights.it/en/leistungen/service-level-agreements/ 
    > --- 
    > You received this message because you are subscribed to the 
    Google 
    > Groups "privacyidea" group. 
    > To unsubscribe from this group and stop receiving emails 
    from it, send 
    > an email to privacyidea...@googlegroups.com. 
    > To post to this group, send email to 
    priva...@googlegroups.com. 
    > Visit this group at 
    https://groups.google.com/group/privacyidea. 
    > To view this discussion on the web visit 
    > 

https://groups.google.com/d/msgid/privacyidea/74fc71fb-b8ea-4076-a8d2-a7b16bdb7bb6%40googlegroups.com.

    > For more options, visit https://groups.google.com/d/optout. 
    
    -- 
    Cornelius Kölbel 
    corneliu...@netknights.it 
    +49 151 2960 1417 
    
    NetKnights GmbH 
    http://www.netknights.it 
    Landgraf-Karl-Str. 19, 34131 Kassel, Germany 
    Tel: +49 561 3166797, Fax: +49 561 3166798 
    
    Amtsgericht Kassel, HRB 16405 
    Geschäftsführer: Cornelius Kölbel 


Please read the blog post about getting help
https://www.privacyidea.org/getting-help/.

For professional services and consultancy regarding two factor
authentication please visit
https://netknights.it/en/leistungen/one-time-services/

In an enterprise environment you should get a SERVICE LEVEL AGREEMENT
which suites your needs for SECURITY, AVAILABILITY and LIABILITY:
https://netknights.it/en/leistungen/service-level-agreements/

You received this message because you are subscribed to the Google
Groups “privacyidea” group.
To unsubscribe from this group and stop receiving emails from it, send
an email to privacyidea...@googlegroups.com <javascript:>.
To post to this group, send email to priva...@googlegroups.com
<javascript:>.
Visit this group at https://groups.google.com/group/privacyidea.
To view this discussion on the web visit

https://groups.google.com/d/msgid/privacyidea/ef7fd503-e74e-47e9-8421-68fb3b1a30bb%40googlegroups.com.

For more options, visit https://groups.google.com/d/optout.


Cornelius Kölbel
corneliu...@netknights.it <javascript:>
+49 151 2960 1417

NetKnights GmbH
http://www.netknights.it
Landgraf-Karl-Str. 19, 34131 Kassel, Germany
Tel: +49 561 3166797, Fax: +49 561 3166798

Amtsgericht Kassel, HRB 16405
Geschäftsführer: Cornelius Kölbel

My magic glass ball does not work.
Please send more information, what you have configured, what you are
doing, what you are seeing and what you expect.

https://www.privacyidea.org/getting-help/Am Montag, den 13.06.2016, 04:06 -0700 schrieb jmdeking:

I think i am running the latest version.

sudo apt-get install python-privacyidea
Pakketlijsten worden ingelezen… Klaar
Boom van vereisten wordt opgebouwd
De status informatie wordt gelezen… Klaar
python-privacyidea is already latest version.

sudo apt-cache show python-privacyidea
Package: python-privacyidea
Priority: optional
Section: python
Installed-Size: 7811
Maintainer: Cornelius Kölbel <
Architecture: all
Version: 2.12.1-1trusty
Replaces: privacyidea (<< 2.0)
Depends: python (>= 2.7), python (<< 2.8), python:any (>=
2.7.1-0ubuntu2), python-flask, python-flask-migrate,
python-flask-sqlalchemy, python-flask-script, python-jinja2,
python-mako, python-markupsafe, python-pymysql, python-pillow,
python-pyjwt, python-yaml, python-pygments, python-sqlalchemy,
python-werkzeug, alembic, python-bcrypt, python-bs4, python-cffi,
python-configobj, python-docutils, python-funcparserlib,
python-itsdangerous, python-ldap3, python-netaddr, python-passlib,
python-pyasn1, python-openssl, python-pycparser, python-crypto,
python-pyrad, python-usb, python-qrcode, python-requests,
python-sqlsoup, python-ecdsa, python-lxml, python-pandas,
python-matplotlib
Breaks: privacyidea (<< 2.0)
Filename:
pool/main/p/python-privacyidea/python-privacyidea_2.12.1-1trusty_all.deb
Size: 1668282
MD5sum: 33323220961aa83251d79fa768cf61a6
SHA1: a3e951809b8490c9b05931583bf9450d373b97ad
SHA256:
d511d991903ac319b3d72cff34435cb8da7aff12adacbfb54e36635a448f747e
Description-en: two-factor authentication system e.g. for OTP devices
privacyIDEA: identity, multifactor authentication, authorization.
This package contains the python module for privacyIDEA. If you want
to run it in a productive webserver you might want to install
privacyidea-nginx or privacyidea-apache2.
privacyIDEA is an open solution for strong two-factor authentication.
privacyIDEA aims to not bind you to any decision of the
authentication protocol
or it does not dictate you where your user information should be
stored.
This is achieved by its totally modular architecture.
privacyIDEA is not only open as far as its modular architecture is
concerned.
But privacyIDEA is completely licensed under the AGPLv3.
Description-md5: d83384f70b39fc92f22fd9110f628dd2

On Monday, June 13, 2016 at 12:46:51 PM UTC+2, Cornelius Kölbel wrote:
Hi,

    this behaviour was changed/fixed/clarified in version 2.8. 
    https://github.com/privacyidea/privacyidea/blob/master/Changelog#L119 
    
    Kind regards 
    Cornelius 
    
    Am Montag, den 13.06.2016, 03:29 -0700 schrieb jmdeking: 
    > To be clear, the files do exist in the directory so i am not
    sure what 
    > is happening here. 
    > 
    > 
    > 
    > 
    > On Monday, June 13, 2016 at 12:23:27 PM UTC+2, jmdeking wrote: 
    >         Hi there, 
    >         
    >         
    >         I use the following setup: 
    >         
    >         
    >         Ubuntu 14.04 with Privacyidea 2.7 from the provided
    repo. 
    >         
    >         
    >         
    >         
    >         When i set a system wide policy to set the
    default_token type 
    >         to email a user logs in but doesnt get the default
    token i 
    >         setup in the WebUI policy: 
    >         
    >         
    >         10.200.200.183 - - [13/Jun/2016:12:20:55 +0200] 404 
    >
    "GET /static/components/token/views/token.enrolled.email.html 
    >         HTTP/1.1"  233 "https://changed/" "Mozilla/5.0 (X11;
    Linux 
    >         x86_64) AppleWebKit/537.36 (KHTML, like Gecko)
    Ubuntu 
    >         Chromium/49.0.2623.108 Chrome/49.0.2623.108
    Safari/537.36" 
    >         10.200.200.183 - - [13/Jun/2016:12:20:55 +0200] 404 
    >
    "GET /static/components/token/views/token.enrolled.sms.html 
    >         HTTP/1.1"  233 "https://changed/" "Mozilla/5.0 (X11;
    Linux 
    >         x86_64) AppleWebKit/537.36 (KHTML, like Gecko)
    Ubuntu 
    >         Chromium/49.0.2623.108 Chrome/49.0.2623.108
    Safari/537.36" 
    >         
    >         
    >         Do you know what i going wrong here? 
    >         
    >         
    >         
    >         
    >         
    >         
    >         PI.CFG: 
    >         
    >         
    >         import logging 
    >         # The realm, where users are allowed to login as 
    >         administrators 
    >         SUPERUSER_REALM = ['super'] 
    >         # Your database 
    >         #SQLALCHEMY_DATABASE_URI = 
    >         'sqlite:////etc/privacyidea/data.sqlite' 
    >         # This is used to encrypt the auth_token 
    >         #SECRET_KEY = 't0p s3cr3t' 
    >         # This is used to encrypt the admin passwords 
    >         #PI_PEPPER = "Never know..." 
    >         # This is used to encrypt the token data and token
    passwords 
    >         PI_ENCFILE = '/etc/privacyidea/enckey' 
    >         # This is used to sign the audit log 
    >         # This is the dummy base class 
    >         #PI_AUDIT_MODULE =
    'privacyidea.lib.auditmodules.base' 
    >         # This is the default 
    >         #PI_AUDIT_MODULE =
    'privacyidea.lib.auditmodules.sqlaudit' 
    >         # This is used to sign the audit log 
    >         PI_AUDIT_KEY_PRIVATE =
    '/etc/privacyidea/private.pem' 
    >         PI_AUDIT_KEY_PUBLIC = '/etc/privacyidea/public.pem' 
    >         PI_LOGFILE = '/var/log/privacyidea/privacyidea.log' 
    >         PI_LOGLEVEL = logging.INFO 
    >         
    >         
    >         #PI_CUSTOMIZATION = "/" 
    >         
    >         
    >         #PI_CSS =
    '/static/customize/css/bootstrap-theme.css' 
    >         
    >         
    >         PI_PEPPER = 'changed' 
    >         SECRET_KEY = 'changed' 
    >         SQLALCHEMY_DATABASE_URI =
    'mysql://pi:changed@localhost/pi' 
    > -- 
    > Please read the blog post about getting help 
    > https://www.privacyidea.org/getting-help/. 
    >   
    > For professional services and consultancy regarding two
    factor 
    > authentication please visit 
    > https://netknights.it/en/leistungen/one-time-services/ 
    >   
    > In an enterprise environment you should get a SERVICE LEVEL
    AGREEMENT 
    > which suites your needs for SECURITY, AVAILABILITY and
    LIABILITY: 
    >
    https://netknights.it/en/leistungen/service-level-agreements/ 
    > --- 
    > You received this message because you are subscribed to the
    Google 
    > Groups "privacyidea" group. 
    > To unsubscribe from this group and stop receiving emails
    from it, send 
    > an email to privacyidea...@googlegroups.com. 
    > To post to this group, send email to
    priva...@googlegroups.com. 
    > Visit this group at
    https://groups.google.com/group/privacyidea. 
    > To view this discussion on the web visit 
    >
    https://groups.google.com/d/msgid/privacyidea/74fc71fb-b8ea-4076-a8d2-a7b16bdb7bb6%40googlegroups.com. 
    > For more options, visit https://groups.google.com/d/optout. 
    
    -- 
    Cornelius Kölbel 
    corneliu...@netknights.it 
    +49 151 2960 1417 
    
    NetKnights GmbH 
    http://www.netknights.it 
    Landgraf-Karl-Str. 19, 34131 Kassel, Germany 
    Tel: +49 561 3166797, Fax: +49 561 3166798 
    
    Amtsgericht Kassel, HRB 16405 
    Geschäftsführer: Cornelius Kölbel 


Please read the blog post about getting help
https://www.privacyidea.org/getting-help/.

For professional services and consultancy regarding two factor
authentication please visit
https://netknights.it/en/leistungen/one-time-services/

In an enterprise environment you should get a SERVICE LEVEL AGREEMENT
which suites your needs for SECURITY, AVAILABILITY and LIABILITY:
https://netknights.it/en/leistungen/service-level-agreements/

You received this message because you are subscribed to the Google
Groups “privacyidea” group.
To unsubscribe from this group and stop receiving emails from it, send
an email to privacyidea+unsubscribe@googlegroups.com.
To post to this group, send email to privacyidea@googlegroups.com.
Visit this group at https://groups.google.com/group/privacyidea.
To view this discussion on the web visit
https://groups.google.com/d/msgid/privacyidea/ef7fd503-e74e-47e9-8421-68fb3b1a30bb%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


Cornelius Kölbel
@cornelinux
+49 151 2960 1417

NetKnights GmbH
http://www.netknights.it
Landgraf-Karl-Str. 19, 34131 Kassel, Germany
Tel: +49 561 3166797, Fax: +49 561 3166798

Amtsgericht Kassel, HRB 16405
Geschäftsführer: Cornelius Kölbel

signature.asc (836 Bytes)

I think i am running the latest version.

sudo apt-get install python-privacyidea
Pakketlijsten worden ingelezen… Klaar
Boom van vereisten wordt opgebouwd
De status informatie wordt gelezen… Klaar
python-privacyidea is already latest version.

sudo apt-cache show python-privacyidea
Package: python-privacyidea
Priority: optional
Section: python
Installed-Size: 7811
Maintainer: Cornelius Kölbel <
Architecture: all
Version: 2.12.1-1trusty
Replaces: privacyidea (<< 2.0)
Depends: python (>= 2.7), python (<< 2.8), python:any (>= 2.7.1-0ubuntu2),
python-flask, python-flask-migrate, python-flask-sqlalchemy,
python-flask-script, python-jinja2, python-mako, python-markupsafe,
python-pymysql, python-pillow, python-pyjwt, python-yaml, python-pygments,
python-sqlalchemy, python-werkzeug, alembic, python-bcrypt, python-bs4,
python-cffi, python-configobj, python-docutils, python-funcparserlib,
python-itsdangerous, python-ldap3, python-netaddr, python-passlib,
python-pyasn1, python-openssl, python-pycparser, python-crypto,
python-pyrad, python-usb, python-qrcode, python-requests, python-sqlsoup,
python-ecdsa, python-lxml, python-pandas, python-matplotlib
Breaks: privacyidea (<< 2.0)
Filename:
pool/main/p/python-privacyidea/python-privacyidea_2.12.1-1trusty_all.deb
Size: 1668282
MD5sum: 33323220961aa83251d79fa768cf61a6
SHA1: a3e951809b8490c9b05931583bf9450d373b97ad
SHA256: d511d991903ac319b3d72cff34435cb8da7aff12adacbfb54e36635a448f747e
Description-en: two-factor authentication system e.g. for OTP devices
privacyIDEA: identity, multifactor authentication, authorization.
This package contains the python module for privacyIDEA. If you want
to run it in a productive webserver you might want to install
privacyidea-nginx or privacyidea-apache2.
privacyIDEA is an open solution for strong two-factor authentication.
privacyIDEA aims to not bind you to any decision of the authentication
protocol
or it does not dictate you where your user information should be stored.
This is achieved by its totally modular architecture.
privacyIDEA is not only open as far as its modular architecture is
concerned.
But privacyIDEA is completely licensed under the AGPLv3.
Description-md5: d83384f70b39fc92f22fd9110f628dd2On Monday, June 13, 2016 at 12:46:51 PM UTC+2, Cornelius Kölbel wrote:

Hi,

this behaviour was changed/fixed/clarified in version 2.8.
https://github.com/privacyidea/privacyidea/blob/master/Changelog#L119

Kind regards
Cornelius

Am Montag, den 13.06.2016, 03:29 -0700 schrieb jmdeking:

To be clear, the files do exist in the directory so i am not sure what
is happening here.

On Monday, June 13, 2016 at 12:23:27 PM UTC+2, jmdeking wrote:
Hi there,

    I use the following setup: 
    
    
    Ubuntu 14.04 with Privacyidea 2.7 from the provided repo. 
    
    
    
    
    When i set a system wide policy to set the default_token type 
    to email a user logs in but doesnt get the default token i 
    setup in the WebUI policy: 
    
    
    10.200.200.183 - - [13/Jun/2016:12:20:55 +0200] 404 
    "GET /static/components/token/views/token.enrolled.email.html 
    HTTP/1.1"  233 "https://changed/" "Mozilla/5.0 (X11; Linux 
    x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu 
    Chromium/49.0.2623.108 Chrome/49.0.2623.108 Safari/537.36" 
    10.200.200.183 - - [13/Jun/2016:12:20:55 +0200] 404 
    "GET /static/components/token/views/token.enrolled.sms.html 
    HTTP/1.1"  233 "https://changed/" "Mozilla/5.0 (X11; Linux 
    x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu 
    Chromium/49.0.2623.108 Chrome/49.0.2623.108 Safari/537.36" 
    
    
    Do you know what i going wrong here? 
    
    
    
    
    
    
    PI.CFG: 
    
    
    import logging 
    # The realm, where users are allowed to login as 
    administrators 
    SUPERUSER_REALM = ['super'] 
    # Your database 
    #SQLALCHEMY_DATABASE_URI = 
    'sqlite:////etc/privacyidea/data.sqlite' 
    # This is used to encrypt the auth_token 
    #SECRET_KEY = 't0p s3cr3t' 
    # This is used to encrypt the admin passwords 
    #PI_PEPPER = "Never know..." 
    # This is used to encrypt the token data and token passwords 
    PI_ENCFILE = '/etc/privacyidea/enckey' 
    # This is used to sign the audit log 
    # This is the dummy base class 
    #PI_AUDIT_MODULE = 'privacyidea.lib.auditmodules.base' 
    # This is the default 
    #PI_AUDIT_MODULE = 'privacyidea.lib.auditmodules.sqlaudit' 
    # This is used to sign the audit log 
    PI_AUDIT_KEY_PRIVATE = '/etc/privacyidea/private.pem' 
    PI_AUDIT_KEY_PUBLIC = '/etc/privacyidea/public.pem' 
    PI_LOGFILE = '/var/log/privacyidea/privacyidea.log' 
    PI_LOGLEVEL = logging.INFO 
    
    
    #PI_CUSTOMIZATION = "/" 
    
    
    #PI_CSS = '/static/customize/css/bootstrap-theme.css' 
    
    
    PI_PEPPER = 'changed' 
    SECRET_KEY = 'changed' 
    SQLALCHEMY_DATABASE_URI = 'mysql://pi:changed@localhost/pi' 


Please read the blog post about getting help
https://www.privacyidea.org/getting-help/.

For professional services and consultancy regarding two factor
authentication please visit
https://netknights.it/en/leistungen/one-time-services/

In an enterprise environment you should get a SERVICE LEVEL AGREEMENT
which suites your needs for SECURITY, AVAILABILITY and LIABILITY:
https://netknights.it/en/leistungen/service-level-agreements/

You received this message because you are subscribed to the Google
Groups “privacyidea” group.
To unsubscribe from this group and stop receiving emails from it, send
an email to privacyidea...@googlegroups.com <javascript:>.
To post to this group, send email to priva...@googlegroups.com
<javascript:>.
Visit this group at https://groups.google.com/group/privacyidea.
To view this discussion on the web visit

https://groups.google.com/d/msgid/privacyidea/74fc71fb-b8ea-4076-a8d2-a7b16bdb7bb6%40googlegroups.com.

For more options, visit https://groups.google.com/d/optout.


Cornelius Kölbel
corneliu...@netknights.it <javascript:>
+49 151 2960 1417

NetKnights GmbH
http://www.netknights.it
Landgraf-Karl-Str. 19, 34131 Kassel, Germany
Tel: +49 561 3166797, Fax: +49 561 3166798

Amtsgericht Kassel, HRB 16405
Geschäftsführer: Cornelius Kölbel

When i install privacyidea on a clean server i also get a 404 but it try’s
for a second time and i then succeeds.

::1 - - [13/Jun/2016:13:38:35 +0200] 404 “GET
/static/components/token/views/token.enrolled.yubikey.html HTTP/1.1” 233
"https://localhost/" “Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36
(KHTML, like Gecko) Ubuntu Chromium/49.0.2623.108 Chrome/49.0.2623.108
Safari/537.36”
::1 - - [13/Jun/2016:13:38:35 +0200] 200 “GET
/static/components/token/views/token.enroll.yubikey.html HTTP/1.1” 770
"https://localhost/" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36
(KHTML, like Gecko) Ubuntu Chromium/49.0.2623.108 Chrome/49.0.2623.108
Safari/537.36"On Monday, June 13, 2016 at 1:06:48 PM UTC+2, jmdeking wrote:

I think i am running the latest version.

sudo apt-get install python-privacyidea
Pakketlijsten worden ingelezen… Klaar
Boom van vereisten wordt opgebouwd
De status informatie wordt gelezen… Klaar
python-privacyidea is already latest version.

sudo apt-cache show python-privacyidea
Package: python-privacyidea
Priority: optional
Section: python
Installed-Size: 7811
Maintainer: Cornelius Kölbel <
Architecture: all
Version: 2.12.1-1trusty
Replaces: privacyidea (<< 2.0)
Depends: python (>= 2.7), python (<< 2.8), python:any (>= 2.7.1-0ubuntu2),
python-flask, python-flask-migrate, python-flask-sqlalchemy,
python-flask-script, python-jinja2, python-mako, python-markupsafe,
python-pymysql, python-pillow, python-pyjwt, python-yaml, python-pygments,
python-sqlalchemy, python-werkzeug, alembic, python-bcrypt, python-bs4,
python-cffi, python-configobj, python-docutils, python-funcparserlib,
python-itsdangerous, python-ldap3, python-netaddr, python-passlib,
python-pyasn1, python-openssl, python-pycparser, python-crypto,
python-pyrad, python-usb, python-qrcode, python-requests, python-sqlsoup,
python-ecdsa, python-lxml, python-pandas, python-matplotlib
Breaks: privacyidea (<< 2.0)
Filename:
pool/main/p/python-privacyidea/python-privacyidea_2.12.1-1trusty_all.deb
Size: 1668282
MD5sum: 33323220961aa83251d79fa768cf61a6
SHA1: a3e951809b8490c9b05931583bf9450d373b97ad
SHA256: d511d991903ac319b3d72cff34435cb8da7aff12adacbfb54e36635a448f747e
Description-en: two-factor authentication system e.g. for OTP devices
privacyIDEA: identity, multifactor authentication, authorization.
This package contains the python module for privacyIDEA. If you want
to run it in a productive webserver you might want to install
privacyidea-nginx or privacyidea-apache2.
privacyIDEA is an open solution for strong two-factor authentication.
privacyIDEA aims to not bind you to any decision of the authentication
protocol
or it does not dictate you where your user information should be stored.
This is achieved by its totally modular architecture.
privacyIDEA is not only open as far as its modular architecture is
concerned.
But privacyIDEA is completely licensed under the AGPLv3.
Description-md5: d83384f70b39fc92f22fd9110f628dd2

On Monday, June 13, 2016 at 12:46:51 PM UTC+2, Cornelius Kölbel wrote:

Hi,

this behaviour was changed/fixed/clarified in version 2.8.
https://github.com/privacyidea/privacyidea/blob/master/Changelog#L119

Kind regards
Cornelius

Am Montag, den 13.06.2016, 03:29 -0700 schrieb jmdeking:

To be clear, the files do exist in the directory so i am not sure what
is happening here.

On Monday, June 13, 2016 at 12:23:27 PM UTC+2, jmdeking wrote:
Hi there,

    I use the following setup: 
    
    
    Ubuntu 14.04 with Privacyidea 2.7 from the provided repo. 
    
    
    
    
    When i set a system wide policy to set the default_token type 
    to email a user logs in but doesnt get the default token i 
    setup in the WebUI policy: 
    
    
    10.200.200.183 - - [13/Jun/2016:12:20:55 +0200] 404 
    "GET /static/components/token/views/token.enrolled.email.html 
    HTTP/1.1"  233 "https://changed/" "Mozilla/5.0 (X11; Linux 
    x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu 
    Chromium/49.0.2623.108 Chrome/49.0.2623.108 Safari/537.36" 
    10.200.200.183 - - [13/Jun/2016:12:20:55 +0200] 404 
    "GET /static/components/token/views/token.enrolled.sms.html 
    HTTP/1.1"  233 "https://changed/" "Mozilla/5.0 (X11; Linux 
    x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu 
    Chromium/49.0.2623.108 Chrome/49.0.2623.108 Safari/537.36" 
    
    
    Do you know what i going wrong here? 
    
    
    
    
    
    
    PI.CFG: 
    
    
    import logging 
    # The realm, where users are allowed to login as 
    administrators 
    SUPERUSER_REALM = ['super'] 
    # Your database 
    #SQLALCHEMY_DATABASE_URI = 
    'sqlite:////etc/privacyidea/data.sqlite' 
    # This is used to encrypt the auth_token 
    #SECRET_KEY = 't0p s3cr3t' 
    # This is used to encrypt the admin passwords 
    #PI_PEPPER = "Never know..." 
    # This is used to encrypt the token data and token passwords 
    PI_ENCFILE = '/etc/privacyidea/enckey' 
    # This is used to sign the audit log 
    # This is the dummy base class 
    #PI_AUDIT_MODULE = 'privacyidea.lib.auditmodules.base' 
    # This is the default 
    #PI_AUDIT_MODULE = 'privacyidea.lib.auditmodules.sqlaudit' 
    # This is used to sign the audit log 
    PI_AUDIT_KEY_PRIVATE = '/etc/privacyidea/private.pem' 
    PI_AUDIT_KEY_PUBLIC = '/etc/privacyidea/public.pem' 
    PI_LOGFILE = '/var/log/privacyidea/privacyidea.log' 
    PI_LOGLEVEL = logging.INFO 
    
    
    #PI_CUSTOMIZATION = "/" 
    
    
    #PI_CSS = '/static/customize/css/bootstrap-theme.css' 
    
    
    PI_PEPPER = 'changed' 
    SECRET_KEY = 'changed' 
    SQLALCHEMY_DATABASE_URI = 'mysql://pi:changed@localhost/pi' 


Please read the blog post about getting help
https://www.privacyidea.org/getting-help/.

For professional services and consultancy regarding two factor
authentication please visit
https://netknights.it/en/leistungen/one-time-services/

In an enterprise environment you should get a SERVICE LEVEL AGREEMENT
which suites your needs for SECURITY, AVAILABILITY and LIABILITY:
https://netknights.it/en/leistungen/service-level-agreements/

You received this message because you are subscribed to the Google
Groups “privacyidea” group.
To unsubscribe from this group and stop receiving emails from it, send
an email to privacyidea...@googlegroups.com.
To post to this group, send email to priva...@googlegroups.com.
Visit this group at https://groups.google.com/group/privacyidea.
To view this discussion on the web visit

https://groups.google.com/d/msgid/privacyidea/74fc71fb-b8ea-4076-a8d2-a7b16bdb7bb6%40googlegroups.com.

For more options, visit https://groups.google.com/d/optout.


Cornelius Kölbel
corneliu...@netknights.it
+49 151 2960 1417

NetKnights GmbH
http://www.netknights.it
Landgraf-Karl-Str. 19, 34131 Kassel, Germany
Tel: +49 561 3166797, Fax: +49 561 3166798

Amtsgericht Kassel, HRB 16405
Geschäftsführer: Cornelius Kölbel

To be clear, the files do exist in the directory so i am not sure what is
happening here.On Monday, June 13, 2016 at 12:23:27 PM UTC+2, jmdeking wrote:

Hi there,

I use the following setup:

Ubuntu 14.04 with Privacyidea 2.7 from the provided repo.

When i set a system wide policy to set the default_token type to email a
user logs in but doesnt get the default token i setup in the WebUI policy:

10.200.200.183 - - [13/Jun/2016:12:20:55 +0200] 404 “GET
/static/components/token/views/token.enrolled.email.html HTTP/1.1” 233
"https://changed/" “Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36
(KHTML, like Gecko) Ubuntu Chromium/49.0.2623.108 Chrome/49.0.2623.108
Safari/537.36"
10.200.200.183 - - [13/Jun/2016:12:20:55 +0200] 404 “GET
/static/components/token/views/token.enrolled.sms.html HTTP/1.1” 233
"https://changed/” “Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36
(KHTML, like Gecko) Ubuntu Chromium/49.0.2623.108 Chrome/49.0.2623.108
Safari/537.36”

Do you know what i going wrong here?

PI.CFG:

import logging

The realm, where users are allowed to login as administrators

SUPERUSER_REALM = [‘super’]

Your database

#SQLALCHEMY_DATABASE_URI = ‘sqlite:////etc/privacyidea/data.sqlite’

This is used to encrypt the auth_token

#SECRET_KEY = ‘t0p s3cr3t’

This is used to encrypt the admin passwords

#PI_PEPPER = “Never know…”

This is used to encrypt the token data and token passwords

PI_ENCFILE = ‘/etc/privacyidea/enckey’

This is used to sign the audit log

This is the dummy base class

#PI_AUDIT_MODULE = ‘privacyidea.lib.auditmodules.base’

This is the default

#PI_AUDIT_MODULE = ‘privacyidea.lib.auditmodules.sqlaudit’

This is used to sign the audit log

PI_AUDIT_KEY_PRIVATE = '/etc/privacyidea/private.pem’
PI_AUDIT_KEY_PUBLIC = '/etc/privacyidea/public.pem’
PI_LOGFILE = '/var/log/privacyidea/privacyidea.log’
PI_LOGLEVEL = logging.INFO

#PI_CUSTOMIZATION = “/”

#PI_CSS = ‘/static/customize/css/bootstrap-theme.css’

PI_PEPPER = 'changed’
SECRET_KEY = 'changed’
SQLALCHEMY_DATABASE_URI = ‘mysql://pi:changed@localhost/pi’

Please take a closer look at your policies. You probably have
contradicting policies. If the user is not allowed to enroll the token
type you define as default_tokentype things will happen, I do not know.

You can go to Config->System->System documentation which will output a
restructured text. You can paste the section of your policies.

Starting at

Policy Configuration--------------------

Thanks.

Am Montag, den 13.06.2016, 05:53 -0700 schrieb jmdeking:

Action:
I create a WebUI policy with the setting “default_tokentype” to the
value email or sms or whatever and assign it to my realm.

Result:
User logs in to webportal and when he clicks “Enroll Token” the first
option is sms.
Above is good! Great!

Problem:
i also create a User policy with a random setting and assign it to my
realm.

Problem:
User logs io to webportal and when he clicks “Enroll token” the first
option is not sms, but another available token type. (in this case
email or totp)

Question: What is going wrong?

Things i have try’d to solve the problem:

  • Reverted to ;last snapshot without any configuration and after
    configuring the same result so no success.
  • in the webui profile checked everything off except the
    “default_tokentype” alas no success.
  • in the user profile checked everything off except enroll email and
    enroll sms but no success.

*** My Setup ***

Privacyidea Version: 2.12.1 (from ubuntu repo)

2x LDAP Backend in a realm.

pi.cfg
import logging

The realm, where users are allowed to login as administrators

SUPERUSER_REALM = [‘super’]

Your database

#SQLALCHEMY_DATABASE_URI = ‘sqlite:////etc/privacyidea/data.sqlite’

This is used to encrypt the auth_token

#SECRET_KEY = ‘changed’

This is used to encrypt the admin passwords

#PI_PEPPER = “Never know…”

This is used to encrypt the token data and token passwords

PI_ENCFILE = ‘/etc/privacyidea/enckey’

This is used to sign the audit log

This is the dummy base class

#PI_AUDIT_MODULE = ‘privacyidea.lib.auditmodules.base’

This is the default

#PI_AUDIT_MODULE = ‘privacyidea.lib.auditmodules.sqlaudit’

This is used to sign the audit log

PI_AUDIT_KEY_PRIVATE = ‘/etc/privacyidea/private.pem’
PI_AUDIT_KEY_PUBLIC = ‘/etc/privacyidea/public.pem’
PI_LOGFILE = ‘/var/log/privacyidea/privacyidea.log’
PI_LOGLEVEL = logging.INFO

PI_PEPPER = ‘changed’
SECRET_KEY = ‘changed’
SQLALCHEMY_DATABASE_URI = ‘mysql://pi:changed@localhost/pi’

ssl_access.log when of i access the “Enroll Token” page.
10.200.200.183 - - [06/Jun/2016:14:07:01 +0200] 200 “GET /policy/
HTTP/1.1” 1741 “https://changed/” “Mozilla/5.0 (X11; Linux x86_64)
AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu Chromium/49.0.2623.108
Chrome/49.0.2623.108 Safari/537.36”
10.200.200.183 - - [06/Jun/2016:14:07:07 +0200] 200 “POST /auth
HTTP/1.1” 1816 “https://changed/” “Mozilla/5.0 (X11; Linux x86_64)
AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu Chromium/49.0.2623.108
Chrome/49.0.2623.108 Safari/537.36”
10.200.200.183 - - [06/Jun/2016:14:07:07 +0200] 200 “GET /token/
HTTP/1.1” 854 “https://changed/” “Mozilla/5.0 (X11; Linux x86_64)
AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu Chromium/49.0.2623.108
Chrome/49.0.2623.108 Safari/537.36”
10.200.200.183 - - [06/Jun/2016:14:07:07 +0200] 200 “GET /token/
HTTP/1.1” 854 “https://changedl/” “Mozilla/5.0 (X11; Linux x86_64)
AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu Chromium/49.0.2623.108
Chrome/49.0.2623.108 Safari/537.36”
10.200.200.183 - - [06/Jun/2016:14:07:09 +0200] 404
“GET /static/components/token/views/token.enrolled.email.html
HTTP/1.1” 233 “https://changed/” “Mozilla/5.0 (X11; Linux x86_64)
AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu Chromium/49.0.2623.108
Chrome/49.0.2623.108 Safari/537.36”
10.200.200.183 - - [06/Jun/2016:14:07:09 +0200] 200 “GET /auth/rights
HTTP/1.1” 926 “https://changed/” “Mozilla/5.0 (X11; Linux x86_64)
AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu Chromium/49.0.2623.108
Chrome/49.0.2623.108 Safari/537.36”
10.200.200.183 - - [06/Jun/2016:14:07:10 +0200] 404
“GET /static/components/token/views/token.enrolled.sms.html HTTP/1.1”
233 “https://changed/” “Mozilla/5.0 (X11; Linux x86_64)
AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu Chromium/49.0.2623.108
Chrome/49.0.2623.108 Safari/537.36”
10.200.200.183 - - [06/Jun/2016:14:07:09 +0200] 200
“GET /radiusserver/ HTTP/1.1” 789 “https://changed/” “Mozilla/5.0
(X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu
Chromium/49.0.2623.108 Chrome/49.0.2623.108 Safari/537.36”
10.200.200.183 - - [06/Jun/2016:14:07:09 +0200] 200 “GET /system/
HTTP/1.1” 834 “https://changed/” “Mozilla/5.0 (X11; Linux x86_64)
AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu Chromium/49.0.2623.108
Chrome/49.0.2623.108 Safari/537.36”
10.200.200.183 - - [06/Jun/2016:14:07:09 +0200] 200 “GET /caconnector/
HTTP/1.1” 789 “https://changed/” “Mozilla/5.0 (X11; Linux x86_64)
AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu Chromium/49.0.2623.108
Chrome/49.0.2623.108 Safari/537.36”

On Monday, June 13, 2016 at 2:00:52 PM UTC+2, Cornelius Kölbel wrote:
My magic glass ball does not work.
Please send more information, what you have configured, what
you are
doing, what you are seeing and what you expect.

    https://www.privacyidea.org/getting-help/ 
    
    Am Montag, den 13.06.2016, 04:06 -0700 schrieb jmdeking: 
    > I think i am running the latest version. 
    > 
    > 
    > sudo apt-get install python-privacyidea 
    > Pakketlijsten worden ingelezen... Klaar 
    > Boom van vereisten wordt opgebouwd       
    > De status informatie wordt gelezen... Klaar 
    > python-privacyidea is already latest version. 
    > 
    > 
    > sudo apt-cache show python-privacyidea 
    > Package: python-privacyidea 
    > Priority: optional 
    > Section: python 
    > Installed-Size: 7811 
    > Maintainer: Cornelius Kölbel < 
    > Architecture: all 
    > Version: 2.12.1-1trusty 
    > Replaces: privacyidea (<< 2.0) 
    > Depends: python (>= 2.7), python (<< 2.8), python:any (>= 
    > 2.7.1-0ubuntu2), python-flask, python-flask-migrate, 
    > python-flask-sqlalchemy, python-flask-script,
    python-jinja2, 
    > python-mako, python-markupsafe, python-pymysql,
    python-pillow, 
    > python-pyjwt, python-yaml, python-pygments,
    python-sqlalchemy, 
    > python-werkzeug, alembic, python-bcrypt, python-bs4,
    python-cffi, 
    > python-configobj, python-docutils, python-funcparserlib, 
    > python-itsdangerous, python-ldap3, python-netaddr,
    python-passlib, 
    > python-pyasn1, python-openssl, python-pycparser,
    python-crypto, 
    > python-pyrad, python-usb, python-qrcode, python-requests, 
    > python-sqlsoup, python-ecdsa, python-lxml, python-pandas, 
    > python-matplotlib 
    > Breaks: privacyidea (<< 2.0) 
    > Filename: 
    >
    pool/main/p/python-privacyidea/python-privacyidea_2.12.1-1trusty_all.deb 
    > Size: 1668282 
    > MD5sum: 33323220961aa83251d79fa768cf61a6 
    > SHA1: a3e951809b8490c9b05931583bf9450d373b97ad 
    > SHA256: 
    >
    d511d991903ac319b3d72cff34435cb8da7aff12adacbfb54e36635a448f747e 
    > Description-en: two-factor authentication system e.g. for
    OTP devices 
    >  privacyIDEA: identity, multifactor authentication,
    authorization. 
    >  This package contains the python module for privacyIDEA. If
    you want 
    >  to run it in a productive webserver you might want to
    install 
    >  privacyidea-nginx or privacyidea-apache2. 
    >  privacyIDEA is an open solution for strong two-factor
    authentication. 
    >  privacyIDEA aims to not bind you to any decision of the 
    > authentication protocol 
    >  or it does not dictate you where your user information
    should be 
    > stored. 
    >  This is achieved by its totally modular architecture. 
    >  privacyIDEA is not only open as far as its modular
    architecture is 
    > concerned. 
    >  But privacyIDEA is completely licensed under the AGPLv3. 
    > Description-md5: d83384f70b39fc92f22fd9110f628dd2 
    > 
    > On Monday, June 13, 2016 at 12:46:51 PM UTC+2, Cornelius Kölbel wrote: 
    >         Hi, 
    >         
    >         this behaviour was changed/fixed/clarified in
    version 2.8. 
    >
    https://github.com/privacyidea/privacyidea/blob/master/Changelog#L119 
    >         
    >         Kind regards 
    >         Cornelius 
    >         
    >         Am Montag, den 13.06.2016, 03:29 -0700 schrieb
    jmdeking: 
    >         > To be clear, the files do exist in the directory
    so i am not 
    >         sure what 
    >         > is happening here. 
    >         > 
    >         > 
    >         > 
    >         > 
    >         > On Monday, June 13, 2016 at 12:23:27 PM UTC+2, jmdeking  wrote: 
    >         >         Hi there, 
    >         >         
    >         >         
    >         >         I use the following setup: 
    >         >         
    >         >         
    >         >         Ubuntu 14.04 with Privacyidea 2.7 from the
    provided 
    >         repo. 
    >         >         
    >         >         
    >         >         
    >         >         
    >         >         When i set a system wide policy to set
    the 
    >         default_token type 
    >         >         to email a user logs in but doesnt get the
    default 
    >         token i 
    >         >         setup in the WebUI policy: 
    >         >         
    >         >         
    >         >         10.200.200.183 - - [13/Jun/2016:12:20:55
    +0200] 404 
    >         > 
    >
    "GET /static/components/token/views/token.enrolled.email.html 
    >         >         HTTP/1.1"  233 "https://changed/"
    "Mozilla/5.0 (X11; 
    >         Linux 
    >         >         x86_64) AppleWebKit/537.36 (KHTML, like
    Gecko) 
    >         Ubuntu 
    >         >         Chromium/49.0.2623.108
    Chrome/49.0.2623.108 
    >         Safari/537.36" 
    >         >         10.200.200.183 - - [13/Jun/2016:12:20:55
    +0200] 404 
    >         > 
    >
    "GET /static/components/token/views/token.enrolled.sms.html 
    >         >         HTTP/1.1"  233 "https://changed/"
    "Mozilla/5.0 (X11; 
    >         Linux 
    >         >         x86_64) AppleWebKit/537.36 (KHTML, like
    Gecko) 
    >         Ubuntu 
    >         >         Chromium/49.0.2623.108
    Chrome/49.0.2623.108 
    >         Safari/537.36" 
    >         >         
    >         >         
    >         >         Do you know what i going wrong here? 
    >         >         
    >         >         
    >         >         
    >         >         
    >         >         
    >         >         
    >         >         PI.CFG: 
    >         >         
    >         >         
    >         >         import logging 
    >         >         # The realm, where users are allowed to
    login as 
    >         >         administrators 
    >         >         SUPERUSER_REALM = ['super'] 
    >         >         # Your database 
    >         >         #SQLALCHEMY_DATABASE_URI = 
    >         >         'sqlite:////etc/privacyidea/data.sqlite' 
    >         >         # This is used to encrypt the auth_token 
    >         >         #SECRET_KEY = 't0p s3cr3t' 
    >         >         # This is used to encrypt the admin
    passwords 
    >         >         #PI_PEPPER = "Never know..." 
    >         >         # This is used to encrypt the token data
    and token 
    >         passwords 
    >         >         PI_ENCFILE = '/etc/privacyidea/enckey' 
    >         >         # This is used to sign the audit log 
    >         >         # This is the dummy base class 
    >         >         #PI_AUDIT_MODULE = 
    >         'privacyidea.lib.auditmodules.base' 
    >         >         # This is the default 
    >         >         #PI_AUDIT_MODULE = 
    >         'privacyidea.lib.auditmodules.sqlaudit' 
    >         >         # This is used to sign the audit log 
    >         >         PI_AUDIT_KEY_PRIVATE = 
    >         '/etc/privacyidea/private.pem' 
    >         >         PI_AUDIT_KEY_PUBLIC =
    '/etc/privacyidea/public.pem' 
    >         >         PI_LOGFILE =
    '/var/log/privacyidea/privacyidea.log' 
    >         >         PI_LOGLEVEL = logging.INFO 
    >         >         
    >         >         
    >         >         #PI_CUSTOMIZATION = "/" 
    >         >         
    >         >         
    >         >         #PI_CSS = 
    >         '/static/customize/css/bootstrap-theme.css' 
    >         >         
    >         >         
    >         >         PI_PEPPER = 'changed' 
    >         >         SECRET_KEY = 'changed' 
    >         >         SQLALCHEMY_DATABASE_URI = 
    >         'mysql://pi:changed@localhost/pi' 
    >         > -- 
    >         > Please read the blog post about getting help 
    >         > https://www.privacyidea.org/getting-help/. 
    >         >   
    >         > For professional services and consultancy
    regarding two 
    >         factor 
    >         > authentication please visit 
    >         >
    https://netknights.it/en/leistungen/one-time-services/ 
    >         >   
    >         > In an enterprise environment you should get a
    SERVICE LEVEL 
    >         AGREEMENT 
    >         > which suites your needs for SECURITY, AVAILABILITY
    and 
    >         LIABILITY: 
    >         > 
    >
    https://netknights.it/en/leistungen/service-level-agreements/ 
    >         > --- 
    >         > You received this message because you are
    subscribed to the 
    >         Google 
    >         > Groups "privacyidea" group. 
    >         > To unsubscribe from this group and stop receiving
    emails 
    >         from it, send 
    >         > an email to privacyidea...@googlegroups.com. 
    >         > To post to this group, send email to 
    >         priva...@googlegroups.com. 
    >         > Visit this group at 
    >         https://groups.google.com/group/privacyidea. 
    >         > To view this discussion on the web visit 
    >         > 
    >
    https://groups.google.com/d/msgid/privacyidea/74fc71fb-b8ea-4076-a8d2-a7b16bdb7bb6%40googlegroups.com. 
    >         > For more options, visit
    https://groups.google.com/d/optout. 
    >         
    >         -- 
    >         Cornelius Kölbel 
    >         corneliu...@netknights.it 
    >         +49 151 2960 1417 
    >         
    >         NetKnights GmbH 
    >         http://www.netknights.it 
    >         Landgraf-Karl-Str. 19, 34131 Kassel, Germany 
    >         Tel: +49 561 3166797, Fax: +49 561 3166798 
    >         
    >         Amtsgericht Kassel, HRB 16405 
    >         Geschäftsführer: Cornelius Kölbel 
    >         
    >         
    > -- 
    > Please read the blog post about getting help 
    > https://www.privacyidea.org/getting-help/. 
    >   
    > For professional services and consultancy regarding two
    factor 
    > authentication please visit 
    > https://netknights.it/en/leistungen/one-time-services/ 
    >   
    > In an enterprise environment you should get a SERVICE LEVEL
    AGREEMENT 
    > which suites your needs for SECURITY, AVAILABILITY and
    LIABILITY: 
    >
    https://netknights.it/en/leistungen/service-level-agreements/ 
    > --- 
    > You received this message because you are subscribed to the
    Google 
    > Groups "privacyidea" group. 
    > To unsubscribe from this group and stop receiving emails
    from it, send 
    > an email to privacyidea...@googlegroups.com. 
    > To post to this group, send email to
    priva...@googlegroups.com. 
    > Visit this group at
    https://groups.google.com/group/privacyidea. 
    > To view this discussion on the web visit 
    >
    https://groups.google.com/d/msgid/privacyidea/ef7fd503-e74e-47e9-8421-68fb3b1a30bb%40googlegroups.com. 
    > For more options, visit https://groups.google.com/d/optout. 
    
    -- 
    Cornelius Kölbel 
    corneliu...@netknights.it 
    +49 151 2960 1417 
    
    NetKnights GmbH 
    http://www.netknights.it 
    Landgraf-Karl-Str. 19, 34131 Kassel, Germany 
    Tel: +49 561 3166797, Fax: +49 561 3166798 
    
    Amtsgericht Kassel, HRB 16405 
    Geschäftsführer: Cornelius Kölbel 


Please read the blog post about getting help
https://www.privacyidea.org/getting-help/.

For professional services and consultancy regarding two factor
authentication please visit
https://netknights.it/en/leistungen/one-time-services/

In an enterprise environment you should get a SERVICE LEVEL AGREEMENT
which suites your needs for SECURITY, AVAILABILITY and LIABILITY:
https://netknights.it/en/leistungen/service-level-agreements/

You received this message because you are subscribed to the Google
Groups “privacyidea” group.
To unsubscribe from this group and stop receiving emails from it, send
an email to privacyidea+unsubscribe@googlegroups.com.
To post to this group, send email to privacyidea@googlegroups.com.
Visit this group at https://groups.google.com/group/privacyidea.
To view this discussion on the web visit
https://groups.google.com/d/msgid/privacyidea/25228782-5705-431c-82f1-4e6e5775d782%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


Cornelius Kölbel
@cornelinux
+49 151 2960 1417

NetKnights GmbH
http://www.netknights.it
Landgraf-Karl-Str. 19, 34131 Kassel, Germany
Tel: +49 561 3166797, Fax: +49 561 3166798

Amtsgericht Kassel, HRB 16405
Geschäftsführer: Cornelius Kölbel

signature.asc (836 Bytes)

I have a feeling it has something to do with this: (cause its the webui
profile which doesnt get applied)

Privacyidea.log

2016-06-13
16:06:37,092][4466][139866849027840][ERROR][privacyidea.lib.auditmodules.sqlaudit:255]
exception ProgrammingError(’(ProgrammingError) (1064, “You have an error in
your SQL syntax; check the manual that corresponds to your MySQL server
version for the right syntax to use near '), ‘admin’,
‘OLVG_StandaarD_WebUI’, ‘{u\\‘realm\\’: [u\\\\\‘changed <http://olvg.nl/>\\\\\’], u\\‘action\\’: [’ at line 1”)’,)
[2016-06-13
16:06:37,092][4466][139866849027840][ERROR][privacyidea.lib.auditmodules.sqlaudit:256]
DATA: {‘info’: “{u’realm’: [u’changed’], u’action’:
[u’default_tokentype=email’, u’login_mode=userstore’], u’client’: [],
u’user’: u’’, u’resolver’: u’’, u’time’: u’’, u’active’: True, u’scope’:
u’webui’, u’adminrealm’: []}”, ‘administrator’: u’admin’, ‘realm’:
[u’changed’], ‘success’: True, ‘privacyidea_server’: ‘changed
http://privacyidea.olvg.nl/’, ‘client_user_agent’: ‘chrome’, ‘client’:
‘10.200.200.183’, ‘user’: ‘’, ‘action_detail’: u’OLVG_StandaarD_WebUI’,
‘action’: ‘POST /policy/’, ‘serial’: None}

I can reproduce the error on a different clean machine as well when doing
the exact same thing. (so adding a user policy and a webui policy) (no ldap
server used just passwd in this case)

[2016-06-13
16:19:00,828][28046][139888116606720][ERROR][privacyidea.lib.auditmodules.sqlaudit:255]
exception ProgrammingError(’(ProgrammingError) (1064, “You have an error in
your SQL syntax; check the manual that corresponds to your MySQL server
version for the right syntax to use near ‘), ‘admin’, ‘test’,
’{u\\‘realm\\’: [u\\\\\‘defrealm\\\\\’], u\\‘action\\’:
[u\\\\\‘default_toke\’ at line 1”)’,) [2016-06-13 16:19:00,829][28046][139888116606720][ERROR][privacyidea.lib.auditmodules.sqlaudit:256]
DATA: {‘info’: “{u’realm’: [u’defrealm’], u’action’:
[u’default_tokentype=email’], u’client’: [], u’user’: [], u’resolver’: u’’,
u’time’: u’’, u’active’: True, u’scope’: u’webui’, u’adminrealm’: []}”,
‘administrator’: u’admin’, ‘realm’: [u’defrealm’], ‘success’: True,
‘privacyidea_server’: ‘localhost’, ‘client_user_agent’: ‘chrome’, ‘client’:
’::1’, ‘user’: ‘’, ‘action_detail’: u’test’, ‘action’: ‘POST
/policy/’, ‘serial’: None}
[2016-06-13
16:19:07,829][28046][139888124999424][ERROR][privacyidea.lib.auditmodules.sqlaudit:255]
exception ProgrammingError(’(ProgrammingError) (1064, “You have an error in
your SQL syntax; check the manual that corresponds to your MySQL server
version for the right syntax to use near ‘), ‘admin’, ‘user’,
’{u\\‘realm\\’: [u\\\\\‘defrealm\\\\\’], u\\‘action\\’:
[u\\\\\‘setpin\\\\\’, u\\\\\’ at line 1”)’,) [2016-06-13 16:19:07,829][28046][139888124999424][ERROR][privacyidea.lib.auditmodules.sqlaudit:256]
DATA: {‘info’: “{u’realm’: [u’defrealm’], u’action’: [u’setpin’, u’revoke’, u’enrollSMS’, u’enrollEMAIL’], u’client’: [], u’user’: [], u’resolver’:
u’’, u’time’: u’’, u’active’: True, u’scope’: u’user’, u’adminrealm’: []}”,
‘administrator’: u’admin’, ‘realm’: [u’defrealm’], ‘success’: True,
‘privacyidea_server’: ‘localhost’, ‘client_user_agent’: ‘chrome’, ‘client’:
’::1’, ‘user’: ‘’, ‘action_detail’: u’user’, ‘action’: ‘POST
/policy/’, ‘serial’: None}On Monday, June 13, 2016 at 2:53:10 PM UTC+2, jmdeking wrote:

Action:
I create a WebUI policy with the setting “default_tokentype” to the value
email or sms or whatever and assign it to my realm.

Result:
User logs in to webportal and when he clicks “Enroll Token” the first
option is sms.
Above is good! Great!

Problem:
i also create a User policy with a random setting and assign it to my
realm.

Problem:
User logs io to webportal and when he clicks “Enroll token” the first
option is not sms, but another available token type. (in this case
email or totp)

Question: What is going wrong?

Things i have try’d to solve the problem:

  • Reverted to ;last snapshot without any configuration and after
    configuring the same result so no success.
  • in the webui profile checked everything off except the
    "default_tokentype" alas no success.
  • in the user profile checked everything off except enroll email and
    enroll sms but no success.

*** My Setup ***

Privacyidea Version: 2.12.1 (from ubuntu repo)
2x LDAP Backend in a realm.

pi.cfg
import logging

The realm, where users are allowed to login as administrators

SUPERUSER_REALM = [‘super’]

Your database

#SQLALCHEMY_DATABASE_URI = ‘sqlite:////etc/privacyidea/data.sqlite’

This is used to encrypt the auth_token

#SECRET_KEY = ‘changed

This is used to encrypt the admin passwords

#PI_PEPPER = “Never know…”

This is used to encrypt the token data and token passwords

PI_ENCFILE = ‘/etc/privacyidea/enckey’

This is used to sign the audit log

This is the dummy base class

#PI_AUDIT_MODULE = ‘privacyidea.lib.auditmodules.base’

This is the default

#PI_AUDIT_MODULE = ‘privacyidea.lib.auditmodules.sqlaudit’

This is used to sign the audit log

PI_AUDIT_KEY_PRIVATE = '/etc/privacyidea/private.pem’
PI_AUDIT_KEY_PUBLIC = '/etc/privacyidea/public.pem’
PI_LOGFILE = '/var/log/privacyidea/privacyidea.log’
PI_LOGLEVEL = logging.INFO

PI_PEPPER = 'changed
SECRET_KEY = 'changed
SQLALCHEMY_DATABASE_URI = ‘mysql://pi:changed@localhost/pi’

ssl_access.log when of i access the “Enroll Token” page.
10.200.200.183 - - [06/Jun/2016:14:07:01 +0200] 200 “GET /policy/
HTTP/1.1” 1741 “https://changed/” "Mozilla/5.0 (X11; Linux x86_64)
AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu Chromium/49.0.2623.108
Chrome/49.0.2623.108 Safari/537.36"
10.200.200.183 - - [06/Jun/2016:14:07:07 +0200] 200 "POST /auth HTTP/1.1"
1816 “https://changed/” "Mozilla/5.0 (X11; Linux x86_64)
AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu Chromium/49.0.2623.108
Chrome/49.0.2623.108 Safari/537.36"
10.200.200.183 - - [06/Jun/2016:14:07:07 +0200] 200 "GET /token/ HTTP/1.1"
854 “https://changed/” "Mozilla/5.0 (X11; Linux x86_64)
AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu Chromium/49.0.2623.108
Chrome/49.0.2623.108 Safari/537.36"
10.200.200.183 - - [06/Jun/2016:14:07:07 +0200] 200 "GET /token/ HTTP/1.1"
854 “https://changedl/” "Mozilla/5.0 (X11; Linux x86_64)
AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu Chromium/49.0.2623.108
Chrome/49.0.2623.108 Safari/537.36"
10.200.200.183 - - [06/Jun/2016:14:07:09 +0200] 404 “GET
/static/components/token/views/token.enrolled.email.html HTTP/1.1” 233 “
https://changed/” "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36
(KHTML, like Gecko) Ubuntu Chromium/49.0.2623.108 Chrome/49.0.2623.108
Safari/537.36"
10.200.200.183 - - [06/Jun/2016:14:07:09 +0200] 200 “GET /auth/rights
HTTP/1.1” 926 “https://changed/” "Mozilla/5.0 (X11; Linux x86_64)
AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu Chromium/49.0.2623.108
Chrome/49.0.2623.108 Safari/537.36"
10.200.200.183 - - [06/Jun/2016:14:07:10 +0200] 404 “GET
/static/components/token/views/token.enrolled.sms.html HTTP/1.1” 233 “
https://changed/” "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36
(KHTML, like Gecko) Ubuntu Chromium/49.0.2623.108 Chrome/49.0.2623.108
Safari/537.36"
10.200.200.183 - - [06/Jun/2016:14:07:09 +0200] 200 “GET /radiusserver/
HTTP/1.1” 789 “https://changed/” "Mozilla/5.0 (X11; Linux x86_64)
AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu Chromium/49.0.2623.108
Chrome/49.0.2623.108 Safari/537.36"
10.200.200.183 - - [06/Jun/2016:14:07:09 +0200] 200 “GET /system/
HTTP/1.1” 834 “https://changed/” "Mozilla/5.0 (X11; Linux x86_64)
AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu Chromium/49.0.2623.108
Chrome/49.0.2623.108 Safari/537.36"
10.200.200.183 - - [06/Jun/2016:14:07:09 +0200] 200 “GET /caconnector/
HTTP/1.1” 789 “https://changed/ https://privacyidea.olvg.nl/
“Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko)
Ubuntu Chromium/49.0.2623.108 Chrome/49.0.2623.108 Safari/537.36”

On Monday, June 13, 2016 at 2:00:52 PM UTC+2, Cornelius Kölbel wrote:

My magic glass ball does not work.
Please send more information, what you have configured, what you are
doing, what you are seeing and what you expect.

https://www.privacyidea.org/getting-help/

Am Montag, den 13.06.2016, 04:06 -0700 schrieb jmdeking:

I think i am running the latest version.

sudo apt-get install python-privacyidea
Pakketlijsten worden ingelezen… Klaar
Boom van vereisten wordt opgebouwd
De status informatie wordt gelezen… Klaar
python-privacyidea is already latest version.

sudo apt-cache show python-privacyidea
Package: python-privacyidea
Priority: optional
Section: python
Installed-Size: 7811
Maintainer: Cornelius Kölbel <
Architecture: all
Version: 2.12.1-1trusty
Replaces: privacyidea (<< 2.0)
Depends: python (>= 2.7), python (<< 2.8), python:any (>=
2.7.1-0ubuntu2), python-flask, python-flask-migrate,
python-flask-sqlalchemy, python-flask-script, python-jinja2,
python-mako, python-markupsafe, python-pymysql, python-pillow,
python-pyjwt, python-yaml, python-pygments, python-sqlalchemy,
python-werkzeug, alembic, python-bcrypt, python-bs4, python-cffi,
python-configobj, python-docutils, python-funcparserlib,
python-itsdangerous, python-ldap3, python-netaddr, python-passlib,
python-pyasn1, python-openssl, python-pycparser, python-crypto,
python-pyrad, python-usb, python-qrcode, python-requests,
python-sqlsoup, python-ecdsa, python-lxml, python-pandas,
python-matplotlib
Breaks: privacyidea (<< 2.0)
Filename:

pool/main/p/python-privacyidea/python-privacyidea_2.12.1-1trusty_all.deb

Size: 1668282
MD5sum: 33323220961aa83251d79fa768cf61a6
SHA1: a3e951809b8490c9b05931583bf9450d373b97ad
SHA256:
d511d991903ac319b3d72cff34435cb8da7aff12adacbfb54e36635a448f747e
Description-en: two-factor authentication system e.g. for OTP devices
privacyIDEA: identity, multifactor authentication, authorization.
This package contains the python module for privacyIDEA. If you want
to run it in a productive webserver you might want to install
privacyidea-nginx or privacyidea-apache2.
privacyIDEA is an open solution for strong two-factor authentication.
privacyIDEA aims to not bind you to any decision of the
authentication protocol
or it does not dictate you where your user information should be
stored.
This is achieved by its totally modular architecture.
privacyIDEA is not only open as far as its modular architecture is
concerned.
But privacyIDEA is completely licensed under the AGPLv3.
Description-md5: d83384f70b39fc92f22fd9110f628dd2

On Monday, June 13, 2016 at 12:46:51 PM UTC+2, Cornelius Kölbel wrote:
Hi,

    this behaviour was changed/fixed/clarified in version 2.8. 

https://github.com/privacyidea/privacyidea/blob/master/Changelog#L119

    Kind regards 
    Cornelius 
    
    Am Montag, den 13.06.2016, 03:29 -0700 schrieb jmdeking: 
    > To be clear, the files do exist in the directory so i am not 
    sure what 
    > is happening here. 
    > 
    > 
    > 
    > 
    > On Monday, June 13, 2016 at 12:23:27 PM UTC+2, jmdeking  wrote: 
    >         Hi there, 
    >         
    >         
    >         I use the following setup: 
    >         
    >         
    >         Ubuntu 14.04 with Privacyidea 2.7 from the provided 
    repo. 
    >         
    >         
    >         
    >         
    >         When i set a system wide policy to set the 
    default_token type 
    >         to email a user logs in but doesnt get the default 
    token i 
    >         setup in the WebUI policy: 
    >         
    >         
    >         10.200.200.183 - - [13/Jun/2016:12:20:55 +0200] 404 
    > 
    "GET /static/components/token/views/token.enrolled.email.html 
    >         HTTP/1.1"  233 "https://changed/" "Mozilla/5.0 (X11; 
    Linux 
    >         x86_64) AppleWebKit/537.36 (KHTML, like Gecko) 
    Ubuntu 
    >         Chromium/49.0.2623.108 Chrome/49.0.2623.108 
    Safari/537.36" 
    >         10.200.200.183 - - [13/Jun/2016:12:20:55 +0200] 404 
    > 
    "GET /static/components/token/views/token.enrolled.sms.html 
    >         HTTP/1.1"  233 "https://changed/" "Mozilla/5.0 (X11; 
    Linux 
    >         x86_64) AppleWebKit/537.36 (KHTML, like Gecko) 
    Ubuntu 
    >         Chromium/49.0.2623.108 Chrome/49.0.2623.108 
    Safari/537.36" 
    >         
    >         
    >         Do you know what i going wrong here? 
    >         
    >         
    >         
    >         
    >         
    >         
    >         PI.CFG: 
    >         
    >         
    >         import logging 
    >         # The realm, where users are allowed to login as 
    >         administrators 
    >         SUPERUSER_REALM = ['super'] 
    >         # Your database 
    >         #SQLALCHEMY_DATABASE_URI = 
    >         'sqlite:////etc/privacyidea/data.sqlite' 
    >         # This is used to encrypt the auth_token 
    >         #SECRET_KEY = 't0p s3cr3t' 
    >         # This is used to encrypt the admin passwords 
    >         #PI_PEPPER = "Never know..." 
    >         # This is used to encrypt the token data and token 
    passwords 
    >         PI_ENCFILE = '/etc/privacyidea/enckey' 
    >         # This is used to sign the audit log 
    >         # This is the dummy base class 
    >         #PI_AUDIT_MODULE = 
    'privacyidea.lib.auditmodules.base' 
    >         # This is the default 
    >         #PI_AUDIT_MODULE = 
    'privacyidea.lib.auditmodules.sqlaudit' 
    >         # This is used to sign the audit log 
    >         PI_AUDIT_KEY_PRIVATE = 
    '/etc/privacyidea/private.pem' 
    >         PI_AUDIT_KEY_PUBLIC = '/etc/privacyidea/public.pem' 
    >         PI_LOGFILE = '/var/log/privacyidea/privacyidea.log' 
    >         PI_LOGLEVEL = logging.INFO 
    >         
    >         
    >         #PI_CUSTOMIZATION = "/" 
    >         
    >         
    >         #PI_CSS = 
    '/static/customize/css/bootstrap-theme.css' 
    >         
    >         
    >         PI_PEPPER = 'changed' 
    >         SECRET_KEY = 'changed' 
    >         SQLALCHEMY_DATABASE_URI = 
    'mysql://pi:changed@localhost/pi' 
    > -- 
    > Please read the blog post about getting help 
    > https://www.privacyidea.org/getting-help/. 
    >   
    > For professional services and consultancy regarding two 
    factor 
    > authentication please visit 
    > https://netknights.it/en/leistungen/one-time-services/ 
    >   
    > In an enterprise environment you should get a SERVICE LEVEL 
    AGREEMENT 
    > which suites your needs for SECURITY, AVAILABILITY and 
    LIABILITY: 
    > 
    https://netknights.it/en/leistungen/service-level-agreements/ 
    > --- 
    > You received this message because you are subscribed to the 
    Google 
    > Groups "privacyidea" group. 
    > To unsubscribe from this group and stop receiving emails 
    from it, send 
    > an email to privacyidea...@googlegroups.com. 
    > To post to this group, send email to 
    priva...@googlegroups.com. 
    > Visit this group at 
    https://groups.google.com/group/privacyidea. 
    > To view this discussion on the web visit 
    > 

https://groups.google.com/d/msgid/privacyidea/74fc71fb-b8ea-4076-a8d2-a7b16bdb7bb6%40googlegroups.com.

    > For more options, visit https://groups.google.com/d/optout. 
    
    -- 
    Cornelius Kölbel 
    corneliu...@netknights.it 
    +49 151 2960 1417 
    
    NetKnights GmbH 
    http://www.netknights.it 
    Landgraf-Karl-Str. 19, 34131 Kassel, Germany 
    Tel: +49 561 3166797, Fax: +49 561 3166798 
    
    Amtsgericht Kassel, HRB 16405 
    Geschäftsführer: Cornelius Kölbel 


Please read the blog post about getting help
https://www.privacyidea.org/getting-help/.

For professional services and consultancy regarding two factor
authentication please visit
https://netknights.it/en/leistungen/one-time-services/

In an enterprise environment you should get a SERVICE LEVEL AGREEMENT
which suites your needs for SECURITY, AVAILABILITY and LIABILITY:
https://netknights.it/en/leistungen/service-level-agreements/

You received this message because you are subscribed to the Google
Groups “privacyidea” group.
To unsubscribe from this group and stop receiving emails from it, send
an email to privacyidea...@googlegroups.com.
To post to this group, send email to priva...@googlegroups.com.
Visit this group at https://groups.google.com/group/privacyidea.
To view this discussion on the web visit

https://groups.google.com/d/msgid/privacyidea/ef7fd503-e74e-47e9-8421-68fb3b1a30bb%40googlegroups.com.

For more options, visit https://groups.google.com/d/optout.


Cornelius Kölbel
corneliu...@netknights.it
+49 151 2960 1417

NetKnights GmbH
http://www.netknights.it
Landgraf-Karl-Str. 19, 34131 Kassel, Germany
Tel: +49 561 3166797, Fax: +49 561 3166798

Amtsgericht Kassel, HRB 16405
Geschäftsführer: Cornelius Kölbel

Thanks, is it save to use this dev-package for my production environment?

Kind Regards,
JohanOn Tuesday, June 14, 2016 at 2:59:35 PM UTC+2, Cornelius Kölbel wrote:

I just uploaded the source.
I will take a time for processing. The package privacyidea 2.13-dev1
will be available in may be half an hour.

Kind regards
Cornelius

Am Dienstag, den 14.06.2016, 05:19 -0700 schrieb jmdeking:

Great, if you can post the issue on github and fix this on short
notice would be really nice. Let me know if there is an update.

Our company is in the proces of reviewing your software and if this
satisfies our needs we are gonna buy a service contract for sure :slight_smile:

Thanks for your time.

Kind Regards,
Johan

On Tuesday, June 14, 2016 at 1:05:33 PM UTC+2, Cornelius Kölbel wrote:
Hello JM,

    thanks a lot for sending the detailed policy definition, this 
    helps a 
    lot. 
    
    I can confirm this being a bug in the UI. The server provides 
    all 
    information correct to the UI (default_tokentype and list of 
    enrollable 
    tokens). 
    
    If you wish to, you can open an issue at 
    https://github.com/privacyidea/privacyidea/issues or I will do 
    so later. 
    
    Kind regards 
    Cornelius 
    
    Am Dienstag, den 14.06.2016, 02:53 -0700 schrieb jmdeking: 
    > There is no conflicting policy: 
    > 
    > 
    > Please have a look below: 
    > --------------------------------------------- 
    > Policy Configuration 
    > -------------------- 
    > Policies define the behaviour of privacyIDEA. 
    > To learn more about policies read [#policies]_. 
    > 
    > 
    > The following policies are defined in your system: 
    > 
    > 
    > test 
    > ~~~~~~~~~~~~~~~~~ 
    > 
    > 
    > user: **[]** 
    > 
    > 
    > resolver: **[]** 
    > 
    > 
    > active: **True** 
    > 
    > 
    > adminrealm: **[]** 
    > 
    > 
    > condition: **0** 
    > 
    > 
    > realm: **[u'defrealm']** 
    > 
    > 
    > client: **[]** 
    > 
    > 
    > time: **** 
    > 
    > 
    > action: **{u'default_tokentype': u'email'}** 
    > 
    > 
    > scope: **webui** 
    > 
    > 
    > user 
    > ~~~~~~~~~~~~~~~~~ 
    > 
    > 
    > user: **[]** 
    > 
    > 
    > resolver: **[]** 
    > 
    > 
    > active: **True** 
    > 
    > 
    > adminrealm: **[]** 
    > 
    > 
    > condition: **0** 
    > 
    > 
    > realm: **[u'defrealm']** 
    > 
    > 
    > client: **[]** 
    > 
    > 
    > time: **** 
    > 
    > 
    > action: **{u'enrollSMS': True, u'enrollEMAIL': True}** 
    > 
    > 
    > scope: **user** 
    > 
    > On Monday, June 13, 2016 at 9:40:04 PM UTC+2, Cornelius  Kölbel wrote: 
    >         Please take a closer look at your policies. You 
    probably have 
    >         contradicting policies. If the user is not allowed 
    to enroll 
    >         the token 
    >         type you define as default_tokentype things will 
    happen, I do 
    >         not know. 
    >         
    >         You can go to Config->System->System documentation 
    which will 
    >         output a 
    >         restructured text. You can paste the section of 
    your 
    >         policies. 
    >         
    >         Starting at 
    >         
    >            Policy Configuration 
    >            -------------------- 
    >         
    >         Thanks. 
    >         
    >         Am Montag, den 13.06.2016, 05:53 -0700 schrieb 
    jmdeking: 
    >         > Action: 
    >         > I create a WebUI policy with the setting 
    "default_tokentype" 
    >         to the 
    >         > value email or sms or whatever and assign it to my 
    realm. 
    >         > 
    >         > 
    >         > Result: 
    >         > User logs in to webportal and when he clicks 
    "Enroll Token" 
    >         the first 
    >         > option is sms. 
    >         > Above is good! Great! 
    >         > 
    >         > 
    >         > Problem: 
    >         > i also create a User policy with a random setting 
    and assign 
    >         it to my 
    >         > realm. 
    >         > 
    >         > 
    >         > Problem: 
    >         > User logs io to webportal and when he clicks 
    "Enroll token" 
    >         the first 
    >         > option is not sms, but another available token 
    type. (in 
    >         this case 
    >         > email or totp) 
    >         > 
    >         > 
    >         > Question: What is going wrong? 
    >         > 
    >         > 
    >         > Things i have try'd to solve the problem: 
    >         > - Reverted to ;last snapshot without any 
    configuration and 
    >         after 
    >         > configuring the same result so no success. 
    >         > - in the webui profile checked everything off 
    except the 
    >         > "default_tokentype" alas no success. 
    >         > - in the user profile checked everything off 
    except enroll 
    >         email and 
    >         > enroll sms but no success. 
    >         > ----------------- 
    >         > *** My Setup *** 
    >         > 
    >         > 
    >         > Privacyidea Version: 2.12.1 (from ubuntu repo) 
    >         > 
    >         > 2x LDAP Backend in a realm. 
    >         > 
    >         > 
    >         > pi.cfg 
    >         > import logging 
    >         > # The realm, where users are allowed to login as 
    >         administrators 
    >         > SUPERUSER_REALM = ['super'] 
    >         > # Your database 
    >         > #SQLALCHEMY_DATABASE_URI = 
    >         'sqlite:////etc/privacyidea/data.sqlite' 
    >         > # This is used to encrypt the auth_token 
    >         > #SECRET_KEY = 'changed' 
    >         > # This is used to encrypt the admin passwords 
    >         > #PI_PEPPER = "Never know..." 
    >         > # This is used to encrypt the token data and 
    token 
    >         passwords 
    >         > PI_ENCFILE = '/etc/privacyidea/enckey' 
    >         > # This is used to sign the audit log 
    >         > # This is the dummy base class 
    >         > #PI_AUDIT_MODULE = 
    'privacyidea.lib.auditmodules.base' 
    >         > # This is the default 
    >         > #PI_AUDIT_MODULE = 
    'privacyidea.lib.auditmodules.sqlaudit' 
    >         > # This is used to sign the audit log 
    >         > PI_AUDIT_KEY_PRIVATE = 
    '/etc/privacyidea/private.pem' 
    >         > PI_AUDIT_KEY_PUBLIC = 
    '/etc/privacyidea/public.pem' 
    >         > PI_LOGFILE = 
    '/var/log/privacyidea/privacyidea.log' 
    >         > PI_LOGLEVEL = logging.INFO 
    >         > 
    >         > 
    >         > PI_PEPPER = 'changed' 
    >         > SECRET_KEY = 'changed' 
    >         > SQLALCHEMY_DATABASE_URI = 
    'mysql://pi:changed@localhost/pi' 
    >         > 
    >         > 
    >         > 
    >         > 
    >         > ssl_access.log when of i access the "Enroll Token" 
    page. 
    >         > 10.200.200.183 - - [06/Jun/2016:14:07:01 +0200] 
    200 
    >         "GET /policy/ 
    >         > HTTP/1.1"  1741 "https://changed/" "Mozilla/5.0 
    (X11; Linux 
    >         x86_64) 
    >         > AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu 
    >         Chromium/49.0.2623.108 
    >         > Chrome/49.0.2623.108 Safari/537.36" 
    >         > 10.200.200.183 - - [06/Jun/2016:14:07:07 +0200] 
    200 
    >         "POST /auth 
    >         > HTTP/1.1"  1816 "https://changed/" "Mozilla/5.0 
    (X11; Linux 
    >         x86_64) 
    >         > AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu 
    >         Chromium/49.0.2623.108 
    >         > Chrome/49.0.2623.108 Safari/537.36" 
    >         > 10.200.200.183 - - [06/Jun/2016:14:07:07 +0200] 
    200 
    >         "GET /token/ 
    >         > HTTP/1.1"  854 "https://changed/" "Mozilla/5.0 
    (X11; Linux 
    >         x86_64) 
    >         > AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu 
    >         Chromium/49.0.2623.108 
    >         > Chrome/49.0.2623.108 Safari/537.36" 
    >         > 10.200.200.183 - - [06/Jun/2016:14:07:07 +0200] 
    200 
    >         "GET /token/ 
    >         > HTTP/1.1"  854 "https://changedl/" "Mozilla/5.0 
    (X11; Linux 
    >         x86_64) 
    >         > AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu 
    >         Chromium/49.0.2623.108 
    >         > Chrome/49.0.2623.108 Safari/537.36" 
    >         > 10.200.200.183 - - [06/Jun/2016:14:07:09 +0200] 
    404 
    >         > 
    > 
    "GET /static/components/token/views/token.enrolled.email.html 
    >         > HTTP/1.1"  233 "https://changed/" "Mozilla/5.0 
    (X11; Linux 
    >         x86_64) 
    >         > AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu 
    >         Chromium/49.0.2623.108 
    >         > Chrome/49.0.2623.108 Safari/537.36" 
    >         > 10.200.200.183 - - [06/Jun/2016:14:07:09 +0200] 
    200 
    >         "GET /auth/rights 
    >         > HTTP/1.1"  926 "https://changed/" "Mozilla/5.0 
    (X11; Linux 
    >         x86_64) 
    >         > AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu 
    >         Chromium/49.0.2623.108 
    >         > Chrome/49.0.2623.108 Safari/537.36" 
    >         > 10.200.200.183 - - [06/Jun/2016:14:07:10 +0200] 
    404 
    >         > 
    "GET /static/components/token/views/token.enrolled.sms.html 
    >         HTTP/1.1" 
    >         >  233 "https://changed/" "Mozilla/5.0 (X11; Linux 
    x86_64) 
    >         > AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu 
    >         Chromium/49.0.2623.108 
    >         > Chrome/49.0.2623.108 Safari/537.36" 
    >         > 10.200.200.183 - - [06/Jun/2016:14:07:09 +0200] 
    200 
    >         > "GET /radiusserver/ HTTP/1.1"  789 
    "https://changed/" 
    >         "Mozilla/5.0 
    >         > (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, 
    like Gecko) 
    >         Ubuntu 
    >         > Chromium/49.0.2623.108 Chrome/49.0.2623.108 
    Safari/537.36" 
    >         > 10.200.200.183 - - [06/Jun/2016:14:07:09 +0200] 
    200 
    >         "GET /system/ 
    >         > HTTP/1.1"  834 "https://changed/" "Mozilla/5.0 
    (X11; Linux 
    >         x86_64) 
    >         > AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu 
    >         Chromium/49.0.2623.108 
    >         > Chrome/49.0.2623.108 Safari/537.36" 
    >         > 10.200.200.183 - - [06/Jun/2016:14:07:09 +0200] 
    200 
    >         "GET /caconnector/ 
    >         > HTTP/1.1"  789 "https://changed/" "Mozilla/5.0 
    (X11; Linux 
    >         x86_64) 
    >         > AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu 
    >         Chromium/49.0.2623.108 
    >         > Chrome/49.0.2623.108 Safari/537.36" 
    >         > 
    >         > On Monday, June 13, 2016 at 2:00:52 PM UTC+2,  Cornelius  Kölbel wrote: 
    >         >         My magic glass ball does not work. 
    >         >         Please send more information, what you 
    have 
    >         configured, what 
    >         >         you are 
    >         >         doing, what you are seeing and what you 
    expect. 
    >         >         
    >         >         https://www.privacyidea.org/getting-help/ 
    >         >         
    >         >         Am Montag, den 13.06.2016, 04:06 -0700  schrieb 
    >         jmdeking: 
    >         >         > I think i am running the latest 
    version. 
    >         >         > 
    >         >         > 
    >         >         > sudo apt-get install python-privacyidea 
    >         >         > Pakketlijsten worden ingelezen... Klaar 
    >         >         > Boom van vereisten wordt opgebouwd 
      
    >         >         > De status informatie wordt gelezen... 
    Klaar 
    >         >         > python-privacyidea is already latest 
    version. 
    >         >         > 
    >         >         > 
    >         >         > sudo apt-cache show python-privacyidea 
    >         >         > Package: python-privacyidea 
    >         >         > Priority: optional 
    >         >         > Section: python 
    >         >         > Installed-Size: 7811 
    >         >         > Maintainer: Cornelius Kölbel < 
    >         >         > Architecture: all 
    >         >         > Version: 2.12.1-1trusty 
    >         >         > Replaces: privacyidea (<< 2.0) 
    >         >         > Depends: python (>= 2.7), python (<< 
    2.8), 
    >         python:any (>= 
    >         >         > 2.7.1-0ubuntu2), python-flask, 
    >         python-flask-migrate, 
    >         >         > python-flask-sqlalchemy, 
    python-flask-script, 
    >         >         python-jinja2, 
    >         >         > python-mako, python-markupsafe, 
    python-pymysql, 
    >         >         python-pillow, 
    >         >         > python-pyjwt, python-yaml, 
    python-pygments, 
    >         >         python-sqlalchemy, 
    >         >         > python-werkzeug, alembic, 
    python-bcrypt, 
    >         python-bs4, 
    >         >         python-cffi, 
    >         >         > python-configobj, python-docutils, 
    >         python-funcparserlib, 
    >         >         > python-itsdangerous, python-ldap3, 
    >         python-netaddr, 
    >         >         python-passlib, 
    >         >         > python-pyasn1, python-openssl, 
    python-pycparser, 
    >         >         python-crypto, 
    >         >         > python-pyrad, python-usb, 
    python-qrcode, 
    >         python-requests, 
    >         >         > python-sqlsoup, python-ecdsa, 
    python-lxml, 
    >         python-pandas, 
    >         >         > python-matplotlib 
    >         >         > Breaks: privacyidea (<< 2.0) 
    >         >         > Filename: 
    >         >         > 
    >         > 
    > 

pool/main/p/python-privacyidea/python-privacyidea_2.12.1-1trusty_all.deb

    >         >         > Size: 1668282 
    >         >         > MD5sum: 
    33323220961aa83251d79fa768cf61a6 
    >         >         > SHA1: 
    a3e951809b8490c9b05931583bf9450d373b97ad 
    >         >         > SHA256: 
    >         >         > 
    >         > 
    > 
    d511d991903ac319b3d72cff34435cb8da7aff12adacbfb54e36635a448f747e 
    >         >         > Description-en: two-factor 
    authentication system 
    >         e.g. for 
    >         >         OTP devices 
    >         >         >  privacyIDEA: identity, multifactor 
    >         authentication, 
    >         >         authorization. 
    >         >         >  This package contains the python module 
    for 
    >         privacyIDEA. If 
    >         >         you want 
    >         >         >  to run it in a productive webserver you 
    might 
    >         want to 
    >         >         install 
    >         >         >  privacyidea-nginx or 
    privacyidea-apache2. 
    >         >         >  privacyIDEA is an open solution for 
    strong 
    >         two-factor 
    >         >         authentication. 
    >         >         >  privacyIDEA aims to not bind you to any 
    decision 
    >         of the 
    >         >         > authentication protocol 
    >         >         >  or it does not dictate you where your 
    user 
    >         information 
    >         >         should be 
    >         >         > stored. 
    >         >         >  This is achieved by its totally 
    modular 
    >         architecture. 
    >         >         >  privacyIDEA is not only open as far as 
    its 
    >         modular 
    >         >         architecture is 
    >         >         > concerned. 
    >         >         >  But privacyIDEA is completely licensed 
    under the 
    >         AGPLv3. 
    >         >         > Description-md5: 
    d83384f70b39fc92f22fd9110f628dd2 
    >         >         > 
    >         >         > On Monday, June 13, 2016 at 12:46:51 PM  UTC+2,  Cornelius  Kölbel wrote: 
    >         >         >         Hi, 
    >         >         >         
    >         >         >         this behaviour was 
    changed/fixed/clarified 
    >         in 
    >         >         version 2.8. 
    >         >         > 
    >         > 
    > 

https://github.com/privacyidea/privacyidea/blob/master/Changelog#L119

    >         >         >         
    >         >         >         Kind regards 
    >         >         >         Cornelius 
    >         >         >         
    >         >         >         Am Montag, den 13.06.2016, 03:29  0700  schrieb 
    >         >         jmdeking: 
    >         >         >         > To be clear, the files do 
    exist in the 
    >         directory 
    >         >         so i am not 
    >         >         >         sure what 
    >         >         >         > is happening here. 
    >         >         >         > 
    >         >         >         > 
    >         >         >         > 
    >         >         >         > 
    >         >         >         > On Monday, June 13, 2016 at  12:23:27 PM  UTC+2,  jmdeking  wrote: 
    >         >         >         >         Hi there, 
    >         >         >         >         
    >         >         >         >         
    >         >         >         >         I use the following 
    setup: 
    >         >         >         >         
    >         >         >         >         
    >         >         >         >         Ubuntu 14.04 with 
    Privacyidea 
    >         2.7 from the 
    >         >         provided 
    >         >         >         repo. 
    >         >         >         >         
    >         >         >         >         
    >         >         >         >         
    >         >         >         >         
    >         >         >         >         When i set a system 
    wide policy 
    >         to set 
    >         >         the 
    >         >         >         default_token type 
    >         >         >         >         to email a user logs 
    in but 
    >         doesnt get the 
    >         >         default 
    >         >         >         token i 
    >         >         >         >         setup in the WebUI 
    policy: 
    >         >         >         >         
    >         >         >         >         
    >         >         >         >         10.200.200.183 - - 
    >         [13/Jun/2016:12:20:55 
    >         >         +0200] 404 
    >         >         >         > 
    >         >         > 
    >         > 
    > 
    "GET /static/components/token/views/token.enrolled.email.html 
    >         >         >         >         HTTP/1.1"  233 
    >         "https://changed/" 
    >         >         "Mozilla/5.0 (X11; 
    >         >         >         Linux 
    >         >         >         >         x86_64) 
    AppleWebKit/537.36 
    >         (KHTML, like 
    >         >         Gecko) 
    >         >         >         Ubuntu 
    >         >         >         > 
    Chromium/49.0.2623.108 
    >         >         Chrome/49.0.2623.108 
    >         >         >         Safari/537.36" 
    >         >         >         >         10.200.200.183 - - 
    >         [13/Jun/2016:12:20:55 
    >         >         +0200] 404 
    >         >         >         > 
    >         >         > 
    >         > 
    > 
    "GET /static/components/token/views/token.enrolled.sms.html 
    >         >         >         >         HTTP/1.1"  233 
    >         "https://changed/" 
    >         >         "Mozilla/5.0 (X11; 
    >         >         >         Linux 
    >         >         >         >         x86_64) 
    AppleWebKit/537.36 
    >         (KHTML, like 
    >         >         Gecko) 
    >         >         >         Ubuntu 
    >         >         >         > 
    Chromium/49.0.2623.108 
    >         >         Chrome/49.0.2623.108 
    >         >         >         Safari/537.36" 
    >         >         >         >         
    >         >         >         >         
    >         >         >         >         Do you know what i 
    going wrong 
    >         here? 
    >         >         >         >         
    >         >         >         >         
    >         >         >         >         
    >         >         >         >         
    >         >         >         >         
    >         >         >         >         
    >         >         >         >         PI.CFG: 
    >         >         >         >         
    >         >         >         >         
    >         >         >         >         import logging 
    >         >         >         >         # The realm, where 
    users are 
    >         allowed to 
    >         >         login as 
    >         >         >         >         administrators 
    >         >         >         >         SUPERUSER_REALM = 
    ['super'] 
    >         >         >         >         # Your database 
    >         >         >         > 
    #SQLALCHEMY_DATABASE_URI = 
    >         >         >         > 
    >         'sqlite:////etc/privacyidea/data.sqlite' 
    >         >         >         >         # This is used to 
    encrypt the 
    >         auth_token 
    >         >         >         >         #SECRET_KEY = 't0p 
    s3cr3t' 
    >         >         >         >         # This is used to 
    encrypt the 
    >         admin 
    >         >         passwords 
    >         >         >         >         #PI_PEPPER = "Never 
    know..." 
    >         >         >         >         # This is used to 
    encrypt the 
    >         token data 
    >         >         and token 
    >         >         >         passwords 
    >         >         >         >         PI_ENCFILE = 
    >         '/etc/privacyidea/enckey' 
    >         >         >         >         # This is used to sign 
    the audit 
    >         log 
    >         >         >         >         # This is the dummy 
    base class 
    >         >         >         >         #PI_AUDIT_MODULE = 
    >         >         > 
    'privacyidea.lib.auditmodules.base' 
    >         >         >         >         # This is the default 
    >         >         >         >         #PI_AUDIT_MODULE = 
    >         >         > 
    'privacyidea.lib.auditmodules.sqlaudit' 
    >         >         >         >         # This is used to sign 
    the audit 
    >         log 
    >         >         >         >         PI_AUDIT_KEY_PRIVATE 
    = 
    >         >         >         '/etc/privacyidea/private.pem' 
    >         >         >         >         PI_AUDIT_KEY_PUBLIC = 
    >         >         '/etc/privacyidea/public.pem' 
    >         >         >         >         PI_LOGFILE = 
    >         >         '/var/log/privacyidea/privacyidea.log' 
    >         >         >         >         PI_LOGLEVEL = 
    logging.INFO 
    >         >         >         >         
    >         >         >         >         
    >         >         >         >         #PI_CUSTOMIZATION = 
    "/" 
    >         >         >         >         
    >         >         >         >         
    >         >         >         >         #PI_CSS = 
    >         >         > 
    >         '/static/customize/css/bootstrap-theme.css' 
    >         >         >         >         
    >         >         >         >         
    >         >         >         >         PI_PEPPER = 'changed' 
    >         >         >         >         SECRET_KEY = 
    'changed' 
    >         >         >         > 
    SQLALCHEMY_DATABASE_URI = 
    >         >         > 
    'mysql://pi:changed@localhost/pi' 
    >         >         >         > -- 
    >         >         >         > Please read the blog post 
    about getting 
    >         help 
    >         >         >         > 
    >         https://www.privacyidea.org/getting-help/. 
    >         >         >         >   
    >         >         >         > For professional services and 
    >         consultancy 
    >         >         regarding two 
    >         >         >         factor 
    >         >         >         > authentication please visit 
    >         >         >         > 
    >         > 
    > 
    https://netknights.it/en/leistungen/one-time-services/ 
    >         >         >         >   
    >         >         >         > In an enterprise environment 
    you should 
    >         get a 
    >         >         SERVICE LEVEL 
    >         >         >         AGREEMENT 
    >         >         >         > which suites your needs for 
    SECURITY, 
    >         AVAILABILITY 
    >         >         and 
    >         >         >         LIABILITY: 
    >         >         >         > 
    >         >         > 
    >         > 
    > 
    https://netknights.it/en/leistungen/service-level-agreements/ 
    >         >         >         > --- 
    >         >         >         > You received this message 
    because you 
    >         are 
    >         >         subscribed to the 
    >         >         >         Google 
    >         >         >         > Groups "privacyidea" group. 
    >         >         >         > To unsubscribe from this group 
    and stop 
    >         receiving 
    >         >         emails 
    >         >         >         from it, send 
    >         >         >         > an email to 
    >         privacyidea...@googlegroups.com. 
    >         >         >         > To post to this group, send 
    email to 
    >         >         >         priva...@googlegroups.com. 
    >         >         >         > Visit this group at 
    >         >         > 
    >         https://groups.google.com/group/privacyidea. 
    >         >         >         > To view this discussion on the 
    web 
    >         visit 
    >         >         >         > 
    >         >         > 
    >         > 
    > 

https://groups.google.com/d/msgid/privacyidea/74fc71fb-b8ea-4076-a8d2-a7b16bdb7bb6%40googlegroups.com.

    >         >         >         > For more options, visit 
    >         >         https://groups.google.com/d/optout. 
    >         >         >         
    >         >         >         -- 
    >         >         >         Cornelius Kölbel 
    >         >         >         corneliu...@netknights.it 
    >         >         >         +49 151 2960 1417 
    >         >         >         
    >         >         >         NetKnights GmbH 
    >         >         >         http://www.netknights.it 
    >         >         >         Landgraf-Karl-Str. 19, 34131 
    Kassel, 
    >         Germany 
    >         >         >         Tel: +49 561 3166797, Fax: +49 
    561 
    >         3166798 
    >         >         >         
    >         >         >         Amtsgericht Kassel, HRB 16405 
    >         >         >         Geschäftsführer: Cornelius 
    Kölbel 
    >         >         >         
    >         >         >         
    >         >         > -- 
    >         >         > Please read the blog post about getting 
    help 
    >         >         > 
    https://www.privacyidea.org/getting-help/. 
    >         >         >   
    >         >         > For professional services and 
    consultancy 
    >         regarding two 
    >         >         factor 
    >         >         > authentication please visit 
    >         >         > 
    > 
    https://netknights.it/en/leistungen/one-time-services/ 
    >         >         >   
    >         >         > In an enterprise environment you should 
    get a 
    >         SERVICE LEVEL 
    >         >         AGREEMENT 
    >         >         > which suites your needs for SECURITY, 
    AVAILABILITY 
    >         and 
    >         >         LIABILITY: 
    >         >         > 
    >         > 
    > 
    https://netknights.it/en/leistungen/service-level-agreements/ 
    >         >         > --- 
    >         >         > You received this message because you 
    are 
    >         subscribed to the 
    >         >         Google 
    >         >         > Groups "privacyidea" group. 
    >         >         > To unsubscribe from this group and stop 
    receiving 
    >         emails 
    >         >         from it, send 
    >         >         > an email to 
    privacyidea...@googlegroups.com. 
    >         >         > To post to this group, send email to 
    >         >         priva...@googlegroups.com. 
    >         >         > Visit this group at 
    >         > 
    https://groups.google.com/group/privacyidea. 
    >         >         > To view this discussion on the web 
    visit 
    >         >         > 
    >         > 
    > 

https://groups.google.com/d/msgid/privacyidea/ef7fd503-e74e-47e9-8421-68fb3b1a30bb%40googlegroups.com.

    >         >         > For more options, visit 
    >         https://groups.google.com/d/optout. 
    >         >         
    >         >         -- 
    >         >         Cornelius Kölbel 
    >         >         corneliu...@netknights.it 
    >         >         +49 151 2960 1417 
    >         >         
    >         >         NetKnights GmbH 
    >         >         http://www.netknights.it 
    >         >         Landgraf-Karl-Str. 19, 34131 Kassel, 
    Germany 
    >         >         Tel: +49 561 3166797, Fax: +49 561 
    3166798 
    >         >         
    >         >         Amtsgericht Kassel, HRB 16405 
    >         >         Geschäftsführer: Cornelius Kölbel 
    >         >         
    >         >         
    >         > -- 
    >         > Please read the blog post about getting help 
    >         > https://www.privacyidea.org/getting-help/. 
    >         >   
    >         > For professional services and consultancy 
    regarding two 
    >         factor 
    >         > authentication please visit 
    >         > 
    https://netknights.it/en/leistungen/one-time-services/ 
    >         >   
    >         > In an enterprise environment you should get a 
    SERVICE LEVEL 
    >         AGREEMENT 
    >         > which suites your needs for SECURITY, AVAILABILITY 
    and 
    >         LIABILITY: 
    >         > 
    > 
    https://netknights.it/en/leistungen/service-level-agreements/ 
    >         > --- 
    >         > You received this message because you are 
    subscribed to the 
    >         Google 
    >         > Groups "privacyidea" group. 
    >         > To unsubscribe from this group and stop receiving 
    emails 
    >         from it, send 
    >         > an email to privacyidea...@googlegroups.com. 
    >         > To post to this group, send email to 
    >         priva...@googlegroups.com. 
    >         > Visit this group at 
    >         https://groups.google.com/group/privacyidea. 
    >         > To view this discussion on the web visit 
    >         > 
    > 

https://groups.google.com/d/msgid/privacyidea/25228782-5705-431c-82f1-4e6e5775d782%40googlegroups.com.

    >         > For more options, visit 
    https://groups.google.com/d/optout. 
    >         
    >         -- 
    >         Cornelius Kölbel 
    >         corneliu...@netknights.it 
    >         +49 151 2960 1417 
    >         
    >         NetKnights GmbH 
    >         http://www.netknights.it 
    >         Landgraf-Karl-Str. 19, 34131 Kassel, Germany 
    >         Tel: +49 561 3166797, Fax: +49 561 3166798 
    >         
    >         Amtsgericht Kassel, HRB 16405 
    >         Geschäftsführer: Cornelius Kölbel 
    >         
    >         
    > -- 
    > Please read the blog post about getting help 
    > https://www.privacyidea.org/getting-help/. 
    >   
    > For professional services and consultancy regarding two 
    factor 
    > authentication please visit 
    > https://netknights.it/en/leistungen/one-time-services/ 
    >   
    > In an enterprise environment you should get a SERVICE LEVEL 
    AGREEMENT 
    > which suites your needs for SECURITY, AVAILABILITY and 
    LIABILITY: 
    > 
    https://netknights.it/en/leistungen/service-level-agreements/ 
    > --- 
    > You received this message because you are subscribed to the 
    Google 
    > Groups "privacyidea" group. 
    > To unsubscribe from this group and stop receiving emails 
    from it, send 
    > an email to privacyidea...@googlegroups.com. 
    > To post to this group, send email to 
    priva...@googlegroups.com. 
    > Visit this group at 
    https://groups.google.com/group/privacyidea. 
    > To view this discussion on the web visit 
    > 

https://groups.google.com/d/msgid/privacyidea/1553807c-aad2-4871-a4b1-06662671edbd%40googlegroups.com.

    > For more options, visit https://groups.google.com/d/optout. 
    
    -- 
    Cornelius Kölbel 
    corneliu...@netknights.it 
    +49 151 2960 1417 
    
    NetKnights GmbH 
    http://www.netknights.it 
    Landgraf-Karl-Str. 19, 34131 Kassel, Germany 
    Tel: +49 561 3166797, Fax: +49 561 3166798 
    
    Amtsgericht Kassel, HRB 16405 
    Geschäftsführer: Cornelius Kölbel 


Please read the blog post about getting help
https://www.privacyidea.org/getting-help/.

For professional services and consultancy regarding two factor
authentication please visit
https://netknights.it/en/leistungen/one-time-services/

In an enterprise environment you should get a SERVICE LEVEL AGREEMENT
which suites your needs for SECURITY, AVAILABILITY and LIABILITY:
https://netknights.it/en/leistungen/service-level-agreements/

You received this message because you are subscribed to the Google
Groups “privacyidea” group.
To unsubscribe from this group and stop receiving emails from it, send
an email to privacyidea...@googlegroups.com <javascript:>.
To post to this group, send email to priva...@googlegroups.com
<javascript:>.
Visit this group at https://groups.google.com/group/privacyidea.
To view this discussion on the web visit

https://groups.google.com/d/msgid/privacyidea/28f9be78-4fb9-4498-9124-bcb9c24c0483%40googlegroups.com.

For more options, visit https://groups.google.com/d/optout.


Cornelius Kölbel
corneliu...@netknights.it <javascript:>
+49 151 2960 1417

NetKnights GmbH
http://www.netknights.it
Landgraf-Karl-Str. 19, 34131 Kassel, Germany
Tel: +49 561 3166797, Fax: +49 561 3166798

Amtsgericht Kassel, HRB 16405
Geschäftsführer: Cornelius Kölbel

Understood for now i will test it on my test environment, any eta on this
being in the next stable release?

Kind Regards,
JohanOn Tuesday, June 14, 2016 at 3:26:44 PM UTC+2, Cornelius Kölbel wrote:

Hi Johan,

I am calling it “dev” because I do not want to take any responsibility
for these packages :wink:

I would not use it on a productive environment. The current packages
there are very likely no problem. But the repository can contain broken
packages next week.

Kind regards
Cornelius

Am Dienstag, den 14.06.2016, 06:11 -0700 schrieb jmdeking:

Thanks, is it save to use this dev-package for my production
environment?

Kind Regards,
Johan

On Tuesday, June 14, 2016 at 2:59:35 PM UTC+2, Cornelius Kölbel wrote:
I just uploaded the source.
I will take a time for processing. The package privacyidea
2.13-dev1
will be available in may be half an hour.

    Kind regards 
    Cornelius 
    
    Am Dienstag, den 14.06.2016, 05:19 -0700 schrieb jmdeking: 
    > Great, if you can post the issue on github and fix this on 
    short 
    > notice would be really nice. Let me know if there is an 
    update. 
    > 
    > 
    > Our company is in the proces of reviewing your software and 
    if this 
    > satisfies our needs we are gonna buy a service contract for 
    sure :) 
    > 
    > 
    > Thanks for your time. 
    > 
    > 
    > Kind Regards, 
    > Johan 
    > 
    > On Tuesday, June 14, 2016 at 1:05:33 PM UTC+2, Cornelius  Kölbel wrote: 
    >         Hello JM, 
    >         
    >         thanks a lot for sending the detailed policy 
    definition, this 
    >         helps a 
    >         lot. 
    >         
    >         I can confirm this being a bug in the UI. The server 
    provides 
    >         all 
    >         information correct to the UI (default_tokentype and 
    list of 
    >         enrollable 
    >         tokens). 
    >         
    >         If you wish to, you can open an issue at 
    >         https://github.com/privacyidea/privacyidea/issues or 
    I will do 
    >         so later. 
    >         
    >         Kind regards 
    >         Cornelius 
    >         
    >         Am Dienstag, den 14.06.2016, 02:53 -0700 schrieb 
    jmdeking: 
    >         > There is no conflicting policy: 
    >         > 
    >         > 
    >         > Please have a look below: 
    >         > --------------------------------------------- 
    >         > Policy Configuration 
    >         > -------------------- 
    >         > Policies define the behaviour of privacyIDEA. 
    >         > To learn more about policies read [#policies]_. 
    >         > 
    >         > 
    >         > The following policies are defined in your 
    system: 
    >         > 
    >         > 
    >         > test 
    >         > ~~~~~~~~~~~~~~~~~ 
    >         > 
    >         > 
    >         > user: **[]** 
    >         > 
    >         > 
    >         > resolver: **[]** 
    >         > 
    >         > 
    >         > active: **True** 
    >         > 
    >         > 
    >         > adminrealm: **[]** 
    >         > 
    >         > 
    >         > condition: **0** 
    >         > 
    >         > 
    >         > realm: **[u'defrealm']** 
    >         > 
    >         > 
    >         > client: **[]** 
    >         > 
    >         > 
    >         > time: **** 
    >         > 
    >         > 
    >         > action: **{u'default_tokentype': u'email'}** 
    >         > 
    >         > 
    >         > scope: **webui** 
    >         > 
    >         > 
    >         > user 
    >         > ~~~~~~~~~~~~~~~~~ 
    >         > 
    >         > 
    >         > user: **[]** 
    >         > 
    >         > 
    >         > resolver: **[]** 
    >         > 
    >         > 
    >         > active: **True** 
    >         > 
    >         > 
    >         > adminrealm: **[]** 
    >         > 
    >         > 
    >         > condition: **0** 
    >         > 
    >         > 
    >         > realm: **[u'defrealm']** 
    >         > 
    >         > 
    >         > client: **[]** 
    >         > 
    >         > 
    >         > time: **** 
    >         > 
    >         > 
    >         > action: **{u'enrollSMS': True, u'enrollEMAIL': 
    True}** 
    >         > 
    >         > 
    >         > scope: **user** 
    >         > 
    >         > On Monday, June 13, 2016 at 9:40:04 PM UTC+2,  Cornelius  Kölbel wrote: 
    >         >         Please take a closer look at your 
    policies. You 
    >         probably have 
    >         >         contradicting policies. If the user is not 
    allowed 
    >         to enroll 
    >         >         the token 
    >         >         type you define as default_tokentype 
    things will 
    >         happen, I do 
    >         >         not know. 
    >         >         
    >         >         You can go to Config->System->System 
    documentation 
    >         which will 
    >         >         output a 
    >         >         restructured text. You can paste the 
    section of 
    >         your 
    >         >         policies. 
    >         >         
    >         >         Starting at 
    >         >         
    >         >            Policy Configuration 
    >         >            -------------------- 
    >         >         
    >         >         Thanks. 
    >         >         
    >         >         Am Montag, den 13.06.2016, 05:53 -0700  schrieb 
    >         jmdeking: 
    >         >         > Action: 
    >         >         > I create a WebUI policy with the 
    setting 
    >         "default_tokentype" 
    >         >         to the 
    >         >         > value email or sms or whatever and 
    assign it to my 
    >         realm. 
    >         >         > 
    >         >         > 
    >         >         > Result: 
    >         >         > User logs in to webportal and when he 
    clicks 
    >         "Enroll Token" 
    >         >         the first 
    >         >         > option is sms. 
    >         >         > Above is good! Great! 
    >         >         > 
    >         >         > 
    >         >         > Problem: 
    >         >         > i also create a User policy with a 
    random setting 
    >         and assign 
    >         >         it to my 
    >         >         > realm. 
    >         >         > 
    >         >         > 
    >         >         > Problem: 
    >         >         > User logs io to webportal and when he 
    clicks 
    >         "Enroll token" 
    >         >         the first 
    >         >         > option is not sms, but another available 
    token 
    >         type. (in 
    >         >         this case 
    >         >         > email or totp) 
    >         >         > 
    >         >         > 
    >         >         > Question: What is going wrong? 
    >         >         > 
    >         >         > 
    >         >         > Things i have try'd to solve the 
    problem: 
    >         >         > - Reverted to ;last snapshot without 
    any 
    >         configuration and 
    >         >         after 
    >         >         > configuring the same result so no 
    success. 
    >         >         > - in the webui profile checked 
    everything off 
    >         except the 
    >         >         > "default_tokentype" alas no success. 
    >         >         > - in the user profile checked everything 
    off 
    >         except enroll 
    >         >         email and 
    >         >         > enroll sms but no success. 
    >         >         > ----------------- 
    >         >         > *** My Setup *** 
    >         >         > 
    >         >         > 
    >         >         > Privacyidea Version: 2.12.1 (from ubuntu 
    repo) 
    >         >         > 
    >         >         > 2x LDAP Backend in a realm. 
    >         >         > 
    >         >         > 
    >         >         > pi.cfg 
    >         >         > import logging 
    >         >         > # The realm, where users are allowed to 
    login as 
    >         >         administrators 
    >         >         > SUPERUSER_REALM = ['super'] 
    >         >         > # Your database 
    >         >         > #SQLALCHEMY_DATABASE_URI = 
    >         >         'sqlite:////etc/privacyidea/data.sqlite' 
    >         >         > # This is used to encrypt the 
    auth_token 
    >         >         > #SECRET_KEY = 'changed' 
    >         >         > # This is used to encrypt the admin 
    passwords 
    >         >         > #PI_PEPPER = "Never know..." 
    >         >         > # This is used to encrypt the token data 
    and 
    >         token 
    >         >         passwords 
    >         >         > PI_ENCFILE = '/etc/privacyidea/enckey' 
    >         >         > # This is used to sign the audit log 
    >         >         > # This is the dummy base class 
    >         >         > #PI_AUDIT_MODULE = 
    >         'privacyidea.lib.auditmodules.base' 
    >         >         > # This is the default 
    >         >         > #PI_AUDIT_MODULE = 
    >         'privacyidea.lib.auditmodules.sqlaudit' 
    >         >         > # This is used to sign the audit log 
    >         >         > PI_AUDIT_KEY_PRIVATE = 
    >         '/etc/privacyidea/private.pem' 
    >         >         > PI_AUDIT_KEY_PUBLIC = 
    >         '/etc/privacyidea/public.pem' 
    >         >         > PI_LOGFILE = 
    >         '/var/log/privacyidea/privacyidea.log' 
    >         >         > PI_LOGLEVEL = logging.INFO 
    >         >         > 
    >         >         > 
    >         >         > PI_PEPPER = 'changed' 
    >         >         > SECRET_KEY = 'changed' 
    >         >         > SQLALCHEMY_DATABASE_URI = 
    >         'mysql://pi:changed@localhost/pi' 
    >         >         > 
    >         >         > 
    >         >         > 
    >         >         > 
    >         >         > ssl_access.log when of i access the 
    "Enroll Token" 
    >         page. 
    >         >         > 10.200.200.183 - - [06/Jun/2016:14:07:01 
    +0200] 
    >         200 
    >         >         "GET /policy/ 
    >         >         > HTTP/1.1"  1741 "https://changed/" 
    "Mozilla/5.0 
    >         (X11; Linux 
    >         >         x86_64) 
    >         >         > AppleWebKit/537.36 (KHTML, like Gecko) 
    Ubuntu 
    >         >         Chromium/49.0.2623.108 
    >         >         > Chrome/49.0.2623.108 Safari/537.36" 
    >         >         > 10.200.200.183 - - [06/Jun/2016:14:07:07 
    +0200] 
    >         200 
    >         >         "POST /auth 
    >         >         > HTTP/1.1"  1816 "https://changed/" 
    "Mozilla/5.0 
    >         (X11; Linux 
    >         >         x86_64) 
    >         >         > AppleWebKit/537.36 (KHTML, like Gecko) 
    Ubuntu 
    >         >         Chromium/49.0.2623.108 
    >         >         > Chrome/49.0.2623.108 Safari/537.36" 
    >         >         > 10.200.200.183 - - [06/Jun/2016:14:07:07 
    +0200] 
    >         200 
    >         >         "GET /token/ 
    >         >         > HTTP/1.1"  854 "https://changed/" 
    "Mozilla/5.0 
    >         (X11; Linux 
    >         >         x86_64) 
    >         >         > AppleWebKit/537.36 (KHTML, like Gecko) 
    Ubuntu 
    >         >         Chromium/49.0.2623.108 
    >         >         > Chrome/49.0.2623.108 Safari/537.36" 
    >         >         > 10.200.200.183 - - [06/Jun/2016:14:07:07 
    +0200] 
    >         200 
    >         >         "GET /token/ 
    >         >         > HTTP/1.1"  854 "https://changedl/" 
    "Mozilla/5.0 
    >         (X11; Linux 
    >         >         x86_64) 
    >         >         > AppleWebKit/537.36 (KHTML, like Gecko) 
    Ubuntu 
    >         >         Chromium/49.0.2623.108 
    >         >         > Chrome/49.0.2623.108 Safari/537.36" 
    >         >         > 10.200.200.183 - - [06/Jun/2016:14:07:09 
    +0200] 
    >         404 
    >         >         > 
    >         > 
    > 
    "GET /static/components/token/views/token.enrolled.email.html 
    >         >         > HTTP/1.1"  233 "https://changed/" 
    "Mozilla/5.0 
    >         (X11; Linux 
    >         >         x86_64) 
    >         >         > AppleWebKit/537.36 (KHTML, like Gecko) 
    Ubuntu 
    >         >         Chromium/49.0.2623.108 
    >         >         > Chrome/49.0.2623.108 Safari/537.36" 
    >         >         > 10.200.200.183 - - [06/Jun/2016:14:07:09 
    +0200] 
    >         200 
    >         >         "GET /auth/rights 
    >         >         > HTTP/1.1"  926 "https://changed/" 
    "Mozilla/5.0 
    >         (X11; Linux 
    >         >         x86_64) 
    >         >         > AppleWebKit/537.36 (KHTML, like Gecko) 
    Ubuntu 
    >         >         Chromium/49.0.2623.108 
    >         >         > Chrome/49.0.2623.108 Safari/537.36" 
    >         >         > 10.200.200.183 - - [06/Jun/2016:14:07:10 
    +0200] 
    >         404 
    >         >         > 
    > 
    "GET /static/components/token/views/token.enrolled.sms.html 
    >         >         HTTP/1.1" 
    >         >         >  233 "https://changed/" "Mozilla/5.0 
    (X11; Linux 
    >         x86_64) 
    >         >         > AppleWebKit/537.36 (KHTML, like Gecko) 
    Ubuntu 
    >         >         Chromium/49.0.2623.108 
    >         >         > Chrome/49.0.2623.108 Safari/537.36" 
    >         >         > 10.200.200.183 - - [06/Jun/2016:14:07:09 
    +0200] 
    >         200 
    >         >         > "GET /radiusserver/ HTTP/1.1"  789 
    >         "https://changed/" 
    >         >         "Mozilla/5.0 
    >         >         > (X11; Linux x86_64) AppleWebKit/537.36 
    (KHTML, 
    >         like Gecko) 
    >         >         Ubuntu 
    >         >         > Chromium/49.0.2623.108 
    Chrome/49.0.2623.108 
    >         Safari/537.36" 
    >         >         > 10.200.200.183 - - [06/Jun/2016:14:07:09 
    +0200] 
    >         200 
    >         >         "GET /system/ 
    >         >         > HTTP/1.1"  834 "https://changed/" 
    "Mozilla/5.0 
    >         (X11; Linux 
    >         >         x86_64) 
    >         >         > AppleWebKit/537.36 (KHTML, like Gecko) 
    Ubuntu 
    >         >         Chromium/49.0.2623.108 
    >         >         > Chrome/49.0.2623.108 Safari/537.36" 
    >         >         > 10.200.200.183 - - [06/Jun/2016:14:07:09 
    +0200] 
    >         200 
    >         >         "GET /caconnector/ 
    >         >         > HTTP/1.1"  789 "https://changed/" 
    "Mozilla/5.0 
    >         (X11; Linux 
    >         >         x86_64) 
    >         >         > AppleWebKit/537.36 (KHTML, like Gecko) 
    Ubuntu 
    >         >         Chromium/49.0.2623.108 
    >         >         > Chrome/49.0.2623.108 Safari/537.36" 
    >         >         > 
    >         >         > On Monday, June 13, 2016 at 2:00:52 PM  UTC+2,  Cornelius  Kölbel wrote: 
    >         >         >         My magic glass ball does not 
    work. 
    >         >         >         Please send more information, 
    what you 
    >         have 
    >         >         configured, what 
    >         >         >         you are 
    >         >         >         doing, what you are seeing and 
    what you 
    >         expect. 
    >         >         >         
    >         >         > 
    https://www.privacyidea.org/getting-help/ 
    >         >         >         
    >         >         >         Am Montag, den 13.06.2016, 04:06  0700  schrieb 
    >         >         jmdeking: 
    >         >         >         > I think i am running the 
    latest 
    >         version. 
    >         >         >         > 
    >         >         >         > 
    >         >         >         > sudo apt-get install 
    python-privacyidea 
    >         >         >         > Pakketlijsten worden 
    ingelezen... Klaar 
    >         >         >         > Boom van vereisten wordt 
    opgebouwd 
    >           
    >         >         >         > De status informatie wordt 
    gelezen... 
    >         Klaar 
    >         >         >         > python-privacyidea is already 
    latest 
    >         version. 
    >         >         >         > 
    >         >         >         > 
    >         >         >         > sudo apt-cache show 
    python-privacyidea 
    >         >         >         > Package: python-privacyidea 
    >         >         >         > Priority: optional 
    >         >         >         > Section: python 
    >         >         >         > Installed-Size: 7811 
    >         >         >         > Maintainer: Cornelius Kölbel 
    < 
    >         >         >         > Architecture: all 
    >         >         >         > Version: 2.12.1-1trusty 
    >         >         >         > Replaces: privacyidea (<< 
    2.0) 
    >         >         >         > Depends: python (>= 2.7), 
    python (<< 
    >         2.8), 
    >         >         python:any (>= 
    >         >         >         > 2.7.1-0ubuntu2), 
    python-flask, 
    >         >         python-flask-migrate, 
    >         >         >         > python-flask-sqlalchemy, 
    >         python-flask-script, 
    >         >         >         python-jinja2, 
    >         >         >         > python-mako, 
    python-markupsafe, 
    >         python-pymysql, 
    >         >         >         python-pillow, 
    >         >         >         > python-pyjwt, python-yaml, 
    >         python-pygments, 
    >         >         >         python-sqlalchemy, 
    >         >         >         > python-werkzeug, alembic, 
    >         python-bcrypt, 
    >         >         python-bs4, 
    >         >         >         python-cffi, 
    >         >         >         > python-configobj, 
    python-docutils, 
    >         >         python-funcparserlib, 
    >         >         >         > python-itsdangerous, 
    python-ldap3, 
    >         >         python-netaddr, 
    >         >         >         python-passlib, 
    >         >         >         > python-pyasn1, 
    python-openssl, 
    >         python-pycparser, 
    >         >         >         python-crypto, 
    >         >         >         > python-pyrad, python-usb, 
    >         python-qrcode, 
    >         >         python-requests, 
    >         >         >         > python-sqlsoup, python-ecdsa, 
    >         python-lxml, 
    >         >         python-pandas, 
    >         >         >         > python-matplotlib 
    >         >         >         > Breaks: privacyidea (<< 2.0) 
    >         >         >         > Filename: 
    >         >         >         > 
    >         >         > 
    >         > 
    > 

pool/main/p/python-privacyidea/python-privacyidea_2.12.1-1trusty_all.deb

    >         >         >         > Size: 1668282 
    >         >         >         > MD5sum: 
    >         33323220961aa83251d79fa768cf61a6 
    >         >         >         > SHA1: 
    >         a3e951809b8490c9b05931583bf9450d373b97ad 
    >         >         >         > SHA256: 
    >         >         >         > 
    >         >         > 
    >         > 
    > 
    d511d991903ac319b3d72cff34435cb8da7aff12adacbfb54e36635a448f747e 
    >         >         >         > Description-en: two-factor 
    >         authentication system 
    >         >         e.g. for 
    >         >         >         OTP devices 
    >         >         >         >  privacyIDEA: identity, 
    multifactor 
    >         >         authentication, 
    >         >         >         authorization. 
    >         >         >         >  This package contains the 
    python module 
    >         for 
    >         >         privacyIDEA. If 
    >         >         >         you want 
    >         >         >         >  to run it in a productive 
    webserver you 
    >         might 
    >         >         want to 
    >         >         >         install 
    >         >         >         >  privacyidea-nginx or 
    >         privacyidea-apache2. 
    >         >         >         >  privacyIDEA is an open 
    solution for 
    >         strong 
    >         >         two-factor 
    >         >         >         authentication. 
    >         >         >         >  privacyIDEA aims to not bind 
    you to any 
    >         decision 
    >         >         of the 
    >         >         >         > authentication protocol 
    >         >         >         >  or it does not dictate you 
    where your 
    >         user 
    >         >         information 
    >         >         >         should be 
    >         >         >         > stored. 
    >         >         >         >  This is achieved by its 
    totally 
    >         modular 
    >         >         architecture. 
    >         >         >         >  privacyIDEA is not only open 
    as far as 
    >         its 
    >         >         modular 
    >         >         >         architecture is 
    >         >         >         > concerned. 
    >         >         >         >  But privacyIDEA is completely 
    licensed 
    >         under the 
    >         >         AGPLv3. 
    >         >         >         > Description-md5: 
    >         d83384f70b39fc92f22fd9110f628dd2 
    >         >         >         > 
    >         >         >         > On Monday, June 13, 2016 at  12:46:51 PM  UTC+2,  Cornelius  Kölbel wrote: 
    >         >         >         >         Hi, 
    >         >         >         >         
    >         >         >         >         this behaviour was 
    >         changed/fixed/clarified 
    >         >         in 
    >         >         >         version 2.8. 
    >         >         >         > 
    >         >         > 
    >         > 
    > 

https://github.com/privacyidea/privacyidea/blob/master/Changelog#L119

    >         >         >         >         
    >         >         >         >         Kind regards 
    >         >         >         >         Cornelius 
    >         >         >         >         
    >         >         >         >         Am Montag, den  13.06.2016, 03:29  0700  schrieb 
    >         >         >         jmdeking: 
    >         >         >         >         > To be clear, the 
    files do 
    >         exist in the 
    >         >         directory 
    >         >         >         so i am not 
    >         >         >         >         sure what 
    >         >         >         >         > is happening here. 
    >         >         >         >         > 
    >         >         >         >         > 
    >         >         >         >         > 
    >         >         >         >         > 
    >         >         >         >         > On Monday, June 13,  2016 at  12:23:27 PM  UTC+2,  jmdeking  wrote: 
    >         >         >         >         >         Hi there, 
    >         >         >         >         >         
    >         >         >         >         >         
    >         >         >         >         >         I use the 
    following 
    >         setup: 
    >         >         >         >         >         
    >         >         >         >         >         
    >         >         >         >         >         Ubuntu 14.04 
    with 
    >         Privacyidea 
    >         >         2.7 from the 
    >         >         >         provided 
    >         >         >         >         repo. 
    >         >         >         >         >         
    >         >         >         >         >         
    >         >         >         >         >         
    >         >         >         >         >         
    >         >         >         >         >         When i set a 
    system 
    >         wide policy 
    >         >         to set 
    >         >         >         the 
    >         >         >         >         default_token type 
    >         >         >         >         >         to email a 
    user logs 
    >         in but 
    >         >         doesnt get the 
    >         >         >         default 
    >         >         >         >         token i 
    >         >         >         >         >         setup in the 
    WebUI 
    >         policy: 
    >         >         >         >         >         
    >         >         >         >         >         
    >         >         >         >         > 
    10.200.200.183 - - 
    >         >         [13/Jun/2016:12:20:55 
    >         >         >         +0200] 404 
    >         >         >         >         > 
    >         >         >         > 
    >         >         > 
    >         > 
    > 
    "GET /static/components/token/views/token.enrolled.email.html 
    >         >         >         >         >         HTTP/1.1" 
     233 
    >         >         "https://changed/" 
    >         >         >         "Mozilla/5.0 (X11; 
    >         >         >         >         Linux 
    >         >         >         >         >         x86_64) 
    >         AppleWebKit/537.36 
    >         >         (KHTML, like 
    >         >         >         Gecko) 
    >         >         >         >         Ubuntu 
    >         >         >         >         > 
    >         Chromium/49.0.2623.108 
    >         >         >         Chrome/49.0.2623.108 
    >         >         >         >         Safari/537.36" 
    >         >         >         >         > 
    10.200.200.183 - - 
    >         >         [13/Jun/2016:12:20:55 
    >         >         >         +0200] 404 
    >         >         >         >         > 
    >         >         >         > 
    >         >         > 
    >         > 
    > 
    "GET /static/components/token/views/token.enrolled.sms.html 
    >         >         >         >         >         HTTP/1.1" 
     233 
    >         >         "https://changed/" 
    >         >         >         "Mozilla/5.0 (X11; 
    >         >         >         >         Linux 
    >         >         >         >         >         x86_64) 
    >         AppleWebKit/537.36 
    >         >         (KHTML, like 
    >         >         >         Gecko) 
    >         >         >         >         Ubuntu 
    >         >         >         >         > 
    >         Chromium/49.0.2623.108 
    >         >         >         Chrome/49.0.2623.108 
    >         >         >         >         Safari/537.36" 
    >         >         >         >         >         
    >         >         >         >         >         
    >         >         >         >         >         Do you know 
    what i 
    >         going wrong 
    >         >         here? 
    >         >         >         >         >         
    >         >         >         >         >         
    >         >         >         >         >         
    >         >         >         >         >         
    >         >         >         >         >         
    >         >         >         >         >         
    >         >         >         >         >         PI.CFG: 
    >         >         >         >         >         
    >         >         >         >         >         
    >         >         >         >         >         import 
    logging 
    >         >         >         >         >         # The realm, 
    where 
    >         users are 
    >         >         allowed to 
    >         >         >         login as 
    >         >         >         >         > 
    administrators 
    >         >         >         >         > 
    SUPERUSER_REALM = 
    >         ['super'] 
    >         >         >         >         >         # Your 
    database 
    >         >         >         >         > 
    >         #SQLALCHEMY_DATABASE_URI = 
    >         >         >         >         > 
    >         >         'sqlite:////etc/privacyidea/data.sqlite' 
    >         >         >         >         >         # This is 
    used to 
    >         encrypt the 
    >         >         auth_token 
    >         >         >         >         >         #SECRET_KEY 
    = 't0p 
    >         s3cr3t' 
    >         >         >         >         >         # This is 
    used to 
    >         encrypt the 
    >         >         admin 
    >         >         >         passwords 
    >         >         >         >         >         #PI_PEPPER = 
    "Never 
    >         know..." 
    >         >         >         >         >         # This is 
    used to 
    >         encrypt the 
    >         >         token data 
    >         >         >         and token 
    >         >         >         >         passwords 
    >         >         >         >         >         PI_ENCFILE 
    = 
    >         >         '/etc/privacyidea/enckey' 
    >         >         >         >         >         # This is 
    used to sign 
    >         the audit 
    >         >         log 
    >         >         >         >         >         # This is 
    the dummy 
    >         base class 
    >         >         >         >         > 
    #PI_AUDIT_MODULE = 
    >         >         >         > 
    >         'privacyidea.lib.auditmodules.base' 
    >         >         >         >         >         # This is 
    the default 
    >         >         >         >         > 
    #PI_AUDIT_MODULE = 
    >         >         >         > 
    >         'privacyidea.lib.auditmodules.sqlaudit' 
    >         >         >         >         >         # This is 
    used to sign 
    >         the audit 
    >         >         log 
    >         >         >         >         > 
    PI_AUDIT_KEY_PRIVATE 
    >         = 
    >         >         >         > 
    '/etc/privacyidea/private.pem' 
    >         >         >         >         > 
    PI_AUDIT_KEY_PUBLIC = 
    >         >         >         '/etc/privacyidea/public.pem' 
    >         >         >         >         >         PI_LOGFILE 
    = 
    >         >         > 
    '/var/log/privacyidea/privacyidea.log' 
    >         >         >         >         >         PI_LOGLEVEL 
    = 
    >         logging.INFO 
    >         >         >         >         >         
    >         >         >         >         >         
    >         >         >         >         > 
    #PI_CUSTOMIZATION = 
    >         "/" 
    >         >         >         >         >         
    >         >         >         >         >         
    >         >         >         >         >         #PI_CSS = 
    >         >         >         > 
    >         > 
    '/static/customize/css/bootstrap-theme.css' 
    >         >         >         >         >         
    >         >         >         >         >         
    >         >         >         >         >         PI_PEPPER = 
    'changed' 
    >         >         >         >         >         SECRET_KEY 
    = 
    >         'changed' 
    >         >         >         >         > 
    >         SQLALCHEMY_DATABASE_URI = 
    >         >         >         > 
    >         'mysql://pi:changed@localhost/pi' 
    >         >         >         >         > -- 
    >         >         >         >         > Please read the blog 
    post 
    >         about getting 
    >         >         help 
    >         >         >         >         > 
    >         > 
    https://www.privacyidea.org/getting-help/. 
    >         >         >         >         >   
    >         >         >         >         > For professional 
    services and 
    >         >         consultancy 
    >         >         >         regarding two 
    >         >         >         >         factor 
    >         >         >         >         > authentication 
    please visit 
    >         >         >         >         > 
    >         >         > 
    >         > 
    > 
    https://netknights.it/en/leistungen/one-time-services/ 
    >         >         >         >         >   
    >         >         >         >         > In an enterprise 
    environment 
    >         you should 
    >         >         get a 
    >         >         >         SERVICE LEVEL 
    >         >         >         >         AGREEMENT 
    >         >         >         >         > which suites your 
    needs for 
    >         SECURITY, 
    >         >         AVAILABILITY 
    >         >         >         and 
    >         >         >         >         LIABILITY: 
    >         >         >         >         > 
    >         >         >         > 
    >         >         > 
    >         > 
    > 
    https://netknights.it/en/leistungen/service-level-agreements/ 
    >         >         >         >         > --- 
    >         >         >         >         > You received this 
    message 
    >         because you 
    >         >         are 
    >         >         >         subscribed to the 
    >         >         >         >         Google 
    >         >         >         >         > Groups "privacyidea" 
    group. 
    >         >         >         >         > To unsubscribe from 
    this group 
    >         and stop 
    >         >         receiving 
    >         >         >         emails 
    >         >         >         >         from it, send 
    >         >         >         >         > an email to 
    >         >         privacyidea...@googlegroups.com. 
    >         >         >         >         > To post to this 
    group, send 
    >         email to 
    >         >         >         > 
    priva...@googlegroups.com. 
    >         >         >         >         > Visit this group at 
    >         >         >         > 
    >         > 
    https://groups.google.com/group/privacyidea. 
    >         >         >         >         > To view this 
    discussion on the 
    >         web 
    >         >         visit 
    >         >         >         >         > 
    >         >         >         > 
    >         >         > 
    >         > 
    > 

https://groups.google.com/d/msgid/privacyidea/74fc71fb-b8ea-4076-a8d2-a7b16bdb7bb6%40googlegroups.com.

    >         >         >         >         > For more options, 
    visit 
    >         >         > 
    https://groups.google.com/d/optout. 
    >         >         >         >         
    >         >         >         >         -- 
    >         >         >         >         Cornelius Kölbel 
    >         >         >         > 
    corneliu...@netknights.it 
    >         >         >         >         +49 151 2960 1417 
    >         >         >         >         
    >         >         >         >         NetKnights GmbH 
    >         >         >         > 
    http://www.netknights.it 
    >         >         >         >         Landgraf-Karl-Str. 19, 
    34131 
    >         Kassel, 
    >         >         Germany 
    >         >         >         >         Tel: +49 561 3166797, 
    Fax: +49 
    >         561 
    >         >         3166798 
    >         >         >         >         
    >         >         >         >         Amtsgericht Kassel, 
    HRB 16405 
    >         >         >         >         Geschäftsführer: 
    Cornelius 
    >         Kölbel 
    >         >         >         >         
    >         >         >         >         
    >         >         >         > -- 
    >         >         >         > Please read the blog post 
    about getting 
    >         help 
    >         >         >         > 
    >         https://www.privacyidea.org/getting-help/. 
    >         >         >         >   
    >         >         >         > For professional services and 
    >         consultancy 
    >         >         regarding two 
    >         >         >         factor 
    >         >         >         > authentication please visit 
    >         >         >         > 
    >         > 
    > 
    https://netknights.it/en/leistungen/one-time-services/ 
    >         >         >         >   
    >         >         >         > In an enterprise environment 
    you should 
    >         get a 
    >         >         SERVICE LEVEL 
    >         >         >         AGREEMENT 
    >         >         >         > which suites your needs for 
    SECURITY, 
    >         AVAILABILITY 
    >         >         and 
    >         >         >         LIABILITY: 
    >         >         >         > 
    >         >         > 
    >         > 
    > 
    https://netknights.it/en/leistungen/service-level-agreements/ 
    >         >         >         > --- 
    >         >         >         > You received this message 
    because you 
    >         are 
    >         >         subscribed to the 
    >         >         >         Google 
    >         >         >         > Groups "privacyidea" group. 
    >         >         >         > To unsubscribe from this group 
    and stop 
    >         receiving 
    >         >         emails 
    >         >         >         from it, send 
    >         >         >         > an email to 
    >         privacyidea...@googlegroups.com. 
    >         >         >         > To post to this group, send 
    email to 
    >         >         >         priva...@googlegroups.com. 
    >         >         >         > Visit this group at 
    >         >         > 
    >         https://groups.google.com/group/privacyidea. 
    >         >         >         > To view this discussion on the 
    web 
    >         visit 
    >         >         >         > 
    >         >         > 
    >         > 
    > 

https://groups.google.com/d/msgid/privacyidea/ef7fd503-e74e-47e9-8421-68fb3b1a30bb%40googlegroups.com.

    >         >         >         > For more options, visit 
    >         >         https://groups.google.com/d/optout. 
    >         >         >         
    >         >         >         -- 
    >         >         >         Cornelius Kölbel 
    >         >         >         corneliu...@netknights.it 
    >         >         >         +49 151 2960 1417 
    >         >         >         
    >         >         >         NetKnights GmbH 
    >         >         >         http://www.netknights.it 
    >         >         >         Landgraf-Karl-Str. 19, 34131 
    Kassel, 
    >         Germany 
    >         >         >         Tel: +49 561 3166797, Fax: +49 
    561 
    >         3166798 
    >         >         >         
    >         >         >         Amtsgericht Kassel, HRB 16405 
    >         >         >         Geschäftsführer: Cornelius 
    Kölbel 
    >         >         >         
    >         >         >         
    >         >         > -- 
    >         >         > Please read the blog post about getting 
    help 
    >         >         > 
    https://www.privacyidea.org/getting-help/. 
    >         >         >   
    >         >         > For professional services and 
    consultancy 
    >         regarding two 
    >         >         factor 
    >         >         > authentication please visit 
    >         >         > 
    > 
    https://netknights.it/en/leistungen/one-time-services/ 
    >         >         >   
    >         >         > In an enterprise environment you should 
    get a 
    >         SERVICE LEVEL 
    >         >         AGREEMENT 
    >         >         > which suites your needs for SECURITY, 
    AVAILABILITY 
    >         and 
    >         >         LIABILITY: 
    >         >         > 
    >         > 
    > 
    https://netknights.it/en/leistungen/service-level-agreements/ 
    >         >         > --- 
    >         >         > You received this message because you 
    are 
    >         subscribed to the 
    >         >         Google 
    >         >         > Groups "privacyidea" group. 
    >         >         > To unsubscribe from this group and stop 
    receiving 
    >         emails 
    >         >         from it, send 
    >         >         > an email to 
    privacyidea...@googlegroups.com. 
    >         >         > To post to this group, send email to 
    >         >         priva...@googlegroups.com. 
    >         >         > Visit this group at 
    >         > 
    https://groups.google.com/group/privacyidea. 
    >         >         > To view this discussion on the web 
    visit 
    >         >         > 
    >         > 
    > 

https://groups.google.com/d/msgid/privacyidea/25228782-5705-431c-82f1-4e6e5775d782%40googlegroups.com.

    >         >         > For more options, visit 
    >         https://groups.google.com/d/optout. 
    >         >         
    >         >         -- 
    >         >         Cornelius Kölbel 
    >         >         corneliu...@netknights.it 
    >         >         +49 151 2960 1417 
    >         >         
    >         >         NetKnights GmbH 
    >         >         http://www.netknights.it 
    >         >         Landgraf-Karl-Str. 19, 34131 Kassel, 
    Germany 
    >         >         Tel: +49 561 3166797, Fax: +49 561 
    3166798 
    >         >         
    >         >         Amtsgericht Kassel, HRB 16405 
    >         >         Geschäftsführer: Cornelius Kölbel 
    >         >         
    >         >         
    >         > -- 
    >         > Please read the blog post about getting help 
    >         > https://www.privacyidea.org/getting-help/. 
    >         >   
    >         > For professional services and consultancy 
    regarding two 
    >         factor 
    >         > authentication please visit 
    >         > 
    https://netknights.it/en/leistungen/one-time-services/ 
    >         >   
    >         > In an enterprise environment you should get a 
    SERVICE LEVEL 
    >         AGREEMENT 
    >         > which suites your needs for SECURITY, AVAILABILITY 
    and 
    >         LIABILITY: 
    >         > 
    > 
    https://netknights.it/en/leistungen/service-level-agreements/ 
    >         > --- 
    >         > You received this message because you are 
    subscribed to the 
    >         Google 
    >         > Groups "privacyidea" group. 
    >         > To unsubscribe from this group and stop receiving 
    emails 
    >         from it, send 
    >         > an email to privacyidea...@googlegroups.com. 
    >         > To post to this group, send email to 
    >         priva...@googlegroups.com. 
    >         > Visit this group at 
    >         https://groups.google.com/group/privacyidea. 
    >         > To view this discussion on the web visit 
    >         > 
    > 

https://groups.google.com/d/msgid/privacyidea/1553807c-aad2-4871-a4b1-06662671edbd%40googlegroups.com.

    >         > For more options, visit 
    https://groups.google.com/d/optout. 
    >         
    >         -- 
    >         Cornelius Kölbel 
    >         corneliu...@netknights.it 
    >         +49 151 2960 1417 
    >         
    >         NetKnights GmbH 
    >         http://www.netknights.it 
    >         Landgraf-Karl-Str. 19, 34131 Kassel, Germany 
    >         Tel: +49 561 3166797, Fax: +49 561 3166798 
    >         
    >         Amtsgericht Kassel, HRB 16405 
    >         Geschäftsführer: Cornelius Kölbel 
    >         
    >         
    > -- 
    > Please read the blog post about getting help 
    > https://www.privacyidea.org/getting-help/. 
    >   
    > For professional services and consultancy regarding two 
    factor 
    > authentication please visit 
    > https://netknights.it/en/leistungen/one-time-services/ 
    >   
    > In an enterprise environment you should get a SERVICE LEVEL 
    AGREEMENT 
    > which suites your needs for SECURITY, AVAILABILITY and 
    LIABILITY: 
    > 
    https://netknights.it/en/leistungen/service-level-agreements/ 
    > --- 
    > You received this message because you are subscribed to the 
    Google 
    > Groups "privacyidea" group. 
    > To unsubscribe from this group and stop receiving emails 
    from it, send 
    > an email to privacyidea...@googlegroups.com. 
    > To post to this group, send email to 
    priva...@googlegroups.com. 
    > Visit this group at 
    https://groups.google.com/group/privacyidea. 
    > To view this discussion on the web visit 
    > 

https://groups.google.com/d/msgid/privacyidea/28f9be78-4fb9-4498-9124-bcb9c24c0483%40googlegroups.com.

    > For more options, visit https://groups.google.com/d/optout. 
    
    -- 
    Cornelius Kölbel 
    corneliu...@netknights.it 
    +49 151 2960 1417 
    
    NetKnights GmbH 
    http://www.netknights.it 
    Landgraf-Karl-Str. 19, 34131 Kassel, Germany 
    Tel: +49 561 3166797, Fax: +49 561 3166798 
    
    Amtsgericht Kassel, HRB 16405 
    Geschäftsführer: Cornelius Kölbel 


Please read the blog post about getting help
https://www.privacyidea.org/getting-help/.

For professional services and consultancy regarding two factor
authentication please visit
https://netknights.it/en/leistungen/one-time-services/

In an enterprise environment you should get a SERVICE LEVEL AGREEMENT
which suites your needs for SECURITY, AVAILABILITY and LIABILITY:
https://netknights.it/en/leistungen/service-level-agreements/

You received this message because you are subscribed to the Google
Groups “privacyidea” group.
To unsubscribe from this group and stop receiving emails from it, send
an email to privacyidea...@googlegroups.com <javascript:>.
To post to this group, send email to priva...@googlegroups.com
<javascript:>.
Visit this group at https://groups.google.com/group/privacyidea.
To view this discussion on the web visit

https://groups.google.com/d/msgid/privacyidea/33bf016a-6429-45ee-a9a7-7574f97e383c%40googlegroups.com.

For more options, visit https://groups.google.com/d/optout.


Cornelius Kölbel
corneliu...@netknights.it <javascript:>
+49 151 2960 1417

NetKnights GmbH
http://www.netknights.it
Landgraf-Karl-Str. 19, 34131 Kassel, Germany
Tel: +49 561 3166797, Fax: +49 561 3166798

Amtsgericht Kassel, HRB 16405
Geschäftsführer: Cornelius Kölbel

Thanks i just replaced tokenControllers.js with your changed one on github,
works like a charm.On Tuesday, June 14, 2016 at 3:54:40 PM UTC+2, Cornelius Kölbel wrote:

Hi Johan,

we try to stick to the github milestones.
https://github.com/privacyidea/privacyidea/milestones

This would be end of June.

Kind regards
Cornelius

Am Dienstag, den 14.06.2016, 06:43 -0700 schrieb jmdeking:

Understood for now i will test it on my test environment, any eta on
this being in the next stable release?

Kind Regards,
Johan

On Tuesday, June 14, 2016 at 3:26:44 PM UTC+2, Cornelius Kölbel wrote:
Hi Johan,

    I am calling it "dev" because I do not want to take any 
    responsibility 
    for these packages ;-) 
    
    I would not use it on a productive environment. The current 
    packages 
    there are very likely no problem. But the repository can 
    contain broken 
    packages next week. 
    
    Kind regards 
    Cornelius 
    
    Am Dienstag, den 14.06.2016, 06:11 -0700 schrieb jmdeking: 
    > Thanks, is it save to use this dev-package for my 
    production 
    > environment? 
    > 
    > 
    > Kind Regards, 
    > Johan 
    > 
    > On Tuesday, June 14, 2016 at 2:59:35 PM UTC+2, Cornelius  Kölbel wrote: 
    >         I just uploaded the source. 
    >         I will take a time for processing. The package 
    privacyidea 
    >         2.13-dev1 
    >         will be available in may be half an hour. 
    >         
    >         Kind regards 
    >         Cornelius 
    >         
    >         Am Dienstag, den 14.06.2016, 05:19 -0700 schrieb 
    jmdeking: 
    >         > Great, if you can post the issue on github and fix 
    this on 
    >         short 
    >         > notice would be really nice. Let me know if there 
    is an 
    >         update. 
    >         > 
    >         > 
    >         > Our company is in the proces of reviewing your 
    software and 
    >         if this 
    >         > satisfies our needs we are gonna buy a service 
    contract for 
    >         sure :) 
    >         > 
    >         > 
    >         > Thanks for your time. 
    >         > 
    >         > 
    >         > Kind Regards, 
    >         > Johan 
    >         > 
    >         > On Tuesday, June 14, 2016 at 1:05:33 PM UTC+2,  Cornelius  Kölbel wrote: 
    >         >         Hello JM, 
    >         >         
    >         >         thanks a lot for sending the detailed 
    policy 
    >         definition, this 
    >         >         helps a 
    >         >         lot. 
    >         >         
    >         >         I can confirm this being a bug in the UI. 
    The server 
    >         provides 
    >         >         all 
    >         >         information correct to the UI 
    (default_tokentype and 
    >         list of 
    >         >         enrollable 
    >         >         tokens). 
    >         >         
    >         >         If you wish to, you can open an issue at 
    >         > 
    https://github.com/privacyidea/privacyidea/issues or 
    >         I will do 
    >         >         so later. 
    >         >         
    >         >         Kind regards 
    >         >         Cornelius 
    >         >         
    >         >         Am Dienstag, den 14.06.2016, 02:53 -0700  schrieb 
    >         jmdeking: 
    >         >         > There is no conflicting policy: 
    >         >         > 
    >         >         > 
    >         >         > Please have a look below: 
    >         >         > 
    --------------------------------------------- 
    >         >         > Policy Configuration 
    >         >         > -------------------- 
    >         >         > Policies define the behaviour of 
    privacyIDEA. 
    >         >         > To learn more about policies read 
    [#policies]_. 
    >         >         > 
    >         >         > 
    >         >         > The following policies are defined in 
    your 
    >         system: 
    >         >         > 
    >         >         > 
    >         >         > test 
    >         >         > ~~~~~~~~~~~~~~~~~ 
    >         >         > 
    >         >         > 
    >         >         > user: **[]** 
    >         >         > 
    >         >         > 
    >         >         > resolver: **[]** 
    >         >         > 
    >         >         > 
    >         >         > active: **True** 
    >         >         > 
    >         >         > 
    >         >         > adminrealm: **[]** 
    >         >         > 
    >         >         > 
    >         >         > condition: **0** 
    >         >         > 
    >         >         > 
    >         >         > realm: **[u'defrealm']** 
    >         >         > 
    >         >         > 
    >         >         > client: **[]** 
    >         >         > 
    >         >         > 
    >         >         > time: **** 
    >         >         > 
    >         >         > 
    >         >         > action: **{u'default_tokentype': 
    u'email'}** 
    >         >         > 
    >         >         > 
    >         >         > scope: **webui** 
    >         >         > 
    >         >         > 
    >         >         > user 
    >         >         > ~~~~~~~~~~~~~~~~~ 
    >         >         > 
    >         >         > 
    >         >         > user: **[]** 
    >         >         > 
    >         >         > 
    >         >         > resolver: **[]** 
    >         >         > 
    >         >         > 
    >         >         > active: **True** 
    >         >         > 
    >         >         > 
    >         >         > adminrealm: **[]** 
    >         >         > 
    >         >         > 
    >         >         > condition: **0** 
    >         >         > 
    >         >         > 
    >         >         > realm: **[u'defrealm']** 
    >         >         > 
    >         >         > 
    >         >         > client: **[]** 
    >         >         > 
    >         >         > 
    >         >         > time: **** 
    >         >         > 
    >         >         > 
    >         >         > action: **{u'enrollSMS': True, 
    u'enrollEMAIL': 
    >         True}** 
    >         >         > 
    >         >         > 
    >         >         > scope: **user** 
    >         >         > 
    >         >         > On Monday, June 13, 2016 at 9:40:04 PM  UTC+2,  Cornelius  Kölbel wrote: 
    >         >         >         Please take a closer look at 
    your 
    >         policies. You 
    >         >         probably have 
    >         >         >         contradicting policies. If the 
    user is not 
    >         allowed 
    >         >         to enroll 
    >         >         >         the token 
    >         >         >         type you define as 
    default_tokentype 
    >         things will 
    >         >         happen, I do 
    >         >         >         not know. 
    >         >         >         
    >         >         >         You can go to 
    Config->System->System 
    >         documentation 
    >         >         which will 
    >         >         >         output a 
    >         >         >         restructured text. You can paste 
    the 
    >         section of 
    >         >         your 
    >         >         >         policies. 
    >         >         >         
    >         >         >         Starting at 
    >         >         >         
    >         >         >            Policy Configuration 
    >         >         >            -------------------- 
    >         >         >         
    >         >         >         Thanks. 
    >         >         >         
    >         >         >         Am Montag, den 13.06.2016, 05:53  0700  schrieb 
    >         >         jmdeking: 
    >         >         >         > Action: 
    >         >         >         > I create a WebUI policy with 
    the 
    >         setting 
    >         >         "default_tokentype" 
    >         >         >         to the 
    >         >         >         > value email or sms or whatever 
    and 
    >         assign it to my 
    >         >         realm. 
    >         >         >         > 
    >         >         >         > 
    >         >         >         > Result: 
    >         >         >         > User logs in to webportal and 
    when he 
    >         clicks 
    >         >         "Enroll Token" 
    >         >         >         the first 
    >         >         >         > option is sms. 
    >         >         >         > Above is good! Great! 
    >         >         >         > 
    >         >         >         > 
    >         >         >         > Problem: 
    >         >         >         > i also create a User policy 
    with a 
    >         random setting 
    >         >         and assign 
    >         >         >         it to my 
    >         >         >         > realm. 
    >         >         >         > 
    >         >         >         > 
    >         >         >         > Problem: 
    >         >         >         > User logs io to webportal and 
    when he 
    >         clicks 
    >         >         "Enroll token" 
    >         >         >         the first 
    >         >         >         > option is not sms, but another 
    available 
    >         token 
    >         >         type. (in 
    >         >         >         this case 
    >         >         >         > email or totp) 
    >         >         >         > 
    >         >         >         > 
    >         >         >         > Question: What is going 
    wrong? 
    >         >         >         > 
    >         >         >         > 
    >         >         >         > Things i have try'd to solve 
    the 
    >         problem: 
    >         >         >         > - Reverted to ;last snapshot 
    without 
    >         any 
    >         >         configuration and 
    >         >         >         after 
    >         >         >         > configuring the same result so 
    no 
    >         success. 
    >         >         >         > - in the webui profile 
    checked 
    >         everything off 
    >         >         except the 
    >         >         >         > "default_tokentype" alas no 
    success. 
    >         >         >         > - in the user profile checked 
    everything 
    >         off 
    >         >         except enroll 
    >         >         >         email and 
    >         >         >         > enroll sms but no success. 
    >         >         >         > ----------------- 
    >         >         >         > *** My Setup *** 
    >         >         >         > 
    >         >         >         > 
    >         >         >         > Privacyidea Version: 2.12.1 
    (from ubuntu 
    >         repo) 
    >         >         >         > 
    >         >         >         > 2x LDAP Backend in a realm. 
    >         >         >         > 
    >         >         >         > 
    >         >         >         > pi.cfg 
    >         >         >         > import logging 
    >         >         >         > # The realm, where users are 
    allowed to 
    >         login as 
    >         >         >         administrators 
    >         >         >         > SUPERUSER_REALM = ['super'] 
    >         >         >         > # Your database 
    >         >         >         > #SQLALCHEMY_DATABASE_URI = 
    >         >         > 
    'sqlite:////etc/privacyidea/data.sqlite' 
    >         >         >         > # This is used to encrypt the 
    >         auth_token 
    >         >         >         > #SECRET_KEY = 'changed' 
    >         >         >         > # This is used to encrypt the 
    admin 
    >         passwords 
    >         >         >         > #PI_PEPPER = "Never know..." 
    >         >         >         > # This is used to encrypt the 
    token data 
    >         and 
    >         >         token 
    >         >         >         passwords 
    >         >         >         > PI_ENCFILE = 
    '/etc/privacyidea/enckey' 
    >         >         >         > # This is used to sign the 
    audit log 
    >         >         >         > # This is the dummy base 
    class 
    >         >         >         > #PI_AUDIT_MODULE = 
    >         >         'privacyidea.lib.auditmodules.base' 
    >         >         >         > # This is the default 
    >         >         >         > #PI_AUDIT_MODULE = 
    >         >         'privacyidea.lib.auditmodules.sqlaudit' 
    >         >         >         > # This is used to sign the 
    audit log 
    >         >         >         > PI_AUDIT_KEY_PRIVATE = 
    >         >         '/etc/privacyidea/private.pem' 
    >         >         >         > PI_AUDIT_KEY_PUBLIC = 
    >         >         '/etc/privacyidea/public.pem' 
    >         >         >         > PI_LOGFILE = 
    >         >         '/var/log/privacyidea/privacyidea.log' 
    >         >         >         > PI_LOGLEVEL = logging.INFO 
    >         >         >         > 
    >         >         >         > 
    >         >         >         > PI_PEPPER = 'changed' 
    >         >         >         > SECRET_KEY = 'changed' 
    >         >         >         > SQLALCHEMY_DATABASE_URI = 
    >         >         'mysql://pi:changed@localhost/pi' 
    >         >         >         > 
    >         >         >         > 
    >         >         >         > 
    >         >         >         > 
    >         >         >         > ssl_access.log when of i 
    access the 
    >         "Enroll Token" 
    >         >         page. 
    >         >         >         > 10.200.200.183 - - 
    [06/Jun/2016:14:07:01 
    >         +0200] 
    >         >         200 
    >         >         >         "GET /policy/ 
    >         >         >         > HTTP/1.1"  1741 
    "https://changed/" 
    >         "Mozilla/5.0 
    >         >         (X11; Linux 
    >         >         >         x86_64) 
    >         >         >         > AppleWebKit/537.36 (KHTML, 
    like Gecko) 
    >         Ubuntu 
    >         >         >         Chromium/49.0.2623.108 
    >         >         >         > Chrome/49.0.2623.108 
    Safari/537.36" 
    >         >         >         > 10.200.200.183 - - 
    [06/Jun/2016:14:07:07 
    >         +0200] 
    >         >         200 
    >         >         >         "POST /auth 
    >         >         >         > HTTP/1.1"  1816 
    "https://changed/" 
    >         "Mozilla/5.0 
    >         >         (X11; Linux 
    >         >         >         x86_64) 
    >         >         >         > AppleWebKit/537.36 (KHTML, 
    like Gecko) 
    >         Ubuntu 
    >         >         >         Chromium/49.0.2623.108 
    >         >         >         > Chrome/49.0.2623.108 
    Safari/537.36" 
    >         >         >         > 10.200.200.183 - - 
    [06/Jun/2016:14:07:07 
    >         +0200] 
    >         >         200 
    >         >         >         "GET /token/ 
    >         >         >         > HTTP/1.1"  854 
    "https://changed/" 
    >         "Mozilla/5.0 
    >         >         (X11; Linux 
    >         >         >         x86_64) 
    >         >         >         > AppleWebKit/537.36 (KHTML, 
    like Gecko) 
    >         Ubuntu 
    >         >         >         Chromium/49.0.2623.108 
    >         >         >         > Chrome/49.0.2623.108 
    Safari/537.36" 
    >         >         >         > 10.200.200.183 - - 
    [06/Jun/2016:14:07:07 
    >         +0200] 
    >         >         200 
    >         >         >         "GET /token/ 
    >         >         >         > HTTP/1.1"  854 
    "https://changedl/" 
    >         "Mozilla/5.0 
    >         >         (X11; Linux 
    >         >         >         x86_64) 
    >         >         >         > AppleWebKit/537.36 (KHTML, 
    like Gecko) 
    >         Ubuntu 
    >         >         >         Chromium/49.0.2623.108 
    >         >         >         > Chrome/49.0.2623.108 
    Safari/537.36" 
    >         >         >         > 10.200.200.183 - - 
    [06/Jun/2016:14:07:09 
    >         +0200] 
    >         >         404 
    >         >         >         > 
    >         >         > 
    >         > 
    > 
    "GET /static/components/token/views/token.enrolled.email.html 
    >         >         >         > HTTP/1.1"  233 
    "https://changed/" 
    >         "Mozilla/5.0 
    >         >         (X11; Linux 
    >         >         >         x86_64) 
    >         >         >         > AppleWebKit/537.36 (KHTML, 
    like Gecko) 
    >         Ubuntu 
    >         >         >         Chromium/49.0.2623.108 
    >         >         >         > Chrome/49.0.2623.108 
    Safari/537.36" 
    >         >         >         > 10.200.200.183 - - 
    [06/Jun/2016:14:07:09 
    >         +0200] 
    >         >         200 
    >         >         >         "GET /auth/rights 
    >         >         >         > HTTP/1.1"  926 
    "https://changed/" 
    >         "Mozilla/5.0 
    >         >         (X11; Linux 
    >         >         >         x86_64) 
    >         >         >         > AppleWebKit/537.36 (KHTML, 
    like Gecko) 
    >         Ubuntu 
    >         >         >         Chromium/49.0.2623.108 
    >         >         >         > Chrome/49.0.2623.108 
    Safari/537.36" 
    >         >         >         > 10.200.200.183 - - 
    [06/Jun/2016:14:07:10 
    >         +0200] 
    >         >         404 
    >         >         >         > 
    >         > 
    > 
    "GET /static/components/token/views/token.enrolled.sms.html 
    >         >         >         HTTP/1.1" 
    >         >         >         >  233 "https://changed/" 
    "Mozilla/5.0 
    >         (X11; Linux 
    >         >         x86_64) 
    >         >         >         > AppleWebKit/537.36 (KHTML, 
    like Gecko) 
    >         Ubuntu 
    >         >         >         Chromium/49.0.2623.108 
    >         >         >         > Chrome/49.0.2623.108 
    Safari/537.36" 
    >         >         >         > 10.200.200.183 - - 
    [06/Jun/2016:14:07:09 
    >         +0200] 
    >         >         200 
    >         >         >         > "GET /radiusserver/ HTTP/1.1" 
     789 
    >         >         "https://changed/" 
    >         >         >         "Mozilla/5.0 
    >         >         >         > (X11; Linux x86_64) 
    AppleWebKit/537.36 
    >         (KHTML, 
    >         >         like Gecko) 
    >         >         >         Ubuntu 
    >         >         >         > Chromium/49.0.2623.108 
    >         Chrome/49.0.2623.108 
    >         >         Safari/537.36" 
    >         >         >         > 10.200.200.183 - - 
    [06/Jun/2016:14:07:09 
    >         +0200] 
    >         >         200 
    >         >         >         "GET /system/ 
    >         >         >         > HTTP/1.1"  834 
    "https://changed/" 
    >         "Mozilla/5.0 
    >         >         (X11; Linux 
    >         >         >         x86_64) 
    >         >         >         > AppleWebKit/537.36 (KHTML, 
    like Gecko) 
    >         Ubuntu 
    >         >         >         Chromium/49.0.2623.108 
    >         >         >         > Chrome/49.0.2623.108 
    Safari/537.36" 
    >         >         >         > 10.200.200.183 - - 
    [06/Jun/2016:14:07:09 
    >         +0200] 
    >         >         200 
    >         >         >         "GET /caconnector/ 
    >         >         >         > HTTP/1.1"  789 
    "https://changed/" 
    >         "Mozilla/5.0 
    >         >         (X11; Linux 
    >         >         >         x86_64) 
    >         >         >         > AppleWebKit/537.36 (KHTML, 
    like Gecko) 
    >         Ubuntu 
    >         >         >         Chromium/49.0.2623.108 
    >         >         >         > Chrome/49.0.2623.108 
    Safari/537.36" 
    >         >         >         > 
    >         >         >         > On Monday, June 13, 2016 at  2:00:52 PM  UTC+2,  Cornelius  Kölbel wrote: 
    >         >         >         >         My magic glass ball 
    does not 
    >         work. 
    >         >         >         >         Please send more 
    information, 
    >         what you 
    >         >         have 
    >         >         >         configured, what 
    >         >         >         >         you are 
    >         >         >         >         doing, what you are 
    seeing and 
    >         what you 
    >         >         expect. 
    >         >         >         >         
    >         >         >         > 
    >         https://www.privacyidea.org/getting-help/ 
    >         >         >         >         
    >         >         >         >         Am Montag, den  13.06.2016, 04:06  0700  schrieb 
    >         >         >         jmdeking: 
    >         >         >         >         > I think i am running 
    the 
    >         latest 
    >         >         version. 
    >         >         >         >         > 
    >         >         >         >         > 
    >         >         >         >         > sudo apt-get 
    install 
    >         python-privacyidea 
    >         >         >         >         > Pakketlijsten 
    worden 
    >         ingelezen... Klaar 
    >         >         >         >         > Boom van vereisten 
    wordt 
    >         opgebouwd 
    >         >           
    >         >         >         >         > De status informatie 
    wordt 
    >         gelezen... 
    >         >         Klaar 
    >         >         >         >         > python-privacyidea 
    is already 
    >         latest 
    >         >         version. 
    >         >         >         >         > 
    >         >         >         >         > 
    >         >         >         >         > sudo apt-cache show 
    >         python-privacyidea 
    >         >         >         >         > Package: 
    python-privacyidea 
    >         >         >         >         > Priority: optional 
    >         >         >         >         > Section: python 
    >         >         >         >         > Installed-Size: 
    7811 
    >         >         >         >         > Maintainer: 
    Cornelius Kölbel 
    >         < 
    >         >         >         >         > Architecture: all 
    >         >         >         >         > Version: 
    2.12.1-1trusty 
    >         >         >         >         > Replaces: 
    privacyidea (<< 
    >         2.0) 
    >         >         >         >         > Depends: python (>= 
    2.7), 
    >         python (<< 
    >         >         2.8), 
    >         >         >         python:any (>= 
    >         >         >         >         > 2.7.1-0ubuntu2), 
    >         python-flask, 
    >         >         >         python-flask-migrate, 
    >         >         >         >         > 
    python-flask-sqlalchemy, 
    >         >         python-flask-script, 
    >         >         >         >         python-jinja2, 
    >         >         >         >         > python-mako, 
    >         python-markupsafe, 
    >         >         python-pymysql, 
    >         >         >         >         python-pillow, 
    >         >         >         >         > python-pyjwt, 
    python-yaml, 
    >         >         python-pygments, 
    >         >         >         >         python-sqlalchemy, 
    >         >         >         >         > python-werkzeug, 
    alembic, 
    >         >         python-bcrypt, 
    >         >         >         python-bs4, 
    >         >         >         >         python-cffi, 
    >         >         >         >         > python-configobj, 
    >         python-docutils, 
    >         >         >         python-funcparserlib, 
    >         >         >         >         > 
    python-itsdangerous, 
    >         python-ldap3, 
    >         >         >         python-netaddr, 
    >         >         >         >         python-passlib, 
    >         >         >         >         > python-pyasn1, 
    >         python-openssl, 
    >         >         python-pycparser, 
    >         >         >         >         python-crypto, 
    >         >         >         >         > python-pyrad, 
    python-usb, 
    >         >         python-qrcode, 
    >         >         >         python-requests, 
    >         >         >         >         > python-sqlsoup, 
    python-ecdsa, 
    >         >         python-lxml, 
    >         >         >         python-pandas, 
    >         >         >         >         > python-matplotlib 
    >         >         >         >         > Breaks: privacyidea 
    (<< 2.0) 
    >         >         >         >         > Filename: 
    >         >         >         >         > 
    >         >         >         > 
    >         >         > 
    >         > 
    > 

pool/main/p/python-privacyidea/python-privacyidea_2.12.1-1trusty_all.deb

    >         >         >         >         > Size: 1668282 
    >         >         >         >         > MD5sum: 
    >         >         33323220961aa83251d79fa768cf61a6 
    >         >         >         >         > SHA1: 
    >         >         a3e951809b8490c9b05931583bf9450d373b97ad 
    >         >         >         >         > SHA256: 
    >         >         >         >         > 
    >         >         >         > 
    >         >         > 
    >         > 
    > 
    d511d991903ac319b3d72cff34435cb8da7aff12adacbfb54e36635a448f747e 
    >         >         >         >         > Description-en: 
    two-factor 
    >         >         authentication system 
    >         >         >         e.g. for 
    >         >         >         >         OTP devices 
    >         >         >         >         >  privacyIDEA: 
    identity, 
    >         multifactor 
    >         >         >         authentication, 
    >         >         >         >         authorization. 
    >         >         >         >         >  This package 
    contains the 
    >         python module 
    >         >         for 
    >         >         >         privacyIDEA. If 
    >         >         >         >         you want 
    >         >         >         >         >  to run it in a 
    productive 
    >         webserver you 
    >         >         might 
    >         >         >         want to 
    >         >         >         >         install 
    >         >         >         >         >  privacyidea-nginx 
    or 
    >         >         privacyidea-apache2. 
    >         >         >         >         >  privacyIDEA is an 
    open 
    >         solution for 
    >         >         strong 
    >         >         >         two-factor 
    >         >         >         >         authentication. 
    >         >         >         >         >  privacyIDEA aims to 
    not bind 
    >         you to any 
    >         >         decision 
    >         >         >         of the 
    >         >         >         >         > authentication 
    protocol 
    >         >         >         >         >  or it does not 
    dictate you 
    >         where your 
    >         >         user 
    >         >         >         information 
    >         >         >         >         should be 
    >         >         >         >         > stored. 
    >         >         >         >         >  This is achieved by 
    its 
    >         totally 
    >         >         modular 
    >         >         >         architecture. 
    >         >         >         >         >  privacyIDEA is not 
    only open 
    >         as far as 
    >         >         its 
    >         >         >         modular 
    >         >         >         >         architecture is 
    >         >         >         >         > concerned. 
    >         >         >         >         >  But privacyIDEA is 
    completely 
    >         licensed 
    >         >         under the 
    >         >         >         AGPLv3. 
    >         >         >         >         > Description-md5: 
    >         >         d83384f70b39fc92f22fd9110f628dd2 
    >         >         >         >         > 
    >         >         >         >         > On Monday, June 13,  2016 at  12:46:51 PM  UTC+2,  Cornelius  Kölbel wrote: 
    >         >         >         >         >         Hi, 
    >         >         >         >         >         
    >         >         >         >         >         this 
    behaviour was 
    >         >         changed/fixed/clarified 
    >         >         >         in 
    >         >         >         >         version 2.8. 
    >         >         >         >         > 
    >         >         >         > 
    >         >         > 
    >         > 
    > 

https://github.com/privacyidea/privacyidea/blob/master/Changelog#L119

    >         >         >         >         >         
    >         >         >         >         >         Kind 
    regards 
    >         >         >         >         >         Cornelius 
    >         >         >         >         >         
    >         >         >         >         >         Am Montag,  den  13.06.2016, 03:29  0700  schrieb 
    >         >         >         >         jmdeking: 
    >         >         >         >         >         > To be 
    clear, the 
    >         files do 
    >         >         exist in the 
    >         >         >         directory 
    >         >         >         >         so i am not 
    >         >         >         >         >         sure what 
    >         >         >         >         >         > is 
    happening here. 
    >         >         >         >         >         > 
    >         >         >         >         >         > 
    >         >         >         >         >         > 
    >         >         >         >         >         > 
    >         >         >         >         >         > On Monday,  June 13,  2016 at  12:23:27 PM  UTC+2,  jmdeking  wrote: 
    >         >         >         >         >         >         Hi 
    there, 
    >         >         >         >         >         >         
    >         >         >         >         >         >         
    >         >         >         >         >         >         I 
    use the 
    >         following 
    >         >         setup: 
    >         >         >         >         >         >         
    >         >         >         >         >         >         
    >         >         >         >         >         > 
    Ubuntu 14.04 
    >         with 
    >         >         Privacyidea 
    >         >         >         2.7 from the 
    >         >         >         >         provided 
    >         >         >         >         >         repo. 
    >         >         >         >         >         >         
    >         >         >         >         >         >         
    >         >         >         >         >         >         
    >         >         >         >         >         >         
    >         >         >         >         >         > 
    When i set a 
    >         system 
    >         >         wide policy 
    >         >         >         to set 
    >         >         >         >         the 
    >         >         >         >         > 
    default_token type 
    >         >         >         >         >         >         to 
    email a 
    >         user logs 
    >         >         in but 
    >         >         >         doesnt get the 
    >         >         >         >         default 
    >         >         >         >         >         token i 
    >         >         >         >         >         > 
    setup in the 
    >         WebUI 
    >         >         policy: 
    >         >         >         >         >         >         
    >         >         >         >         >         >         
    >         >         >         >         >         > 
    >         10.200.200.183 - - 
    >         >         >         [13/Jun/2016:12:20:55 
    >         >         >         >         +0200] 404 
    >         >         >         >         >         > 
    >         >         >         >         > 
    >         >         >         > 
    >         >         > 
    >         > 
    > 
    "GET /static/components/token/views/token.enrolled.email.html 
    >         >         >         >         >         > 
    HTTP/1.1" 
    >          233 
    >         >         >         "https://changed/" 
    >         >         >         >         "Mozilla/5.0 (X11; 
    >         >         >         >         >         Linux 
    >         >         >         >         >         > 
    x86_64) 
    >         >         AppleWebKit/537.36 
    >         >         >         (KHTML, like 
    >         >         >         >         Gecko) 
    >         >         >         >         >         Ubuntu 
    >         >         >         >         >         > 
    >         >         Chromium/49.0.2623.108 
    >         >         >         >         Chrome/49.0.2623.108 
    >         >         >         >         > 
    Safari/537.36" 
    >         >         >         >         >         > 
    >         10.200.200.183 - - 
    >         >         >         [13/Jun/2016:12:20:55 
    >         >         >         >         +0200] 404 
    >         >         >         >         >         > 
    >         >         >         >         > 
    >         >         >         > 
    >         >         > 
    >         > 
    > 
    "GET /static/components/token/views/token.enrolled.sms.html 
    >         >         >         >

Hello JM,

thanks a lot for sending the detailed policy definition, this helps a
lot.

I can confirm this being a bug in the UI. The server provides all
information correct to the UI (default_tokentype and list of enrollable
tokens).

If you wish to, you can open an issue at
https://github.com/privacyidea/privacyidea/issues or I will do so later.

Kind regards
CorneliusAm Dienstag, den 14.06.2016, 02:53 -0700 schrieb jmdeking:

There is no conflicting policy:

Please have a look below:

Policy Configuration

Policies define the behaviour of privacyIDEA.
To learn more about policies read [#policies]_.

The following policies are defined in your system:

test



user: **[]**


resolver: **[]**


active: **True**


adminrealm: **[]**


condition: **0**


realm: **[u'defrealm']**


client: **[]**


time: ****


action: **{u'default_tokentype': u'email'}**


scope: **webui**


user

user: []

resolver: []

active: True

adminrealm: []

condition: 0

realm: [u’defrealm’]

client: []

time: ****

action: {u’enrollSMS’: True, u’enrollEMAIL’: True}

scope: user

On Monday, June 13, 2016 at 9:40:04 PM UTC+2, Cornelius Kölbel wrote:
Please take a closer look at your policies. You probably have
contradicting policies. If the user is not allowed to enroll
the token
type you define as default_tokentype things will happen, I do
not know.

    You can go to Config->System->System documentation which will
    output a 
    restructured text. You can paste the section of your
    policies. 
    
    Starting at 
    
       Policy Configuration 
       -------------------- 
    
    Thanks. 
    
    Am Montag, den 13.06.2016, 05:53 -0700 schrieb jmdeking: 
    > Action: 
    > I create a WebUI policy with the setting "default_tokentype"
    to the 
    > value email or sms or whatever and assign it to my realm. 
    > 
    > 
    > Result: 
    > User logs in to webportal and when he clicks "Enroll Token"
    the first 
    > option is sms. 
    > Above is good! Great! 
    > 
    > 
    > Problem: 
    > i also create a User policy with a random setting and assign
    it to my 
    > realm. 
    > 
    > 
    > Problem: 
    > User logs io to webportal and when he clicks "Enroll token"
    the first 
    > option is not sms, but another available token type. (in
    this case 
    > email or totp) 
    > 
    > 
    > Question: What is going wrong? 
    > 
    > 
    > Things i have try'd to solve the problem: 
    > - Reverted to ;last snapshot without any configuration and
    after 
    > configuring the same result so no success. 
    > - in the webui profile checked everything off except the 
    > "default_tokentype" alas no success. 
    > - in the user profile checked everything off except enroll
    email and 
    > enroll sms but no success. 
    > ----------------- 
    > *** My Setup *** 
    > 
    > 
    > Privacyidea Version: 2.12.1 (from ubuntu repo) 
    > 
    > 2x LDAP Backend in a realm. 
    > 
    > 
    > pi.cfg 
    > import logging 
    > # The realm, where users are allowed to login as
    administrators 
    > SUPERUSER_REALM = ['super'] 
    > # Your database 
    > #SQLALCHEMY_DATABASE_URI =
    'sqlite:////etc/privacyidea/data.sqlite' 
    > # This is used to encrypt the auth_token 
    > #SECRET_KEY = 'changed' 
    > # This is used to encrypt the admin passwords 
    > #PI_PEPPER = "Never know..." 
    > # This is used to encrypt the token data and token
    passwords 
    > PI_ENCFILE = '/etc/privacyidea/enckey' 
    > # This is used to sign the audit log 
    > # This is the dummy base class 
    > #PI_AUDIT_MODULE = 'privacyidea.lib.auditmodules.base' 
    > # This is the default 
    > #PI_AUDIT_MODULE = 'privacyidea.lib.auditmodules.sqlaudit' 
    > # This is used to sign the audit log 
    > PI_AUDIT_KEY_PRIVATE = '/etc/privacyidea/private.pem' 
    > PI_AUDIT_KEY_PUBLIC = '/etc/privacyidea/public.pem' 
    > PI_LOGFILE = '/var/log/privacyidea/privacyidea.log' 
    > PI_LOGLEVEL = logging.INFO 
    > 
    > 
    > PI_PEPPER = 'changed' 
    > SECRET_KEY = 'changed' 
    > SQLALCHEMY_DATABASE_URI = 'mysql://pi:changed@localhost/pi' 
    > 
    > 
    > 
    > 
    > ssl_access.log when of i access the "Enroll Token" page. 
    > 10.200.200.183 - - [06/Jun/2016:14:07:01 +0200] 200
    "GET /policy/ 
    > HTTP/1.1"  1741 "https://changed/" "Mozilla/5.0 (X11; Linux
    x86_64) 
    > AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu
    Chromium/49.0.2623.108 
    > Chrome/49.0.2623.108 Safari/537.36" 
    > 10.200.200.183 - - [06/Jun/2016:14:07:07 +0200] 200
    "POST /auth 
    > HTTP/1.1"  1816 "https://changed/" "Mozilla/5.0 (X11; Linux
    x86_64) 
    > AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu
    Chromium/49.0.2623.108 
    > Chrome/49.0.2623.108 Safari/537.36" 
    > 10.200.200.183 - - [06/Jun/2016:14:07:07 +0200] 200
    "GET /token/ 
    > HTTP/1.1"  854 "https://changed/" "Mozilla/5.0 (X11; Linux
    x86_64) 
    > AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu
    Chromium/49.0.2623.108 
    > Chrome/49.0.2623.108 Safari/537.36" 
    > 10.200.200.183 - - [06/Jun/2016:14:07:07 +0200] 200
    "GET /token/ 
    > HTTP/1.1"  854 "https://changedl/" "Mozilla/5.0 (X11; Linux
    x86_64) 
    > AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu
    Chromium/49.0.2623.108 
    > Chrome/49.0.2623.108 Safari/537.36" 
    > 10.200.200.183 - - [06/Jun/2016:14:07:09 +0200] 404 
    >
    "GET /static/components/token/views/token.enrolled.email.html 
    > HTTP/1.1"  233 "https://changed/" "Mozilla/5.0 (X11; Linux
    x86_64) 
    > AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu
    Chromium/49.0.2623.108 
    > Chrome/49.0.2623.108 Safari/537.36" 
    > 10.200.200.183 - - [06/Jun/2016:14:07:09 +0200] 200
    "GET /auth/rights 
    > HTTP/1.1"  926 "https://changed/" "Mozilla/5.0 (X11; Linux
    x86_64) 
    > AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu
    Chromium/49.0.2623.108 
    > Chrome/49.0.2623.108 Safari/537.36" 
    > 10.200.200.183 - - [06/Jun/2016:14:07:10 +0200] 404 
    > "GET /static/components/token/views/token.enrolled.sms.html
    HTTP/1.1" 
    >  233 "https://changed/" "Mozilla/5.0 (X11; Linux x86_64) 
    > AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu
    Chromium/49.0.2623.108 
    > Chrome/49.0.2623.108 Safari/537.36" 
    > 10.200.200.183 - - [06/Jun/2016:14:07:09 +0200] 200 
    > "GET /radiusserver/ HTTP/1.1"  789 "https://changed/"
    "Mozilla/5.0 
    > (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko)
    Ubuntu 
    > Chromium/49.0.2623.108 Chrome/49.0.2623.108 Safari/537.36" 
    > 10.200.200.183 - - [06/Jun/2016:14:07:09 +0200] 200
    "GET /system/ 
    > HTTP/1.1"  834 "https://changed/" "Mozilla/5.0 (X11; Linux
    x86_64) 
    > AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu
    Chromium/49.0.2623.108 
    > Chrome/49.0.2623.108 Safari/537.36" 
    > 10.200.200.183 - - [06/Jun/2016:14:07:09 +0200] 200
    "GET /caconnector/ 
    > HTTP/1.1"  789 "https://changed/" "Mozilla/5.0 (X11; Linux
    x86_64) 
    > AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu
    Chromium/49.0.2623.108 
    > Chrome/49.0.2623.108 Safari/537.36" 
    > 
    > On Monday, June 13, 2016 at 2:00:52 PM UTC+2, Cornelius Kölbel wrote: 
    >         My magic glass ball does not work. 
    >         Please send more information, what you have
    configured, what 
    >         you are 
    >         doing, what you are seeing and what you expect. 
    >         
    >         https://www.privacyidea.org/getting-help/ 
    >         
    >         Am Montag, den 13.06.2016, 04:06 -0700 schrieb
    jmdeking: 
    >         > I think i am running the latest version. 
    >         > 
    >         > 
    >         > sudo apt-get install python-privacyidea 
    >         > Pakketlijsten worden ingelezen... Klaar 
    >         > Boom van vereisten wordt opgebouwd       
    >         > De status informatie wordt gelezen... Klaar 
    >         > python-privacyidea is already latest version. 
    >         > 
    >         > 
    >         > sudo apt-cache show python-privacyidea 
    >         > Package: python-privacyidea 
    >         > Priority: optional 
    >         > Section: python 
    >         > Installed-Size: 7811 
    >         > Maintainer: Cornelius Kölbel < 
    >         > Architecture: all 
    >         > Version: 2.12.1-1trusty 
    >         > Replaces: privacyidea (<< 2.0) 
    >         > Depends: python (>= 2.7), python (<< 2.8),
    python:any (>= 
    >         > 2.7.1-0ubuntu2), python-flask,
    python-flask-migrate, 
    >         > python-flask-sqlalchemy, python-flask-script, 
    >         python-jinja2, 
    >         > python-mako, python-markupsafe, python-pymysql, 
    >         python-pillow, 
    >         > python-pyjwt, python-yaml, python-pygments, 
    >         python-sqlalchemy, 
    >         > python-werkzeug, alembic, python-bcrypt,
    python-bs4, 
    >         python-cffi, 
    >         > python-configobj, python-docutils,
    python-funcparserlib, 
    >         > python-itsdangerous, python-ldap3,
    python-netaddr, 
    >         python-passlib, 
    >         > python-pyasn1, python-openssl, python-pycparser, 
    >         python-crypto, 
    >         > python-pyrad, python-usb, python-qrcode,
    python-requests, 
    >         > python-sqlsoup, python-ecdsa, python-lxml,
    python-pandas, 
    >         > python-matplotlib 
    >         > Breaks: privacyidea (<< 2.0) 
    >         > Filename: 
    >         > 
    >
    pool/main/p/python-privacyidea/python-privacyidea_2.12.1-1trusty_all.deb 
    >         > Size: 1668282 
    >         > MD5sum: 33323220961aa83251d79fa768cf61a6 
    >         > SHA1: a3e951809b8490c9b05931583bf9450d373b97ad 
    >         > SHA256: 
    >         > 
    >
    d511d991903ac319b3d72cff34435cb8da7aff12adacbfb54e36635a448f747e 
    >         > Description-en: two-factor authentication system
    e.g. for 
    >         OTP devices 
    >         >  privacyIDEA: identity, multifactor
    authentication, 
    >         authorization. 
    >         >  This package contains the python module for
    privacyIDEA. If 
    >         you want 
    >         >  to run it in a productive webserver you might
    want to 
    >         install 
    >         >  privacyidea-nginx or privacyidea-apache2. 
    >         >  privacyIDEA is an open solution for strong
    two-factor 
    >         authentication. 
    >         >  privacyIDEA aims to not bind you to any decision
    of the 
    >         > authentication protocol 
    >         >  or it does not dictate you where your user
    information 
    >         should be 
    >         > stored. 
    >         >  This is achieved by its totally modular
    architecture. 
    >         >  privacyIDEA is not only open as far as its
    modular 
    >         architecture is 
    >         > concerned. 
    >         >  But privacyIDEA is completely licensed under the
    AGPLv3. 
    >         > Description-md5: d83384f70b39fc92f22fd9110f628dd2 
    >         > 
    >         > On Monday, June 13, 2016 at 12:46:51 PM UTC+2, Cornelius  Kölbel wrote: 
    >         >         Hi, 
    >         >         
    >         >         this behaviour was changed/fixed/clarified
    in 
    >         version 2.8. 
    >         > 
    >
    https://github.com/privacyidea/privacyidea/blob/master/Changelog#L119 
    >         >         
    >         >         Kind regards 
    >         >         Cornelius 
    >         >         
    >         >         Am Montag, den 13.06.2016, 03:29 -0700 schrieb 
    >         jmdeking: 
    >         >         > To be clear, the files do exist in the
    directory 
    >         so i am not 
    >         >         sure what 
    >         >         > is happening here. 
    >         >         > 
    >         >         > 
    >         >         > 
    >         >         > 
    >         >         > On Monday, June 13, 2016 at 12:23:27 PM UTC+2,  jmdeking  wrote: 
    >         >         >         Hi there, 
    >         >         >         
    >         >         >         
    >         >         >         I use the following setup: 
    >         >         >         
    >         >         >         
    >         >         >         Ubuntu 14.04 with Privacyidea
    2.7 from the 
    >         provided 
    >         >         repo. 
    >         >         >         
    >         >         >         
    >         >         >         
    >         >         >         
    >         >         >         When i set a system wide policy
    to set 
    >         the 
    >         >         default_token type 
    >         >         >         to email a user logs in but
    doesnt get the 
    >         default 
    >         >         token i 
    >         >         >         setup in the WebUI policy: 
    >         >         >         
    >         >         >         
    >         >         >         10.200.200.183 - -
    [13/Jun/2016:12:20:55 
    >         +0200] 404 
    >         >         > 
    >         > 
    >
    "GET /static/components/token/views/token.enrolled.email.html 
    >         >         >         HTTP/1.1"  233
    "https://changed/" 
    >         "Mozilla/5.0 (X11; 
    >         >         Linux 
    >         >         >         x86_64) AppleWebKit/537.36
    (KHTML, like 
    >         Gecko) 
    >         >         Ubuntu 
    >         >         >         Chromium/49.0.2623.108 
    >         Chrome/49.0.2623.108 
    >         >         Safari/537.36" 
    >         >         >         10.200.200.183 - -
    [13/Jun/2016:12:20:55 
    >         +0200] 404 
    >         >         > 
    >         > 
    >
    "GET /static/components/token/views/token.enrolled.sms.html 
    >         >         >         HTTP/1.1"  233
    "https://changed/" 
    >         "Mozilla/5.0 (X11; 
    >         >         Linux 
    >         >         >         x86_64) AppleWebKit/537.36
    (KHTML, like 
    >         Gecko) 
    >         >         Ubuntu 
    >         >         >         Chromium/49.0.2623.108 
    >         Chrome/49.0.2623.108 
    >         >         Safari/537.36" 
    >         >         >         
    >         >         >         
    >         >         >         Do you know what i going wrong
    here? 
    >         >         >         
    >         >         >         
    >         >         >         
    >         >         >         
    >         >         >         
    >         >         >         
    >         >         >         PI.CFG: 
    >         >         >         
    >         >         >         
    >         >         >         import logging 
    >         >         >         # The realm, where users are
    allowed to 
    >         login as 
    >         >         >         administrators 
    >         >         >         SUPERUSER_REALM = ['super'] 
    >         >         >         # Your database 
    >         >         >         #SQLALCHEMY_DATABASE_URI = 
    >         >         >
    'sqlite:////etc/privacyidea/data.sqlite' 
    >         >         >         # This is used to encrypt the
    auth_token 
    >         >         >         #SECRET_KEY = 't0p s3cr3t' 
    >         >         >         # This is used to encrypt the
    admin 
    >         passwords 
    >         >         >         #PI_PEPPER = "Never know..." 
    >         >         >         # This is used to encrypt the
    token data 
    >         and token 
    >         >         passwords 
    >         >         >         PI_ENCFILE =
    '/etc/privacyidea/enckey' 
    >         >         >         # This is used to sign the audit
    log 
    >         >         >         # This is the dummy base class 
    >         >         >         #PI_AUDIT_MODULE = 
    >         >         'privacyidea.lib.auditmodules.base' 
    >         >         >         # This is the default 
    >         >         >         #PI_AUDIT_MODULE = 
    >         >         'privacyidea.lib.auditmodules.sqlaudit' 
    >         >         >         # This is used to sign the audit
    log 
    >         >         >         PI_AUDIT_KEY_PRIVATE = 
    >         >         '/etc/privacyidea/private.pem' 
    >         >         >         PI_AUDIT_KEY_PUBLIC = 
    >         '/etc/privacyidea/public.pem' 
    >         >         >         PI_LOGFILE = 
    >         '/var/log/privacyidea/privacyidea.log' 
    >         >         >         PI_LOGLEVEL = logging.INFO 
    >         >         >         
    >         >         >         
    >         >         >         #PI_CUSTOMIZATION = "/" 
    >         >         >         
    >         >         >         
    >         >         >         #PI_CSS = 
    >         >
    '/static/customize/css/bootstrap-theme.css' 
    >         >         >         
    >         >         >         
    >         >         >         PI_PEPPER = 'changed' 
    >         >         >         SECRET_KEY = 'changed' 
    >         >         >         SQLALCHEMY_DATABASE_URI = 
    >         >         'mysql://pi:changed@localhost/pi' 
    >         >         > -- 
    >         >         > Please read the blog post about getting
    help 
    >         >         >
    https://www.privacyidea.org/getting-help/. 
    >         >         >   
    >         >         > For professional services and
    consultancy 
    >         regarding two 
    >         >         factor 
    >         >         > authentication please visit 
    >         >         > 
    >
    https://netknights.it/en/leistungen/one-time-services/ 
    >         >         >   
    >         >         > In an enterprise environment you should
    get a 
    >         SERVICE LEVEL 
    >         >         AGREEMENT 
    >         >         > which suites your needs for SECURITY,
    AVAILABILITY 
    >         and 
    >         >         LIABILITY: 
    >         >         > 
    >         > 
    >
    https://netknights.it/en/leistungen/service-level-agreements/ 
    >         >         > --- 
    >         >         > You received this message because you
    are 
    >         subscribed to the 
    >         >         Google 
    >         >         > Groups "privacyidea" group. 
    >         >         > To unsubscribe from this group and stop
    receiving 
    >         emails 
    >         >         from it, send 
    >         >         > an email to
    privacyidea...@googlegroups.com. 
    >         >         > To post to this group, send email to 
    >         >         priva...@googlegroups.com. 
    >         >         > Visit this group at 
    >         >
    https://groups.google.com/group/privacyidea. 
    >         >         > To view this discussion on the web
    visit 
    >         >         > 
    >         > 
    >
    https://groups.google.com/d/msgid/privacyidea/74fc71fb-b8ea-4076-a8d2-a7b16bdb7bb6%40googlegroups.com. 
    >         >         > For more options, visit 
    >         https://groups.google.com/d/optout. 
    >         >         
    >         >         -- 
    >         >         Cornelius Kölbel 
    >         >         corneliu...@netknights.it 
    >         >         +49 151 2960 1417 
    >         >         
    >         >         NetKnights GmbH 
    >         >         http://www.netknights.it 
    >         >         Landgraf-Karl-Str. 19, 34131 Kassel,
    Germany 
    >         >         Tel: +49 561 3166797, Fax: +49 561
    3166798 
    >         >         
    >         >         Amtsgericht Kassel, HRB 16405 
    >         >         Geschäftsführer: Cornelius Kölbel 
    >         >         
    >         >         
    >         > -- 
    >         > Please read the blog post about getting help 
    >         > https://www.privacyidea.org/getting-help/. 
    >         >   
    >         > For professional services and consultancy
    regarding two 
    >         factor 
    >         > authentication please visit 
    >         >
    https://netknights.it/en/leistungen/one-time-services/ 
    >         >   
    >         > In an enterprise environment you should get a
    SERVICE LEVEL 
    >         AGREEMENT 
    >         > which suites your needs for SECURITY, AVAILABILITY
    and 
    >         LIABILITY: 
    >         > 
    >
    https://netknights.it/en/leistungen/service-level-agreements/ 
    >         > --- 
    >         > You received this message because you are
    subscribed to the 
    >         Google 
    >         > Groups "privacyidea" group. 
    >         > To unsubscribe from this group and stop receiving
    emails 
    >         from it, send 
    >         > an email to privacyidea...@googlegroups.com. 
    >         > To post to this group, send email to 
    >         priva...@googlegroups.com. 
    >         > Visit this group at 
    >         https://groups.google.com/group/privacyidea. 
    >         > To view this discussion on the web visit 
    >         > 
    >
    https://groups.google.com/d/msgid/privacyidea/ef7fd503-e74e-47e9-8421-68fb3b1a30bb%40googlegroups.com. 
    >         > For more options, visit
    https://groups.google.com/d/optout. 
    >         
    >         -- 
    >         Cornelius Kölbel 
    >         corneliu...@netknights.it 
    >         +49 151 2960 1417 
    >         
    >         NetKnights GmbH 
    >         http://www.netknights.it 
    >         Landgraf-Karl-Str. 19, 34131 Kassel, Germany 
    >         Tel: +49 561 3166797, Fax: +49 561 3166798 
    >         
    >         Amtsgericht Kassel, HRB 16405 
    >         Geschäftsführer: Cornelius Kölbel 
    >         
    >         
    > -- 
    > Please read the blog post about getting help 
    > https://www.privacyidea.org/getting-help/. 
    >   
    > For professional services and consultancy regarding two
    factor 
    > authentication please visit 
    > https://netknights.it/en/leistungen/one-time-services/ 
    >   
    > In an enterprise environment you should get a SERVICE LEVEL
    AGREEMENT 
    > which suites your needs for SECURITY, AVAILABILITY and
    LIABILITY: 
    >
    https://netknights.it/en/leistungen/service-level-agreements/ 
    > --- 
    > You received this message because you are subscribed to the
    Google 
    > Groups "privacyidea" group. 
    > To unsubscribe from this group and stop receiving emails
    from it, send 
    > an email to privacyidea...@googlegroups.com. 
    > To post to this group, send email to
    priva...@googlegroups.com. 
    > Visit this group at
    https://groups.google.com/group/privacyidea. 
    > To view this discussion on the web visit 
    >
    https://groups.google.com/d/msgid/privacyidea/25228782-5705-431c-82f1-4e6e5775d782%40googlegroups.com. 
    > For more options, visit https://groups.google.com/d/optout. 
    
    -- 
    Cornelius Kölbel 
    corneliu...@netknights.it 
    +49 151 2960 1417 
    
    NetKnights GmbH 
    http://www.netknights.it 
    Landgraf-Karl-Str. 19, 34131 Kassel, Germany 
    Tel: +49 561 3166797, Fax: +49 561 3166798 
    
    Amtsgericht Kassel, HRB 16405 
    Geschäftsführer: Cornelius Kölbel 


Please read the blog post about getting help
https://www.privacyidea.org/getting-help/.

For professional services and consultancy regarding two factor
authentication please visit
https://netknights.it/en/leistungen/one-time-services/

In an enterprise environment you should get a SERVICE LEVEL AGREEMENT
which suites your needs for SECURITY, AVAILABILITY and LIABILITY:
https://netknights.it/en/leistungen/service-level-agreements/

You received this message because you are subscribed to the Google
Groups “privacyidea” group.
To unsubscribe from this group and stop receiving emails from it, send
an email to privacyidea+unsubscribe@googlegroups.com.
To post to this group, send email to privacyidea@googlegroups.com.
Visit this group at https://groups.google.com/group/privacyidea.
To view this discussion on the web visit
https://groups.google.com/d/msgid/privacyidea/1553807c-aad2-4871-a4b1-06662671edbd%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


Cornelius Kölbel
@cornelinux
+49 151 2960 1417

NetKnights GmbH
http://www.netknights.it
Landgraf-Karl-Str. 19, 34131 Kassel, Germany
Tel: +49 561 3166797, Fax: +49 561 3166798

Amtsgericht Kassel, HRB 16405
Geschäftsführer: Cornelius Kölbel

signature.asc (836 Bytes)

Hello Johan,

it is indeed a bug. If no HOTP token is contained in the allowed
tokentype list, you will see the behaviour. Very special!

However I fixed it.


Thanks again for being persistent :slight_smile:

You may take a look at it in the the development ppa repo:

ppa:privacyidea/privacyidea-dev

Kind regards
CorneliusAm Dienstag, den 14.06.2016, 05:19 -0700 schrieb jmdeking:

Great, if you can post the issue on github and fix this on short
notice would be really nice. Let me know if there is an update.

Our company is in the proces of reviewing your software and if this
satisfies our needs we are gonna buy a service contract for sure :slight_smile:

Thanks for your time.

Kind Regards,
Johan

On Tuesday, June 14, 2016 at 1:05:33 PM UTC+2, Cornelius Kölbel wrote:
Hello JM,

    thanks a lot for sending the detailed policy definition, this
    helps a 
    lot. 
    
    I can confirm this being a bug in the UI. The server provides
    all 
    information correct to the UI (default_tokentype and list of
    enrollable 
    tokens). 
    
    If you wish to, you can open an issue at 
    https://github.com/privacyidea/privacyidea/issues or I will do
    so later. 
    
    Kind regards 
    Cornelius 
    
    Am Dienstag, den 14.06.2016, 02:53 -0700 schrieb jmdeking: 
    > There is no conflicting policy: 
    > 
    > 
    > Please have a look below: 
    > --------------------------------------------- 
    > Policy Configuration 
    > -------------------- 
    > Policies define the behaviour of privacyIDEA. 
    > To learn more about policies read [#policies]_. 
    > 
    > 
    > The following policies are defined in your system: 
    > 
    > 
    > test 
    > ~~~~~~~~~~~~~~~~~ 
    > 
    > 
    > user: **[]** 
    > 
    > 
    > resolver: **[]** 
    > 
    > 
    > active: **True** 
    > 
    > 
    > adminrealm: **[]** 
    > 
    > 
    > condition: **0** 
    > 
    > 
    > realm: **[u'defrealm']** 
    > 
    > 
    > client: **[]** 
    > 
    > 
    > time: **** 
    > 
    > 
    > action: **{u'default_tokentype': u'email'}** 
    > 
    > 
    > scope: **webui** 
    > 
    > 
    > user 
    > ~~~~~~~~~~~~~~~~~ 
    > 
    > 
    > user: **[]** 
    > 
    > 
    > resolver: **[]** 
    > 
    > 
    > active: **True** 
    > 
    > 
    > adminrealm: **[]** 
    > 
    > 
    > condition: **0** 
    > 
    > 
    > realm: **[u'defrealm']** 
    > 
    > 
    > client: **[]** 
    > 
    > 
    > time: **** 
    > 
    > 
    > action: **{u'enrollSMS': True, u'enrollEMAIL': True}** 
    > 
    > 
    > scope: **user** 
    > 
    > On Monday, June 13, 2016 at 9:40:04 PM UTC+2, Cornelius Kölbel wrote: 
    >         Please take a closer look at your policies. You
    probably have 
    >         contradicting policies. If the user is not allowed
    to enroll 
    >         the token 
    >         type you define as default_tokentype things will
    happen, I do 
    >         not know. 
    >         
    >         You can go to Config->System->System documentation
    which will 
    >         output a 
    >         restructured text. You can paste the section of
    your 
    >         policies. 
    >         
    >         Starting at 
    >         
    >            Policy Configuration 
    >            -------------------- 
    >         
    >         Thanks. 
    >         
    >         Am Montag, den 13.06.2016, 05:53 -0700 schrieb
    jmdeking: 
    >         > Action: 
    >         > I create a WebUI policy with the setting
    "default_tokentype" 
    >         to the 
    >         > value email or sms or whatever and assign it to my
    realm. 
    >         > 
    >         > 
    >         > Result: 
    >         > User logs in to webportal and when he clicks
    "Enroll Token" 
    >         the first 
    >         > option is sms. 
    >         > Above is good! Great! 
    >         > 
    >         > 
    >         > Problem: 
    >         > i also create a User policy with a random setting
    and assign 
    >         it to my 
    >         > realm. 
    >         > 
    >         > 
    >         > Problem: 
    >         > User logs io to webportal and when he clicks
    "Enroll token" 
    >         the first 
    >         > option is not sms, but another available token
    type. (in 
    >         this case 
    >         > email or totp) 
    >         > 
    >         > 
    >         > Question: What is going wrong? 
    >         > 
    >         > 
    >         > Things i have try'd to solve the problem: 
    >         > - Reverted to ;last snapshot without any
    configuration and 
    >         after 
    >         > configuring the same result so no success. 
    >         > - in the webui profile checked everything off
    except the 
    >         > "default_tokentype" alas no success. 
    >         > - in the user profile checked everything off
    except enroll 
    >         email and 
    >         > enroll sms but no success. 
    >         > ----------------- 
    >         > *** My Setup *** 
    >         > 
    >         > 
    >         > Privacyidea Version: 2.12.1 (from ubuntu repo) 
    >         > 
    >         > 2x LDAP Backend in a realm. 
    >         > 
    >         > 
    >         > pi.cfg 
    >         > import logging 
    >         > # The realm, where users are allowed to login as 
    >         administrators 
    >         > SUPERUSER_REALM = ['super'] 
    >         > # Your database 
    >         > #SQLALCHEMY_DATABASE_URI = 
    >         'sqlite:////etc/privacyidea/data.sqlite' 
    >         > # This is used to encrypt the auth_token 
    >         > #SECRET_KEY = 'changed' 
    >         > # This is used to encrypt the admin passwords 
    >         > #PI_PEPPER = "Never know..." 
    >         > # This is used to encrypt the token data and
    token 
    >         passwords 
    >         > PI_ENCFILE = '/etc/privacyidea/enckey' 
    >         > # This is used to sign the audit log 
    >         > # This is the dummy base class 
    >         > #PI_AUDIT_MODULE =
    'privacyidea.lib.auditmodules.base' 
    >         > # This is the default 
    >         > #PI_AUDIT_MODULE =
    'privacyidea.lib.auditmodules.sqlaudit' 
    >         > # This is used to sign the audit log 
    >         > PI_AUDIT_KEY_PRIVATE =
    '/etc/privacyidea/private.pem' 
    >         > PI_AUDIT_KEY_PUBLIC =
    '/etc/privacyidea/public.pem' 
    >         > PI_LOGFILE =
    '/var/log/privacyidea/privacyidea.log' 
    >         > PI_LOGLEVEL = logging.INFO 
    >         > 
    >         > 
    >         > PI_PEPPER = 'changed' 
    >         > SECRET_KEY = 'changed' 
    >         > SQLALCHEMY_DATABASE_URI =
    'mysql://pi:changed@localhost/pi' 
    >         > 
    >         > 
    >         > 
    >         > 
    >         > ssl_access.log when of i access the "Enroll Token"
    page. 
    >         > 10.200.200.183 - - [06/Jun/2016:14:07:01 +0200]
    200 
    >         "GET /policy/ 
    >         > HTTP/1.1"  1741 "https://changed/" "Mozilla/5.0
    (X11; Linux 
    >         x86_64) 
    >         > AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu 
    >         Chromium/49.0.2623.108 
    >         > Chrome/49.0.2623.108 Safari/537.36" 
    >         > 10.200.200.183 - - [06/Jun/2016:14:07:07 +0200]
    200 
    >         "POST /auth 
    >         > HTTP/1.1"  1816 "https://changed/" "Mozilla/5.0
    (X11; Linux 
    >         x86_64) 
    >         > AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu 
    >         Chromium/49.0.2623.108 
    >         > Chrome/49.0.2623.108 Safari/537.36" 
    >         > 10.200.200.183 - - [06/Jun/2016:14:07:07 +0200]
    200 
    >         "GET /token/ 
    >         > HTTP/1.1"  854 "https://changed/" "Mozilla/5.0
    (X11; Linux 
    >         x86_64) 
    >         > AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu 
    >         Chromium/49.0.2623.108 
    >         > Chrome/49.0.2623.108 Safari/537.36" 
    >         > 10.200.200.183 - - [06/Jun/2016:14:07:07 +0200]
    200 
    >         "GET /token/ 
    >         > HTTP/1.1"  854 "https://changedl/" "Mozilla/5.0
    (X11; Linux 
    >         x86_64) 
    >         > AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu 
    >         Chromium/49.0.2623.108 
    >         > Chrome/49.0.2623.108 Safari/537.36" 
    >         > 10.200.200.183 - - [06/Jun/2016:14:07:09 +0200]
    404 
    >         > 
    >
    "GET /static/components/token/views/token.enrolled.email.html 
    >         > HTTP/1.1"  233 "https://changed/" "Mozilla/5.0
    (X11; Linux 
    >         x86_64) 
    >         > AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu 
    >         Chromium/49.0.2623.108 
    >         > Chrome/49.0.2623.108 Safari/537.36" 
    >         > 10.200.200.183 - - [06/Jun/2016:14:07:09 +0200]
    200 
    >         "GET /auth/rights 
    >         > HTTP/1.1"  926 "https://changed/" "Mozilla/5.0
    (X11; Linux 
    >         x86_64) 
    >         > AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu 
    >         Chromium/49.0.2623.108 
    >         > Chrome/49.0.2623.108 Safari/537.36" 
    >         > 10.200.200.183 - - [06/Jun/2016:14:07:10 +0200]
    404 
    >         >
    "GET /static/components/token/views/token.enrolled.sms.html 
    >         HTTP/1.1" 
    >         >  233 "https://changed/" "Mozilla/5.0 (X11; Linux
    x86_64) 
    >         > AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu 
    >         Chromium/49.0.2623.108 
    >         > Chrome/49.0.2623.108 Safari/537.36" 
    >         > 10.200.200.183 - - [06/Jun/2016:14:07:09 +0200]
    200 
    >         > "GET /radiusserver/ HTTP/1.1"  789
    "https://changed/" 
    >         "Mozilla/5.0 
    >         > (X11; Linux x86_64) AppleWebKit/537.36 (KHTML,
    like Gecko) 
    >         Ubuntu 
    >         > Chromium/49.0.2623.108 Chrome/49.0.2623.108
    Safari/537.36" 
    >         > 10.200.200.183 - - [06/Jun/2016:14:07:09 +0200]
    200 
    >         "GET /system/ 
    >         > HTTP/1.1"  834 "https://changed/" "Mozilla/5.0
    (X11; Linux 
    >         x86_64) 
    >         > AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu 
    >         Chromium/49.0.2623.108 
    >         > Chrome/49.0.2623.108 Safari/537.36" 
    >         > 10.200.200.183 - - [06/Jun/2016:14:07:09 +0200]
    200 
    >         "GET /caconnector/ 
    >         > HTTP/1.1"  789 "https://changed/" "Mozilla/5.0
    (X11; Linux 
    >         x86_64) 
    >         > AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu 
    >         Chromium/49.0.2623.108 
    >         > Chrome/49.0.2623.108 Safari/537.36" 
    >         > 
    >         > On Monday, June 13, 2016 at 2:00:52 PM UTC+2, Cornelius  Kölbel wrote: 
    >         >         My magic glass ball does not work. 
    >         >         Please send more information, what you
    have 
    >         configured, what 
    >         >         you are 
    >         >         doing, what you are seeing and what you
    expect. 
    >         >         
    >         >         https://www.privacyidea.org/getting-help/ 
    >         >         
    >         >         Am Montag, den 13.06.2016, 04:06 -0700 schrieb 
    >         jmdeking: 
    >         >         > I think i am running the latest
    version. 
    >         >         > 
    >         >         > 
    >         >         > sudo apt-get install python-privacyidea 
    >         >         > Pakketlijsten worden ingelezen... Klaar 
    >         >         > Boom van vereisten wordt opgebouwd
      
    >         >         > De status informatie wordt gelezen...
    Klaar 
    >         >         > python-privacyidea is already latest
    version. 
    >         >         > 
    >         >         > 
    >         >         > sudo apt-cache show python-privacyidea 
    >         >         > Package: python-privacyidea 
    >         >         > Priority: optional 
    >         >         > Section: python 
    >         >         > Installed-Size: 7811 
    >         >         > Maintainer: Cornelius Kölbel < 
    >         >         > Architecture: all 
    >         >         > Version: 2.12.1-1trusty 
    >         >         > Replaces: privacyidea (<< 2.0) 
    >         >         > Depends: python (>= 2.7), python (<<
    2.8), 
    >         python:any (>= 
    >         >         > 2.7.1-0ubuntu2), python-flask, 
    >         python-flask-migrate, 
    >         >         > python-flask-sqlalchemy,
    python-flask-script, 
    >         >         python-jinja2, 
    >         >         > python-mako, python-markupsafe,
    python-pymysql, 
    >         >         python-pillow, 
    >         >         > python-pyjwt, python-yaml,
    python-pygments, 
    >         >         python-sqlalchemy, 
    >         >         > python-werkzeug, alembic,
    python-bcrypt, 
    >         python-bs4, 
    >         >         python-cffi, 
    >         >         > python-configobj, python-docutils, 
    >         python-funcparserlib, 
    >         >         > python-itsdangerous, python-ldap3, 
    >         python-netaddr, 
    >         >         python-passlib, 
    >         >         > python-pyasn1, python-openssl,
    python-pycparser, 
    >         >         python-crypto, 
    >         >         > python-pyrad, python-usb,
    python-qrcode, 
    >         python-requests, 
    >         >         > python-sqlsoup, python-ecdsa,
    python-lxml, 
    >         python-pandas, 
    >         >         > python-matplotlib 
    >         >         > Breaks: privacyidea (<< 2.0) 
    >         >         > Filename: 
    >         >         > 
    >         > 
    >
    pool/main/p/python-privacyidea/python-privacyidea_2.12.1-1trusty_all.deb 
    >         >         > Size: 1668282 
    >         >         > MD5sum:
    33323220961aa83251d79fa768cf61a6 
    >         >         > SHA1:
    a3e951809b8490c9b05931583bf9450d373b97ad 
    >         >         > SHA256: 
    >         >         > 
    >         > 
    >
    d511d991903ac319b3d72cff34435cb8da7aff12adacbfb54e36635a448f747e 
    >         >         > Description-en: two-factor
    authentication system 
    >         e.g. for 
    >         >         OTP devices 
    >         >         >  privacyIDEA: identity, multifactor 
    >         authentication, 
    >         >         authorization. 
    >         >         >  This package contains the python module
    for 
    >         privacyIDEA. If 
    >         >         you want 
    >         >         >  to run it in a productive webserver you
    might 
    >         want to 
    >         >         install 
    >         >         >  privacyidea-nginx or
    privacyidea-apache2. 
    >         >         >  privacyIDEA is an open solution for
    strong 
    >         two-factor 
    >         >         authentication. 
    >         >         >  privacyIDEA aims to not bind you to any
    decision 
    >         of the 
    >         >         > authentication protocol 
    >         >         >  or it does not dictate you where your
    user 
    >         information 
    >         >         should be 
    >         >         > stored. 
    >         >         >  This is achieved by its totally
    modular 
    >         architecture. 
    >         >         >  privacyIDEA is not only open as far as
    its 
    >         modular 
    >         >         architecture is 
    >         >         > concerned. 
    >         >         >  But privacyIDEA is completely licensed
    under the 
    >         AGPLv3. 
    >         >         > Description-md5:
    d83384f70b39fc92f22fd9110f628dd2 
    >         >         > 
    >         >         > On Monday, June 13, 2016 at 12:46:51 PM UTC+2,  Cornelius  Kölbel wrote: 
    >         >         >         Hi, 
    >         >         >         
    >         >         >         this behaviour was
    changed/fixed/clarified 
    >         in 
    >         >         version 2.8. 
    >         >         > 
    >         > 
    >
    https://github.com/privacyidea/privacyidea/blob/master/Changelog#L119 
    >         >         >         
    >         >         >         Kind regards 
    >         >         >         Cornelius 
    >         >         >         
    >         >         >         Am Montag, den 13.06.2016, 03:29 0700  schrieb 
    >         >         jmdeking: 
    >         >         >         > To be clear, the files do
    exist in the 
    >         directory 
    >         >         so i am not 
    >         >         >         sure what 
    >         >         >         > is happening here. 
    >         >         >         > 
    >         >         >         > 
    >         >         >         > 
    >         >         >         > 
    >         >         >         > On Monday, June 13, 2016 at 12:23:27 PM  UTC+2,  jmdeking  wrote: 
    >         >         >         >         Hi there, 
    >         >         >         >         
    >         >         >         >         
    >         >         >         >         I use the following
    setup: 
    >         >         >         >         
    >         >         >         >         
    >         >         >         >         Ubuntu 14.04 with
    Privacyidea 
    >         2.7 from the 
    >         >         provided 
    >         >         >         repo. 
    >         >         >         >         
    >         >         >         >         
    >         >         >         >         
    >         >         >         >         
    >         >         >         >         When i set a system
    wide policy 
    >         to set 
    >         >         the 
    >         >         >         default_token type 
    >         >         >         >         to email a user logs
    in but 
    >         doesnt get the 
    >         >         default 
    >         >         >         token i 
    >         >         >         >         setup in the WebUI
    policy: 
    >         >         >         >         
    >         >         >         >         
    >         >         >         >         10.200.200.183 - - 
    >         [13/Jun/2016:12:20:55 
    >         >         +0200] 404 
    >         >         >         > 
    >         >         > 
    >         > 
    >
    "GET /static/components/token/views/token.enrolled.email.html 
    >         >         >         >         HTTP/1.1"  233 
    >         "https://changed/" 
    >         >         "Mozilla/5.0 (X11; 
    >         >         >         Linux 
    >         >         >         >         x86_64)
    AppleWebKit/537.36 
    >         (KHTML, like 
    >         >         Gecko) 
    >         >         >         Ubuntu 
    >         >         >         >
    Chromium/49.0.2623.108 
    >         >         Chrome/49.0.2623.108 
    >         >         >         Safari/537.36" 
    >         >         >         >         10.200.200.183 - - 
    >         [13/Jun/2016:12:20:55 
    >         >         +0200] 404 
    >         >         >         > 
    >         >         > 
    >         > 
    >
    "GET /static/components/token/views/token.enrolled.sms.html 
    >         >         >         >         HTTP/1.1"  233 
    >         "https://changed/" 
    >         >         "Mozilla/5.0 (X11; 
    >         >         >         Linux 
    >         >         >         >         x86_64)
    AppleWebKit/537.36 
    >         (KHTML, like 
    >         >         Gecko) 
    >         >         >         Ubuntu 
    >         >         >         >
    Chromium/49.0.2623.108 
    >         >         Chrome/49.0.2623.108 
    >         >         >         Safari/537.36" 
    >         >         >         >         
    >         >         >         >         
    >         >         >         >         Do you know what i
    going wrong 
    >         here? 
    >         >         >         >         
    >         >         >         >         
    >         >         >         >         
    >         >         >         >         
    >         >         >         >         
    >         >         >         >         
    >         >         >         >         PI.CFG: 
    >         >         >         >         
    >         >         >         >         
    >         >         >         >         import logging 
    >         >         >         >         # The realm, where
    users are 
    >         allowed to 
    >         >         login as 
    >         >         >         >         administrators 
    >         >         >         >         SUPERUSER_REALM =
    ['super'] 
    >         >         >         >         # Your database 
    >         >         >         >
    #SQLALCHEMY_DATABASE_URI = 
    >         >         >         > 
    >         'sqlite:////etc/privacyidea/data.sqlite' 
    >         >         >         >         # This is used to
    encrypt the 
    >         auth_token 
    >         >         >         >         #SECRET_KEY = 't0p
    s3cr3t' 
    >         >         >         >         # This is used to
    encrypt the 
    >         admin 
    >         >         passwords 
    >         >         >         >         #PI_PEPPER = "Never
    know..." 
    >         >         >         >         # This is used to
    encrypt the 
    >         token data 
    >         >         and token 
    >         >         >         passwords 
    >         >         >         >         PI_ENCFILE = 
    >         '/etc/privacyidea/enckey' 
    >         >         >         >         # This is used to sign
    the audit 
    >         log 
    >         >         >         >         # This is the dummy
    base class 
    >         >         >         >         #PI_AUDIT_MODULE = 
    >         >         >
    'privacyidea.lib.auditmodules.base' 
    >         >         >         >         # This is the default 
    >         >         >         >         #PI_AUDIT_MODULE = 
    >         >         >
    'privacyidea.lib.auditmodules.sqlaudit' 
    >         >         >         >         # This is used to sign
    the audit 
    >         log 
    >         >         >         >         PI_AUDIT_KEY_PRIVATE
    = 
    >         >         >         '/etc/privacyidea/private.pem' 
    >         >         >         >         PI_AUDIT_KEY_PUBLIC = 
    >         >         '/etc/privacyidea/public.pem' 
    >         >         >         >         PI_LOGFILE = 
    >         >         '/var/log/privacyidea/privacyidea.log' 
    >         >         >         >         PI_LOGLEVEL =
    logging.INFO 
    >         >         >         >         
    >         >         >         >         
    >         >         >         >         #PI_CUSTOMIZATION =
    "/" 
    >         >         >         >         
    >         >         >         >         
    >         >         >         >         #PI_CSS = 
    >         >         > 
    >         '/static/customize/css/bootstrap-theme.css' 
    >         >         >         >         
    >         >         >         >         
    >         >         >         >         PI_PEPPER = 'changed' 
    >         >         >         >         SECRET_KEY =
    'changed' 
    >         >         >         >
    SQLALCHEMY_DATABASE_URI = 
    >         >         >
    'mysql://pi:changed@localhost/pi' 
    >         >         >         > -- 
    >         >         >         > Please read the blog post
    about getting 
    >         help 
    >         >         >         > 
    >         https://www.privacyidea.org/getting-help/. 
    >         >         >         >   
    >         >         >         > For professional services and 
    >         consultancy 
    >         >         regarding two 
    >         >         >         factor 
    >         >         >         > authentication please visit 
    >         >         >         > 
    >         > 
    >
    https://netknights.it/en/leistungen/one-time-services/ 
    >         >         >         >   
    >         >         >         > In an enterprise environment
    you should 
    >         get a 
    >         >         SERVICE LEVEL 
    >         >         >         AGREEMENT 
    >         >         >         > which suites your needs for
    SECURITY, 
    >         AVAILABILITY 
    >         >         and 
    >         >         >         LIABILITY: 
    >         >         >         > 
    >         >         > 
    >         > 
    >
    https://netknights.it/en/leistungen/service-level-agreements/ 
    >         >         >         > --- 
    >         >         >         > You received this message
    because you 
    >         are 
    >         >         subscribed to the 
    >         >         >         Google 
    >         >         >         > Groups "privacyidea" group. 
    >         >         >         > To unsubscribe from this group
    and stop 
    >         receiving 
    >         >         emails 
    >         >         >         from it, send 
    >         >         >         > an email to 
    >         privacyidea...@googlegroups.com. 
    >         >         >         > To post to this group, send
    email to 
    >         >         >         priva...@googlegroups.com. 
    >         >         >         > Visit this group at 
    >         >         > 
    >         https://groups.google.com/group/privacyidea. 
    >         >         >         > To view this discussion on the
    web 
    >         visit 
    >         >         >         > 
    >         >         > 
    >         > 
    >
    https://groups.google.com/d/msgid/privacyidea/74fc71fb-b8ea-4076-a8d2-a7b16bdb7bb6%40googlegroups.com. 
    >         >         >         > For more options, visit 
    >         >         https://groups.google.com/d/optout. 
    >         >         >         
    >         >         >         -- 
    >         >         >         Cornelius Kölbel 
    >         >         >         corneliu...@netknights.it 
    >         >         >         +49 151 2960 1417 
    >         >         >         
    >         >         >         NetKnights GmbH 
    >         >         >         http://www.netknights.it 
    >         >         >         Landgraf-Karl-Str. 19, 34131
    Kassel, 
    >         Germany 
    >         >         >         Tel: +49 561 3166797, Fax: +49
    561 
    >         3166798 
    >         >         >         
    >         >         >         Amtsgericht Kassel, HRB 16405 
    >         >         >         Geschäftsführer: Cornelius
    Kölbel 
    >         >         >         
    >         >         >         
    >         >         > -- 
    >         >         > Please read the blog post about getting
    help 
    >         >         >
    https://www.privacyidea.org/getting-help/. 
    >         >         >   
    >         >         > For professional services and
    consultancy 
    >         regarding two 
    >         >         factor 
    >         >         > authentication please visit 
    >         >         > 
    >
    https://netknights.it/en/leistungen/one-time-services/ 
    >         >         >   
    >         >         > In an enterprise environment you should
    get a 
    >         SERVICE LEVEL 
    >         >         AGREEMENT 
    >         >         > which suites your needs for SECURITY,
    AVAILABILITY 
    >         and 
    >         >         LIABILITY: 
    >         >         > 
    >         > 
    >
    https://netknights.it/en/leistungen/service-level-agreements/ 
    >         >         > --- 
    >         >         > You received this message because you
    are 
    >         subscribed to the 
    >         >         Google 
    >         >         > Groups "privacyidea" group. 
    >         >         > To unsubscribe from this group and stop
    receiving 
    >         emails 
    >         >         from it, send 
    >         >         > an email to
    privacyidea...@googlegroups.com. 
    >         >         > To post to this group, send email to 
    >         >         priva...@googlegroups.com. 
    >         >         > Visit this group at 
    >         >
    https://groups.google.com/group/privacyidea. 
    >         >         > To view this discussion on the web
    visit 
    >         >         > 
    >         > 
    >
    https://groups.google.com/d/msgid/privacyidea/ef7fd503-e74e-47e9-8421-68fb3b1a30bb%40googlegroups.com. 
    >         >         > For more options, visit 
    >         https://groups.google.com/d/optout. 
    >         >         
    >         >         -- 
    >         >         Cornelius Kölbel 
    >         >         corneliu...@netknights.it 
    >         >         +49 151 2960 1417 
    >         >         
    >         >         NetKnights GmbH 
    >         >         http://www.netknights.it 
    >         >         Landgraf-Karl-Str. 19, 34131 Kassel,
    Germany 
    >         >         Tel: +49 561 3166797, Fax: +49 561
    3166798 
    >         >         
    >         >         Amtsgericht Kassel, HRB 16405 
    >         >         Geschäftsführer: Cornelius Kölbel 
    >         >         
    >         >         
    >         > -- 
    >         > Please read the blog post about getting help 
    >         > https://www.privacyidea.org/getting-help/. 
    >         >   
    >         > For professional services and consultancy
    regarding two 
    >         factor 
    >         > authentication please visit 
    >         >
    https://netknights.it/en/leistungen/one-time-services/ 
    >         >   
    >         > In an enterprise environment you should get a
    SERVICE LEVEL 
    >         AGREEMENT 
    >         > which suites your needs for SECURITY, AVAILABILITY
    and 
    >         LIABILITY: 
    >         > 
    >
    https://netknights.it/en/leistungen/service-level-agreements/ 
    >         > --- 
    >         > You received this message because you are
    subscribed to the 
    >         Google 
    >         > Groups "privacyidea" group. 
    >         > To unsubscribe from this group and stop receiving
    emails 
    >         from it, send 
    >         > an email to privacyidea...@googlegroups.com. 
    >         > To post to this group, send email to 
    >         priva...@googlegroups.com. 
    >         > Visit this group at 
    >         https://groups.google.com/group/privacyidea. 
    >         > To view this discussion on the web visit 
    >         > 
    >
    https://groups.google.com/d/msgid/privacyidea/25228782-5705-431c-82f1-4e6e5775d782%40googlegroups.com. 
    >         > For more options, visit
    https://groups.google.com/d/optout. 
    >         
    >         -- 
    >         Cornelius Kölbel 
    >         corneliu...@netknights.it 
    >         +49 151 2960 1417 
    >         
    >         NetKnights GmbH 
    >         http://www.netknights.it 
    >         Landgraf-Karl-Str. 19, 34131 Kassel, Germany 
    >         Tel: +49 561 3166797, Fax: +49 561 3166798 
    >         
    >         Amtsgericht Kassel, HRB 16405 
    >         Geschäftsführer: Cornelius Kölbel 
    >         
    >         
    > -- 
    > Please read the blog post about getting help 
    > https://www.privacyidea.org/getting-help/. 
    >   
    > For professional services and consultancy regarding two
    factor 
    > authentication please visit 
    > https://netknights.it/en/leistungen/one-time-services/ 
    >   
    > In an enterprise environment you should get a SERVICE LEVEL
    AGREEMENT 
    > which suites your needs for SECURITY, AVAILABILITY and
    LIABILITY: 
    >
    https://netknights.it/en/leistungen/service-level-agreements/ 
    > --- 
    > You received this message because you are subscribed to the
    Google 
    > Groups "privacyidea" group. 
    > To unsubscribe from this group and stop receiving emails
    from it, send 
    > an email to privacyidea...@googlegroups.com. 
    > To post to this group, send email to
    priva...@googlegroups.com. 
    > Visit this group at
    https://groups.google.com/group/privacyidea. 
    > To view this discussion on the web visit 
    >
    https://groups.google.com/d/msgid/privacyidea/1553807c-aad2-4871-a4b1-06662671edbd%40googlegroups.com. 
    > For more options, visit https://groups.google.com/d/optout. 
    
    -- 
    Cornelius Kölbel 
    corneliu...@netknights.it 
    +49 151 2960 1417 
    
    NetKnights GmbH 
    http://www.netknights.it 
    Landgraf-Karl-Str. 19, 34131 Kassel, Germany 
    Tel: +49 561 3166797, Fax: +49 561 3166798 
    
    Amtsgericht Kassel, HRB 16405 
    Geschäftsführer: Cornelius Kölbel 


Please read the blog post about getting help
https://www.privacyidea.org/getting-help/.

For professional services and consultancy regarding two factor
authentication please visit
https://netknights.it/en/leistungen/one-time-services/

In an enterprise environment you should get a SERVICE LEVEL AGREEMENT
which suites your needs for SECURITY, AVAILABILITY and LIABILITY:
https://netknights.it/en/leistungen/service-level-agreements/

You received this message because you are subscribed to the Google
Groups “privacyidea” group.
To unsubscribe from this group and stop receiving emails from it, send
an email to privacyidea+unsubscribe@googlegroups.com.
To post to this group, send email to privacyidea@googlegroups.com.
Visit this group at https://groups.google.com/group/privacyidea.
To view this discussion on the web visit
https://groups.google.com/d/msgid/privacyidea/28f9be78-4fb9-4498-9124-bcb9c24c0483%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


Cornelius Kölbel
@cornelinux
+49 151 2960 1417

NetKnights GmbH
http://www.netknights.it
Landgraf-Karl-Str. 19, 34131 Kassel, Germany
Tel: +49 561 3166797, Fax: +49 561 3166798

Amtsgericht Kassel, HRB 16405
Geschäftsführer: Cornelius Kölbel

signature.asc (836 Bytes)

Hi Johan,

I am calling it “dev” because I do not want to take any responsibility
for these packages :wink:

I would not use it on a productive environment. The current packages
there are very likely no problem. But the repository can contain broken
packages next week.

Kind regards
CorneliusAm Dienstag, den 14.06.2016, 06:11 -0700 schrieb jmdeking:

Thanks, is it save to use this dev-package for my production
environment?

Kind Regards,
Johan

On Tuesday, June 14, 2016 at 2:59:35 PM UTC+2, Cornelius Kölbel wrote:
I just uploaded the source.
I will take a time for processing. The package privacyidea
2.13-dev1
will be available in may be half an hour.

    Kind regards 
    Cornelius 
    
    Am Dienstag, den 14.06.2016, 05:19 -0700 schrieb jmdeking: 
    > Great, if you can post the issue on github and fix this on
    short 
    > notice would be really nice. Let me know if there is an
    update. 
    > 
    > 
    > Our company is in the proces of reviewing your software and
    if this 
    > satisfies our needs we are gonna buy a service contract for
    sure :) 
    > 
    > 
    > Thanks for your time. 
    > 
    > 
    > Kind Regards, 
    > Johan 
    > 
    > On Tuesday, June 14, 2016 at 1:05:33 PM UTC+2, Cornelius Kölbel wrote: 
    >         Hello JM, 
    >         
    >         thanks a lot for sending the detailed policy
    definition, this 
    >         helps a 
    >         lot. 
    >         
    >         I can confirm this being a bug in the UI. The server
    provides 
    >         all 
    >         information correct to the UI (default_tokentype and
    list of 
    >         enrollable 
    >         tokens). 
    >         
    >         If you wish to, you can open an issue at 
    >         https://github.com/privacyidea/privacyidea/issues or
    I will do 
    >         so later. 
    >         
    >         Kind regards 
    >         Cornelius 
    >         
    >         Am Dienstag, den 14.06.2016, 02:53 -0700 schrieb
    jmdeking: 
    >         > There is no conflicting policy: 
    >         > 
    >         > 
    >         > Please have a look below: 
    >         > --------------------------------------------- 
    >         > Policy Configuration 
    >         > -------------------- 
    >         > Policies define the behaviour of privacyIDEA. 
    >         > To learn more about policies read [#policies]_. 
    >         > 
    >         > 
    >         > The following policies are defined in your
    system: 
    >         > 
    >         > 
    >         > test 
    >         > ~~~~~~~~~~~~~~~~~ 
    >         > 
    >         > 
    >         > user: **[]** 
    >         > 
    >         > 
    >         > resolver: **[]** 
    >         > 
    >         > 
    >         > active: **True** 
    >         > 
    >         > 
    >         > adminrealm: **[]** 
    >         > 
    >         > 
    >         > condition: **0** 
    >         > 
    >         > 
    >         > realm: **[u'defrealm']** 
    >         > 
    >         > 
    >         > client: **[]** 
    >         > 
    >         > 
    >         > time: **** 
    >         > 
    >         > 
    >         > action: **{u'default_tokentype': u'email'}** 
    >         > 
    >         > 
    >         > scope: **webui** 
    >         > 
    >         > 
    >         > user 
    >         > ~~~~~~~~~~~~~~~~~ 
    >         > 
    >         > 
    >         > user: **[]** 
    >         > 
    >         > 
    >         > resolver: **[]** 
    >         > 
    >         > 
    >         > active: **True** 
    >         > 
    >         > 
    >         > adminrealm: **[]** 
    >         > 
    >         > 
    >         > condition: **0** 
    >         > 
    >         > 
    >         > realm: **[u'defrealm']** 
    >         > 
    >         > 
    >         > client: **[]** 
    >         > 
    >         > 
    >         > time: **** 
    >         > 
    >         > 
    >         > action: **{u'enrollSMS': True, u'enrollEMAIL':
    True}** 
    >         > 
    >         > 
    >         > scope: **user** 
    >         > 
    >         > On Monday, June 13, 2016 at 9:40:04 PM UTC+2, Cornelius  Kölbel wrote: 
    >         >         Please take a closer look at your
    policies. You 
    >         probably have 
    >         >         contradicting policies. If the user is not
    allowed 
    >         to enroll 
    >         >         the token 
    >         >         type you define as default_tokentype
    things will 
    >         happen, I do 
    >         >         not know. 
    >         >         
    >         >         You can go to Config->System->System
    documentation 
    >         which will 
    >         >         output a 
    >         >         restructured text. You can paste the
    section of 
    >         your 
    >         >         policies. 
    >         >         
    >         >         Starting at 
    >         >         
    >         >            Policy Configuration 
    >         >            -------------------- 
    >         >         
    >         >         Thanks. 
    >         >         
    >         >         Am Montag, den 13.06.2016, 05:53 -0700 schrieb 
    >         jmdeking: 
    >         >         > Action: 
    >         >         > I create a WebUI policy with the
    setting 
    >         "default_tokentype" 
    >         >         to the 
    >         >         > value email or sms or whatever and
    assign it to my 
    >         realm. 
    >         >         > 
    >         >         > 
    >         >         > Result: 
    >         >         > User logs in to webportal and when he
    clicks 
    >         "Enroll Token" 
    >         >         the first 
    >         >         > option is sms. 
    >         >         > Above is good! Great! 
    >         >         > 
    >         >         > 
    >         >         > Problem: 
    >         >         > i also create a User policy with a
    random setting 
    >         and assign 
    >         >         it to my 
    >         >         > realm. 
    >         >         > 
    >         >         > 
    >         >         > Problem: 
    >         >         > User logs io to webportal and when he
    clicks 
    >         "Enroll token" 
    >         >         the first 
    >         >         > option is not sms, but another available
    token 
    >         type. (in 
    >         >         this case 
    >         >         > email or totp) 
    >         >         > 
    >         >         > 
    >         >         > Question: What is going wrong? 
    >         >         > 
    >         >         > 
    >         >         > Things i have try'd to solve the
    problem: 
    >         >         > - Reverted to ;last snapshot without
    any 
    >         configuration and 
    >         >         after 
    >         >         > configuring the same result so no
    success. 
    >         >         > - in the webui profile checked
    everything off 
    >         except the 
    >         >         > "default_tokentype" alas no success. 
    >         >         > - in the user profile checked everything
    off 
    >         except enroll 
    >         >         email and 
    >         >         > enroll sms but no success. 
    >         >         > ----------------- 
    >         >         > *** My Setup *** 
    >         >         > 
    >         >         > 
    >         >         > Privacyidea Version: 2.12.1 (from ubuntu
    repo) 
    >         >         > 
    >         >         > 2x LDAP Backend in a realm. 
    >         >         > 
    >         >         > 
    >         >         > pi.cfg 
    >         >         > import logging 
    >         >         > # The realm, where users are allowed to
    login as 
    >         >         administrators 
    >         >         > SUPERUSER_REALM = ['super'] 
    >         >         > # Your database 
    >         >         > #SQLALCHEMY_DATABASE_URI = 
    >         >         'sqlite:////etc/privacyidea/data.sqlite' 
    >         >         > # This is used to encrypt the
    auth_token 
    >         >         > #SECRET_KEY = 'changed' 
    >         >         > # This is used to encrypt the admin
    passwords 
    >         >         > #PI_PEPPER = "Never know..." 
    >         >         > # This is used to encrypt the token data
    and 
    >         token 
    >         >         passwords 
    >         >         > PI_ENCFILE = '/etc/privacyidea/enckey' 
    >         >         > # This is used to sign the audit log 
    >         >         > # This is the dummy base class 
    >         >         > #PI_AUDIT_MODULE = 
    >         'privacyidea.lib.auditmodules.base' 
    >         >         > # This is the default 
    >         >         > #PI_AUDIT_MODULE = 
    >         'privacyidea.lib.auditmodules.sqlaudit' 
    >         >         > # This is used to sign the audit log 
    >         >         > PI_AUDIT_KEY_PRIVATE = 
    >         '/etc/privacyidea/private.pem' 
    >         >         > PI_AUDIT_KEY_PUBLIC = 
    >         '/etc/privacyidea/public.pem' 
    >         >         > PI_LOGFILE = 
    >         '/var/log/privacyidea/privacyidea.log' 
    >         >         > PI_LOGLEVEL = logging.INFO 
    >         >         > 
    >         >         > 
    >         >         > PI_PEPPER = 'changed' 
    >         >         > SECRET_KEY = 'changed' 
    >         >         > SQLALCHEMY_DATABASE_URI = 
    >         'mysql://pi:changed@localhost/pi' 
    >         >         > 
    >         >         > 
    >         >         > 
    >         >         > 
    >         >         > ssl_access.log when of i access the
    "Enroll Token" 
    >         page. 
    >         >         > 10.200.200.183 - - [06/Jun/2016:14:07:01
    +0200] 
    >         200 
    >         >         "GET /policy/ 
    >         >         > HTTP/1.1"  1741 "https://changed/"
    "Mozilla/5.0 
    >         (X11; Linux 
    >         >         x86_64) 
    >         >         > AppleWebKit/537.36 (KHTML, like Gecko)
    Ubuntu 
    >         >         Chromium/49.0.2623.108 
    >         >         > Chrome/49.0.2623.108 Safari/537.36" 
    >         >         > 10.200.200.183 - - [06/Jun/2016:14:07:07
    +0200] 
    >         200 
    >         >         "POST /auth 
    >         >         > HTTP/1.1"  1816 "https://changed/"
    "Mozilla/5.0 
    >         (X11; Linux 
    >         >         x86_64) 
    >         >         > AppleWebKit/537.36 (KHTML, like Gecko)
    Ubuntu 
    >         >         Chromium/49.0.2623.108 
    >         >         > Chrome/49.0.2623.108 Safari/537.36" 
    >         >         > 10.200.200.183 - - [06/Jun/2016:14:07:07
    +0200] 
    >         200 
    >         >         "GET /token/ 
    >         >         > HTTP/1.1"  854 "https://changed/"
    "Mozilla/5.0 
    >         (X11; Linux 
    >         >         x86_64) 
    >         >         > AppleWebKit/537.36 (KHTML, like Gecko)
    Ubuntu 
    >         >         Chromium/49.0.2623.108 
    >         >         > Chrome/49.0.2623.108 Safari/537.36" 
    >         >         > 10.200.200.183 - - [06/Jun/2016:14:07:07
    +0200] 
    >         200 
    >         >         "GET /token/ 
    >         >         > HTTP/1.1"  854 "https://changedl/"
    "Mozilla/5.0 
    >         (X11; Linux 
    >         >         x86_64) 
    >         >         > AppleWebKit/537.36 (KHTML, like Gecko)
    Ubuntu 
    >         >         Chromium/49.0.2623.108 
    >         >         > Chrome/49.0.2623.108 Safari/537.36" 
    >         >         > 10.200.200.183 - - [06/Jun/2016:14:07:09
    +0200] 
    >         404 
    >         >         > 
    >         > 
    >
    "GET /static/components/token/views/token.enrolled.email.html 
    >         >         > HTTP/1.1"  233 "https://changed/"
    "Mozilla/5.0 
    >         (X11; Linux 
    >         >         x86_64) 
    >         >         > AppleWebKit/537.36 (KHTML, like Gecko)
    Ubuntu 
    >         >         Chromium/49.0.2623.108 
    >         >         > Chrome/49.0.2623.108 Safari/537.36" 
    >         >         > 10.200.200.183 - - [06/Jun/2016:14:07:09
    +0200] 
    >         200 
    >         >         "GET /auth/rights 
    >         >         > HTTP/1.1"  926 "https://changed/"
    "Mozilla/5.0 
    >         (X11; Linux 
    >         >         x86_64) 
    >         >         > AppleWebKit/537.36 (KHTML, like Gecko)
    Ubuntu 
    >         >         Chromium/49.0.2623.108 
    >         >         > Chrome/49.0.2623.108 Safari/537.36" 
    >         >         > 10.200.200.183 - - [06/Jun/2016:14:07:10
    +0200] 
    >         404 
    >         >         > 
    >
    "GET /static/components/token/views/token.enrolled.sms.html 
    >         >         HTTP/1.1" 
    >         >         >  233 "https://changed/" "Mozilla/5.0
    (X11; Linux 
    >         x86_64) 
    >         >         > AppleWebKit/537.36 (KHTML, like Gecko)
    Ubuntu 
    >         >         Chromium/49.0.2623.108 
    >         >         > Chrome/49.0.2623.108 Safari/537.36" 
    >         >         > 10.200.200.183 - - [06/Jun/2016:14:07:09
    +0200] 
    >         200 
    >         >         > "GET /radiusserver/ HTTP/1.1"  789 
    >         "https://changed/" 
    >         >         "Mozilla/5.0 
    >         >         > (X11; Linux x86_64) AppleWebKit/537.36
    (KHTML, 
    >         like Gecko) 
    >         >         Ubuntu 
    >         >         > Chromium/49.0.2623.108
    Chrome/49.0.2623.108 
    >         Safari/537.36" 
    >         >         > 10.200.200.183 - - [06/Jun/2016:14:07:09
    +0200] 
    >         200 
    >         >         "GET /system/ 
    >         >         > HTTP/1.1"  834 "https://changed/"
    "Mozilla/5.0 
    >         (X11; Linux 
    >         >         x86_64) 
    >         >         > AppleWebKit/537.36 (KHTML, like Gecko)
    Ubuntu 
    >         >         Chromium/49.0.2623.108 
    >         >         > Chrome/49.0.2623.108 Safari/537.36" 
    >         >         > 10.200.200.183 - - [06/Jun/2016:14:07:09
    +0200] 
    >         200 
    >         >         "GET /caconnector/ 
    >         >         > HTTP/1.1"  789 "https://changed/"
    "Mozilla/5.0 
    >         (X11; Linux 
    >         >         x86_64) 
    >         >         > AppleWebKit/537.36 (KHTML, like Gecko)
    Ubuntu 
    >         >         Chromium/49.0.2623.108 
    >         >         > Chrome/49.0.2623.108 Safari/537.36" 
    >         >         > 
    >         >         > On Monday, June 13, 2016 at 2:00:52 PM UTC+2,  Cornelius  Kölbel wrote: 
    >         >         >         My magic glass ball does not
    work. 
    >         >         >         Please send more information,
    what you 
    >         have 
    >         >         configured, what 
    >         >         >         you are 
    >         >         >         doing, what you are seeing and
    what you 
    >         expect. 
    >         >         >         
    >         >         >
    https://www.privacyidea.org/getting-help/ 
    >         >         >         
    >         >         >         Am Montag, den 13.06.2016, 04:06 0700  schrieb 
    >         >         jmdeking: 
    >         >         >         > I think i am running the
    latest 
    >         version. 
    >         >         >         > 
    >         >         >         > 
    >         >         >         > sudo apt-get install
    python-privacyidea 
    >         >         >         > Pakketlijsten worden
    ingelezen... Klaar 
    >         >         >         > Boom van vereisten wordt
    opgebouwd 
    >           
    >         >         >         > De status informatie wordt
    gelezen... 
    >         Klaar 
    >         >         >         > python-privacyidea is already
    latest 
    >         version. 
    >         >         >         > 
    >         >         >         > 
    >         >         >         > sudo apt-cache show
    python-privacyidea 
    >         >         >         > Package: python-privacyidea 
    >         >         >         > Priority: optional 
    >         >         >         > Section: python 
    >         >         >         > Installed-Size: 7811 
    >         >         >         > Maintainer: Cornelius Kölbel
    < 
    >         >         >         > Architecture: all 
    >         >         >         > Version: 2.12.1-1trusty 
    >         >         >         > Replaces: privacyidea (<<
    2.0) 
    >         >         >         > Depends: python (>= 2.7),
    python (<< 
    >         2.8), 
    >         >         python:any (>= 
    >         >         >         > 2.7.1-0ubuntu2),
    python-flask, 
    >         >         python-flask-migrate, 
    >         >         >         > python-flask-sqlalchemy, 
    >         python-flask-script, 
    >         >         >         python-jinja2, 
    >         >         >         > python-mako,
    python-markupsafe, 
    >         python-pymysql, 
    >         >         >         python-pillow, 
    >         >         >         > python-pyjwt, python-yaml, 
    >         python-pygments, 
    >         >         >         python-sqlalchemy, 
    >         >         >         > python-werkzeug, alembic, 
    >         python-bcrypt, 
    >         >         python-bs4, 
    >         >         >         python-cffi, 
    >         >         >         > python-configobj,
    python-docutils, 
    >         >         python-funcparserlib, 
    >         >         >         > python-itsdangerous,
    python-ldap3, 
    >         >         python-netaddr, 
    >         >         >         python-passlib, 
    >         >         >         > python-pyasn1,
    python-openssl, 
    >         python-pycparser, 
    >         >         >         python-crypto, 
    >         >         >         > python-pyrad, python-usb, 
    >         python-qrcode, 
    >         >         python-requests, 
    >         >         >         > python-sqlsoup, python-ecdsa, 
    >         python-lxml, 
    >         >         python-pandas, 
    >         >         >         > python-matplotlib 
    >         >         >         > Breaks: privacyidea (<< 2.0) 
    >         >         >         > Filename: 
    >         >         >         > 
    >         >         > 
    >         > 
    >
    pool/main/p/python-privacyidea/python-privacyidea_2.12.1-1trusty_all.deb 
    >         >         >         > Size: 1668282 
    >         >         >         > MD5sum: 
    >         33323220961aa83251d79fa768cf61a6 
    >         >         >         > SHA1: 
    >         a3e951809b8490c9b05931583bf9450d373b97ad 
    >         >         >         > SHA256: 
    >         >         >         > 
    >         >         > 
    >         > 
    >
    d511d991903ac319b3d72cff34435cb8da7aff12adacbfb54e36635a448f747e 
    >         >         >         > Description-en: two-factor 
    >         authentication system 
    >         >         e.g. for 
    >         >         >         OTP devices 
    >         >         >         >  privacyIDEA: identity,
    multifactor 
    >         >         authentication, 
    >         >         >         authorization. 
    >         >         >         >  This package contains the
    python module 
    >         for 
    >         >         privacyIDEA. If 
    >         >         >         you want 
    >         >         >         >  to run it in a productive
    webserver you 
    >         might 
    >         >         want to 
    >         >         >         install 
    >         >         >         >  privacyidea-nginx or 
    >         privacyidea-apache2. 
    >         >         >         >  privacyIDEA is an open
    solution for 
    >         strong 
    >         >         two-factor 
    >         >         >         authentication. 
    >         >         >         >  privacyIDEA aims to not bind
    you to any 
    >         decision 
    >         >         of the 
    >         >         >         > authentication protocol 
    >         >         >         >  or it does not dictate you
    where your 
    >         user 
    >         >         information 
    >         >         >         should be 
    >         >         >         > stored. 
    >         >         >         >  This is achieved by its
    totally 
    >         modular 
    >         >         architecture. 
    >         >         >         >  privacyIDEA is not only open
    as far as 
    >         its 
    >         >         modular 
    >         >         >         architecture is 
    >         >         >         > concerned. 
    >         >         >         >  But privacyIDEA is completely
    licensed 
    >         under the 
    >         >         AGPLv3. 
    >         >         >         > Description-md5: 
    >         d83384f70b39fc92f22fd9110f628dd2 
    >         >         >         > 
    >         >         >         > On Monday, June 13, 2016 at 12:46:51 PM  UTC+2,  Cornelius  Kölbel wrote: 
    >         >         >         >         Hi, 
    >         >         >         >         
    >         >         >         >         this behaviour was 
    >         changed/fixed/clarified 
    >         >         in 
    >         >         >         version 2.8. 
    >         >         >         > 
    >         >         > 
    >         > 
    >
    https://github.com/privacyidea/privacyidea/blob/master/Changelog#L119 
    >         >         >         >         
    >         >         >         >         Kind regards 
    >         >         >         >         Cornelius 
    >         >         >         >         
    >         >         >         >         Am Montag, den 13.06.2016, 03:29  0700  schrieb 
    >         >         >         jmdeking: 
    >         >         >         >         > To be clear, the
    files do 
    >         exist in the 
    >         >         directory 
    >         >         >         so i am not 
    >         >         >         >         sure what 
    >         >         >         >         > is happening here. 
    >         >         >         >         > 
    >         >         >         >         > 
    >         >         >         >         > 
    >         >         >         >         > 
    >         >         >         >         > On Monday, June 13, 2016 at  12:23:27 PM  UTC+2,  jmdeking  wrote: 
    >         >         >         >         >         Hi there, 
    >         >         >         >         >         
    >         >         >         >         >         
    >         >         >         >         >         I use the
    following 
    >         setup: 
    >         >         >         >         >         
    >         >         >         >         >         
    >         >         >         >         >         Ubuntu 14.04
    with 
    >         Privacyidea 
    >         >         2.7 from the 
    >         >         >         provided 
    >         >         >         >         repo. 
    >         >         >         >         >         
    >         >         >         >         >         
    >         >         >         >         >         
    >         >         >         >         >         
    >         >         >         >         >         When i set a
    system 
    >         wide policy 
    >         >         to set 
    >         >         >         the 
    >         >         >         >         default_token type 
    >         >         >         >         >         to email a
    user logs 
    >         in but 
    >         >         doesnt get the 
    >         >         >         default 
    >         >         >         >         token i 
    >         >         >         >         >         setup in the
    WebUI 
    >         policy: 
    >         >         >         >         >         
    >         >         >         >         >         
    >         >         >         >         >
    10.200.200.183 - - 
    >         >         [13/Jun/2016:12:20:55 
    >         >         >         +0200] 404 
    >         >         >         >         > 
    >         >         >         > 
    >         >         > 
    >         > 
    >
    "GET /static/components/token/views/token.enrolled.email.html 
    >         >         >         >         >         HTTP/1.1"
     233 
    >         >         "https://changed/" 
    >         >         >         "Mozilla/5.0 (X11; 
    >         >         >         >         Linux 
    >         >         >         >         >         x86_64) 
    >         AppleWebKit/537.36 
    >         >         (KHTML, like 
    >         >         >         Gecko) 
    >         >         >         >         Ubuntu 
    >         >         >         >         > 
    >         Chromium/49.0.2623.108 
    >         >         >         Chrome/49.0.2623.108 
    >         >         >         >         Safari/537.36" 
    >         >         >         >         >
    10.200.200.183 - - 
    >         >         [13/Jun/2016:12:20:55 
    >         >         >         +0200] 404 
    >         >         >         >         > 
    >         >         >         > 
    >         >         > 
    >         > 
    >
    "GET /static/components/token/views/token.enrolled.sms.html 
    >         >         >         >         >         HTTP/1.1"
     233 
    >         >         "https://changed/" 
    >         >         >         "Mozilla/5.0 (X11; 
    >         >         >         >         Linux 
    >         >         >         >         >         x86_64) 
    >         AppleWebKit/537.36 
    >         >         (KHTML, like 
    >         >         >         Gecko) 
    >         >         >         >         Ubuntu 
    >         >         >         >         > 
    >         Chromium/49.0.2623.108 
    >         >         >         Chrome/49.0.2623.108 
    >         >         >         >         Safari/537.36" 
    >         >         >         >         >         
    >         >         >         >         >         
    >         >         >         >         >         Do you know
    what i 
    >         going wrong 
    >         >         here? 
    >         >         >         >         >         
    >         >         >         >         >         
    >         >         >         >         >         
    >         >         >         >         >         
    >         >         >         >         >         
    >         >         >         >         >         
    >         >         >         >         >         PI.CFG: 
    >         >         >         >         >         
    >         >         >         >         >         
    >         >         >         >         >         import
    logging 
    >         >         >         >         >         # The realm,
    where 
    >         users are 
    >         >         allowed to 
    >         >         >         login as 
    >         >         >         >         >
    administrators 
    >         >         >         >         >
    SUPERUSER_REALM = 
    >         ['super'] 
    >         >         >         >         >         # Your
    database 
    >         >         >         >         > 
    >         #SQLALCHEMY_DATABASE_URI = 
    >         >         >         >         > 
    >         >         'sqlite:////etc/privacyidea/data.sqlite' 
    >         >         >         >         >         # This is
    used to 
    >         encrypt the 
    >         >         auth_token 
    >         >         >         >         >         #SECRET_KEY
    = 't0p 
    >         s3cr3t' 
    >         >         >         >         >         # This is
    used to 
    >         encrypt the 
    >         >         admin 
    >         >         >         passwords 
    >         >         >         >         >         #PI_PEPPER =
    "Never 
    >         know..." 
    >         >         >         >         >         # This is
    used to 
    >         encrypt the 
    >         >         token data 
    >         >         >         and token 
    >         >         >         >         passwords 
    >         >         >         >         >         PI_ENCFILE
    = 
    >         >         '/etc/privacyidea/enckey' 
    >         >         >         >         >         # This is
    used to sign 
    >         the audit 
    >         >         log 
    >         >         >         >         >         # This is
    the dummy 
    >         base class 
    >         >         >         >         >
    #PI_AUDIT_MODULE = 
    >         >         >         > 
    >         'privacyidea.lib.auditmodules.base' 
    >         >         >         >         >         # This is
    the default 
    >         >         >         >         >
    #PI_AUDIT_MODULE = 
    >         >         >         > 
    >         'privacyidea.lib.auditmodules.sqlaudit' 
    >         >         >         >         >         # This is
    used to sign 
    >         the audit 
    >         >         log 
    >         >         >         >         >
    PI_AUDIT_KEY_PRIVATE 
    >         = 
    >         >         >         >
    '/etc/privacyidea/private.pem' 
    >         >         >         >         >
    PI_AUDIT_KEY_PUBLIC = 
    >         >         >         '/etc/privacyidea/public.pem' 
    >         >         >         >         >         PI_LOGFILE
    = 
    >         >         >
    '/var/log/privacyidea/privacyidea.log' 
    >         >         >         >         >         PI_LOGLEVEL
    = 
    >         logging.INFO 
    >         >         >         >         >         
    >         >         >         >         >         
    >         >         >         >         >
    #PI_CUSTOMIZATION = 
    >         "/" 
    >         >         >         >         >         
    >         >         >         >         >         
    >         >         >         >         >         #PI_CSS = 
    >         >         >         > 
    >         >
    '/static/customize/css/bootstrap-theme.css' 
    >         >         >         >         >         
    >         >         >         >         >         
    >         >         >         >         >         PI_PEPPER =
    'changed' 
    >         >         >         >         >         SECRET_KEY
    = 
    >         'changed' 
    >         >         >         >         > 
    >         SQLALCHEMY_DATABASE_URI = 
    >         >         >         > 
    >         'mysql://pi:changed@localhost/pi' 
    >         >         >         >         > -- 
    >         >         >         >         > Please read the blog
    post 
    >         about getting 
    >         >         help 
    >         >         >         >         > 
    >         >
    https://www.privacyidea.org/getting-help/. 
    >         >         >         >         >   
    >         >         >         >         > For professional
    services and 
    >         >         consultancy 
    >         >         >         regarding two 
    >         >         >         >         factor 
    >         >         >         >         > authentication
    please visit 
    >         >         >         >         > 
    >         >         > 
    >         > 
    >
    https://netknights.it/en/leistungen/one-time-services/ 
    >         >         >         >         >   
    >         >         >         >         > In an enterprise
    environment 
    >         you should 
    >         >         get a 
    >         >         >         SERVICE LEVEL 
    >         >         >         >         AGREEMENT 
    >         >         >         >         > which suites your
    needs for 
    >         SECURITY, 
    >         >         AVAILABILITY 
    >         >         >         and 
    >         >         >         >         LIABILITY: 
    >         >         >         >         > 
    >         >         >         > 
    >         >         > 
    >         > 
    >
    https://netknights.it/en/leistungen/service-level-agreements/ 
    >         >         >         >         > --- 
    >         >         >         >         > You received this
    message 
    >         because you 
    >         >         are 
    >         >         >         subscribed to the 
    >         >         >         >         Google 
    >         >         >         >         > Groups "privacyidea"
    group. 
    >         >         >         >         > To unsubscribe from
    this group 
    >         and stop 
    >         >         receiving 
    >         >         >         emails 
    >         >         >         >         from it, send 
    >         >         >         >         > an email to 
    >         >         privacyidea...@googlegroups.com. 
    >         >         >         >         > To post to this
    group, send 
    >         email to 
    >         >         >         >
    priva...@googlegroups.com. 
    >         >         >         >         > Visit this group at 
    >         >         >         > 
    >         >
    https://groups.google.com/group/privacyidea. 
    >         >         >         >         > To view this
    discussion on the 
    >         web 
    >         >         visit 
    >         >         >         >         > 
    >         >         >         > 
    >         >         > 
    >         > 
    >
    https://groups.google.com/d/msgid/privacyidea/74fc71fb-b8ea-4076-a8d2-a7b16bdb7bb6%40googlegroups.com. 
    >         >         >         >         > For more options,
    visit 
    >         >         >
    https://groups.google.com/d/optout. 
    >         >         >         >         
    >         >         >         >         -- 
    >         >         >         >         Cornelius Kölbel 
    >         >         >         >
    corneliu...@netknights.it 
    >         >         >         >         +49 151 2960 1417 
    >         >         >         >         
    >         >         >         >         NetKnights GmbH 
    >         >         >         >
    http://www.netknights.it 
    >         >         >         >         Landgraf-Karl-Str. 19,
    34131 
    >         Kassel, 
    >         >         Germany 
    >         >         >         >         Tel: +49 561 3166797,
    Fax: +49 
    >         561 
    >         >         3166798 
    >         >         >         >         
    >         >         >         >         Amtsgericht Kassel,
    HRB 16405 
    >         >         >         >         Geschäftsführer:
    Cornelius 
    >         Kölbel 
    >         >         >         >         
    >         >         >         >         
    >         >         >         > -- 
    >         >         >         > Please read the blog post
    about getting 
    >         help 
    >         >         >         > 
    >         https://www.privacyidea.org/getting-help/. 
    >         >         >         >   
    >         >         >         > For professional services and 
    >         consultancy 
    >         >         regarding two 
    >         >         >         factor 
    >         >         >         > authentication please visit 
    >         >         >         > 
    >         > 
    >
    https://netknights.it/en/leistungen/one-time-services/ 
    >         >         >         >   
    >         >         >         > In an enterprise environment
    you should 
    >         get a 
    >         >         SERVICE LEVEL 
    >         >         >         AGREEMENT 
    >         >         >         > which suites your needs for
    SECURITY, 
    >         AVAILABILITY 
    >         >         and 
    >         >         >         LIABILITY: 
    >         >         >         > 
    >         >         > 
    >         > 
    >
    https://netknights.it/en/leistungen/service-level-agreements/ 
    >         >         >         > --- 
    >         >         >         > You received this message
    because you 
    >         are 
    >         >         subscribed to the 
    >         >         >         Google 
    >         >         >         > Groups "privacyidea" group. 
    >         >         >         > To unsubscribe from this group
    and stop 
    >         receiving 
    >         >         emails 
    >         >         >         from it, send 
    >         >         >         > an email to 
    >         privacyidea...@googlegroups.com. 
    >         >         >         > To post to this group, send
    email to 
    >         >         >         priva...@googlegroups.com. 
    >         >         >         > Visit this group at 
    >         >         > 
    >         https://groups.google.com/group/privacyidea. 
    >         >         >         > To view this discussion on the
    web 
    >         visit 
    >         >         >         > 
    >         >         > 
    >         > 
    >
    https://groups.google.com/d/msgid/privacyidea/ef7fd503-e74e-47e9-8421-68fb3b1a30bb%40googlegroups.com. 
    >         >         >         > For more options, visit 
    >         >         https://groups.google.com/d/optout. 
    >         >         >         
    >         >         >         -- 
    >         >         >         Cornelius Kölbel 
    >         >         >         corneliu...@netknights.it 
    >         >         >         +49 151 2960 1417 
    >         >         >         
    >         >         >         NetKnights GmbH 
    >         >         >         http://www.netknights.it 
    >         >         >         Landgraf-Karl-Str. 19, 34131
    Kassel, 
    >         Germany 
    >         >         >         Tel: +49 561 3166797, Fax: +49
    561 
    >         3166798 
    >         >         >         
    >         >         >         Amtsgericht Kassel, HRB 16405 
    >         >         >         Geschäftsführer: Cornelius
    Kölbel 
    >         >         >         
    >         >         >         
    >         >         > -- 
    >         >         > Please read the blog post about getting
    help 
    >         >         >
    https://www.privacyidea.org/getting-help/. 
    >         >         >   
    >         >         > For professional services and
    consultancy 
    >         regarding two 
    >         >         factor 
    >         >         > authentication please visit 
    >         >         > 
    >
    https://netknights.it/en/leistungen/one-time-services/ 
    >         >         >   
    >         >         > In an enterprise environment you should
    get a 
    >         SERVICE LEVEL 
    >         >         AGREEMENT 
    >         >         > which suites your needs for SECURITY,
    AVAILABILITY 
    >         and 
    >         >         LIABILITY: 
    >         >         > 
    >         > 
    >
    https://netknights.it/en/leistungen/service-level-agreements/ 
    >         >         > --- 
    >         >         > You received this message because you
    are 
    >         subscribed to the 
    >         >         Google 
    >         >         > Groups "privacyidea" group. 
    >         >         > To unsubscribe from this group and stop
    receiving 
    >         emails 
    >         >         from it, send 
    >         >         > an email to
    privacyidea...@googlegroups.com. 
    >         >         > To post to this group, send email to 
    >         >         priva...@googlegroups.com. 
    >         >         > Visit this group at 
    >         >
    https://groups.google.com/group/privacyidea. 
    >         >         > To view this discussion on the web
    visit 
    >         >         > 
    >         > 
    >
    https://groups.google.com/d/msgid/privacyidea/25228782-5705-431c-82f1-4e6e5775d782%40googlegroups.com. 
    >         >         > For more options, visit 
    >         https://groups.google.com/d/optout. 
    >         >         
    >         >         -- 
    >         >         Cornelius Kölbel 
    >         >         corneliu...@netknights.it 
    >         >         +49 151 2960 1417 
    >         >         
    >         >         NetKnights GmbH 
    >         >         http://www.netknights.it 
    >         >         Landgraf-Karl-Str. 19, 34131 Kassel,
    Germany 
    >         >         Tel: +49 561 3166797, Fax: +49 561
    3166798 
    >         >         
    >         >         Amtsgericht Kassel, HRB 16405 
    >         >         Geschäftsführer: Cornelius Kölbel 
    >         >         
    >         >         
    >         > -- 
    >         > Please read the blog post about getting help 
    >         > https://www.privacyidea.org/getting-help/. 
    >         >   
    >         > For professional services and consultancy
    regarding two 
    >         factor 
    >         > authentication please visit 
    >         >
    https://netknights.it/en/leistungen/one-time-services/ 
    >         >   
    >         > In an enterprise environment you should get a
    SERVICE LEVEL 
    >         AGREEMENT 
    >         > which suites your needs for SECURITY, AVAILABILITY
    and 
    >         LIABILITY: 
    >         > 
    >
    https://netknights.it/en/leistungen/service-level-agreements/ 
    >         > --- 
    >         > You received this message because you are
    subscribed to the 
    >         Google 
    >         > Groups "privacyidea" group. 
    >         > To unsubscribe from this group and stop receiving
    emails 
    >         from it, send 
    >         > an email to privacyidea...@googlegroups.com. 
    >         > To post to this group, send email to 
    >         priva...@googlegroups.com. 
    >         > Visit this group at 
    >         https://groups.google.com/group/privacyidea. 
    >         > To view this discussion on the web visit 
    >         > 
    >
    https://groups.google.com/d/msgid/privacyidea/1553807c-aad2-4871-a4b1-06662671edbd%40googlegroups.com. 
    >         > For more options, visit
    https://groups.google.com/d/optout. 
    >         
    >         -- 
    >         Cornelius Kölbel 
    >         corneliu...@netknights.it 
    >         +49 151 2960 1417 
    >         
    >         NetKnights GmbH 
    >         http://www.netknights.it 
    >         Landgraf-Karl-Str. 19, 34131 Kassel, Germany 
    >         Tel: +49 561 3166797, Fax: +49 561 3166798 
    >         
    >         Amtsgericht Kassel, HRB 16405 
    >         Geschäftsführer: Cornelius Kölbel 
    >         
    >         
    > -- 
    > Please read the blog post about getting help 
    > https://www.privacyidea.org/getting-help/. 
    >   
    > For professional services and consultancy regarding two
    factor 
    > authentication please visit 
    > https://netknights.it/en/leistungen/one-time-services/ 
    >   
    > In an enterprise environment you should get a SERVICE LEVEL
    AGREEMENT 
    > which suites your needs for SECURITY, AVAILABILITY and
    LIABILITY: 
    >
    https://netknights.it/en/leistungen/service-level-agreements/ 
    > --- 
    > You received this message because you are subscribed to the
    Google 
    > Groups "privacyidea" group. 
    > To unsubscribe from this group and stop receiving emails
    from it, send 
    > an email to privacyidea...@googlegroups.com. 
    > To post to this group, send email to
    priva...@googlegroups.com. 
    > Visit this group at
    https://groups.google.com/group/privacyidea. 
    > To view this discussion on the web visit 
    >
    https://groups.google.com/d/msgid/privacyidea/28f9be78-4fb9-4498-9124-bcb9c24c0483%40googlegroups.com. 
    > For more options, visit https://groups.google.com/d/optout. 
    
    -- 
    Cornelius Kölbel 
    corneliu...@netknights.it 
    +49 151 2960 1417 
    
    NetKnights GmbH 
    http://www.netknights.it 
    Landgraf-Karl-Str. 19, 34131 Kassel, Germany 
    Tel: +49 561 3166797, Fax: +49 561 3166798 
    
    Amtsgericht Kassel, HRB 16405 
    Geschäftsführer: Cornelius Kölbel 


Please read the blog post about getting help
https://www.privacyidea.org/getting-help/.

For professional services and consultancy regarding two factor
authentication please visit
https://netknights.it/en/leistungen/one-time-services/

In an enterprise environment you should get a SERVICE LEVEL AGREEMENT
which suites your needs for SECURITY, AVAILABILITY and LIABILITY:
https://netknights.it/en/leistungen/service-level-agreements/

You received this message because you are subscribed to the Google
Groups “privacyidea” group.
To unsubscribe from this group and stop receiving emails from it, send
an email to privacyidea+unsubscribe@googlegroups.com.
To post to this group, send email to privacyidea@googlegroups.com.
Visit this group at https://groups.google.com/group/privacyidea.
To view this discussion on the web visit
https://groups.google.com/d/msgid/privacyidea/33bf016a-6429-45ee-a9a7-7574f97e383c%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


Cornelius Kölbel
@cornelinux
+49 151 2960 1417

NetKnights GmbH
http://www.netknights.it
Landgraf-Karl-Str. 19, 34131 Kassel, Germany
Tel: +49 561 3166797, Fax: +49 561 3166798

Amtsgericht Kassel, HRB 16405
Geschäftsführer: Cornelius Kölbel

signature.asc (836 Bytes)

Great, if you can post the issue on github and fix this on short notice
would be really nice. Let me know if there is an update.

Our company is in the proces of reviewing your software and if this
satisfies our needs we are gonna buy a service contract for sure :slight_smile:

Thanks for your time.

Kind Regards,
JohanOn Tuesday, June 14, 2016 at 1:05:33 PM UTC+2, Cornelius Kölbel wrote:

Hello JM,

thanks a lot for sending the detailed policy definition, this helps a
lot.

I can confirm this being a bug in the UI. The server provides all
information correct to the UI (default_tokentype and list of enrollable
tokens).

If you wish to, you can open an issue at
https://github.com/privacyidea/privacyidea/issues or I will do so later.

Kind regards
Cornelius

Am Dienstag, den 14.06.2016, 02:53 -0700 schrieb jmdeking:

There is no conflicting policy:

Please have a look below:

Policy Configuration

Policies define the behaviour of privacyIDEA.
To learn more about policies read [#policies]_.

The following policies are defined in your system:

test



user: **[]** 


resolver: **[]** 


active: **True** 


adminrealm: **[]** 


condition: **0** 


realm: **[u'defrealm']** 


client: **[]** 


time: **** 


action: **{u'default_tokentype': u'email'}** 


scope: **webui** 


user 

user: []

resolver: []

active: True

adminrealm: []

condition: 0

realm: [u’defrealm’]

client: []

time: ****

action: {u’enrollSMS’: True, u’enrollEMAIL’: True}

scope: user

On Monday, June 13, 2016 at 9:40:04 PM UTC+2, Cornelius Kölbel wrote:
Please take a closer look at your policies. You probably have
contradicting policies. If the user is not allowed to enroll
the token
type you define as default_tokentype things will happen, I do
not know.

    You can go to Config->System->System documentation which will 
    output a 
    restructured text. You can paste the section of your 
    policies. 
    
    Starting at 
    
       Policy Configuration 
       -------------------- 
    
    Thanks. 
    
    Am Montag, den 13.06.2016, 05:53 -0700 schrieb jmdeking: 
    > Action: 
    > I create a WebUI policy with the setting "default_tokentype" 
    to the 
    > value email or sms or whatever and assign it to my realm. 
    > 
    > 
    > Result: 
    > User logs in to webportal and when he clicks "Enroll Token" 
    the first 
    > option is sms. 
    > Above is good! Great! 
    > 
    > 
    > Problem: 
    > i also create a User policy with a random setting and assign 
    it to my 
    > realm. 
    > 
    > 
    > Problem: 
    > User logs io to webportal and when he clicks "Enroll token" 
    the first 
    > option is not sms, but another available token type. (in 
    this case 
    > email or totp) 
    > 
    > 
    > Question: What is going wrong? 
    > 
    > 
    > Things i have try'd to solve the problem: 
    > - Reverted to ;last snapshot without any configuration and 
    after 
    > configuring the same result so no success. 
    > - in the webui profile checked everything off except the 
    > "default_tokentype" alas no success. 
    > - in the user profile checked everything off except enroll 
    email and 
    > enroll sms but no success. 
    > ----------------- 
    > *** My Setup *** 
    > 
    > 
    > Privacyidea Version: 2.12.1 (from ubuntu repo) 
    > 
    > 2x LDAP Backend in a realm. 
    > 
    > 
    > pi.cfg 
    > import logging 
    > # The realm, where users are allowed to login as 
    administrators 
    > SUPERUSER_REALM = ['super'] 
    > # Your database 
    > #SQLALCHEMY_DATABASE_URI = 
    'sqlite:////etc/privacyidea/data.sqlite' 
    > # This is used to encrypt the auth_token 
    > #SECRET_KEY = 'changed' 
    > # This is used to encrypt the admin passwords 
    > #PI_PEPPER = "Never know..." 
    > # This is used to encrypt the token data and token 
    passwords 
    > PI_ENCFILE = '/etc/privacyidea/enckey' 
    > # This is used to sign the audit log 
    > # This is the dummy base class 
    > #PI_AUDIT_MODULE = 'privacyidea.lib.auditmodules.base' 
    > # This is the default 
    > #PI_AUDIT_MODULE = 'privacyidea.lib.auditmodules.sqlaudit' 
    > # This is used to sign the audit log 
    > PI_AUDIT_KEY_PRIVATE = '/etc/privacyidea/private.pem' 
    > PI_AUDIT_KEY_PUBLIC = '/etc/privacyidea/public.pem' 
    > PI_LOGFILE = '/var/log/privacyidea/privacyidea.log' 
    > PI_LOGLEVEL = logging.INFO 
    > 
    > 
    > PI_PEPPER = 'changed' 
    > SECRET_KEY = 'changed' 
    > SQLALCHEMY_DATABASE_URI = 'mysql://pi:changed@localhost/pi' 
    > 
    > 
    > 
    > 
    > ssl_access.log when of i access the "Enroll Token" page. 
    > 10.200.200.183 - - [06/Jun/2016:14:07:01 +0200] 200 
    "GET /policy/ 
    > HTTP/1.1"  1741 "https://changed/" "Mozilla/5.0 (X11; Linux 
    x86_64) 
    > AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu 
    Chromium/49.0.2623.108 
    > Chrome/49.0.2623.108 Safari/537.36" 
    > 10.200.200.183 - - [06/Jun/2016:14:07:07 +0200] 200 
    "POST /auth 
    > HTTP/1.1"  1816 "https://changed/" "Mozilla/5.0 (X11; Linux 
    x86_64) 
    > AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu 
    Chromium/49.0.2623.108 
    > Chrome/49.0.2623.108 Safari/537.36" 
    > 10.200.200.183 - - [06/Jun/2016:14:07:07 +0200] 200 
    "GET /token/ 
    > HTTP/1.1"  854 "https://changed/" "Mozilla/5.0 (X11; Linux 
    x86_64) 
    > AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu 
    Chromium/49.0.2623.108 
    > Chrome/49.0.2623.108 Safari/537.36" 
    > 10.200.200.183 - - [06/Jun/2016:14:07:07 +0200] 200 
    "GET /token/ 
    > HTTP/1.1"  854 "https://changedl/" "Mozilla/5.0 (X11; Linux 
    x86_64) 
    > AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu 
    Chromium/49.0.2623.108 
    > Chrome/49.0.2623.108 Safari/537.36" 
    > 10.200.200.183 - - [06/Jun/2016:14:07:09 +0200] 404 
    > 
    "GET /static/components/token/views/token.enrolled.email.html 
    > HTTP/1.1"  233 "https://changed/" "Mozilla/5.0 (X11; Linux 
    x86_64) 
    > AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu 
    Chromium/49.0.2623.108 
    > Chrome/49.0.2623.108 Safari/537.36" 
    > 10.200.200.183 - - [06/Jun/2016:14:07:09 +0200] 200 
    "GET /auth/rights 
    > HTTP/1.1"  926 "https://changed/" "Mozilla/5.0 (X11; Linux 
    x86_64) 
    > AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu 
    Chromium/49.0.2623.108 
    > Chrome/49.0.2623.108 Safari/537.36" 
    > 10.200.200.183 - - [06/Jun/2016:14:07:10 +0200] 404 
    > "GET /static/components/token/views/token.enrolled.sms.html 
    HTTP/1.1" 
    >  233 "https://changed/" "Mozilla/5.0 (X11; Linux x86_64) 
    > AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu 
    Chromium/49.0.2623.108 
    > Chrome/49.0.2623.108 Safari/537.36" 
    > 10.200.200.183 - - [06/Jun/2016:14:07:09 +0200] 200 
    > "GET /radiusserver/ HTTP/1.1"  789 "https://changed/" 
    "Mozilla/5.0 
    > (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) 
    Ubuntu 
    > Chromium/49.0.2623.108 Chrome/49.0.2623.108 Safari/537.36" 
    > 10.200.200.183 - - [06/Jun/2016:14:07:09 +0200] 200 
    "GET /system/ 
    > HTTP/1.1"  834 "https://changed/" "Mozilla/5.0 (X11; Linux 
    x86_64) 
    > AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu 
    Chromium/49.0.2623.108 
    > Chrome/49.0.2623.108 Safari/537.36" 
    > 10.200.200.183 - - [06/Jun/2016:14:07:09 +0200] 200 
    "GET /caconnector/ 
    > HTTP/1.1"  789 "https://changed/" "Mozilla/5.0 (X11; Linux 
    x86_64) 
    > AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu 
    Chromium/49.0.2623.108 
    > Chrome/49.0.2623.108 Safari/537.36" 
    > 
    > On Monday, June 13, 2016 at 2:00:52 PM UTC+2, Cornelius  Kölbel wrote: 
    >         My magic glass ball does not work. 
    >         Please send more information, what you have 
    configured, what 
    >         you are 
    >         doing, what you are seeing and what you expect. 
    >         
    >         https://www.privacyidea.org/getting-help/ 
    >         
    >         Am Montag, den 13.06.2016, 04:06 -0700 schrieb 
    jmdeking: 
    >         > I think i am running the latest version. 
    >         > 
    >         > 
    >         > sudo apt-get install python-privacyidea 
    >         > Pakketlijsten worden ingelezen... Klaar 
    >         > Boom van vereisten wordt opgebouwd       
    >         > De status informatie wordt gelezen... Klaar 
    >         > python-privacyidea is already latest version. 
    >         > 
    >         > 
    >         > sudo apt-cache show python-privacyidea 
    >         > Package: python-privacyidea 
    >         > Priority: optional 
    >         > Section: python 
    >         > Installed-Size: 7811 
    >         > Maintainer: Cornelius Kölbel < 
    >         > Architecture: all 
    >         > Version: 2.12.1-1trusty 
    >         > Replaces: privacyidea (<< 2.0) 
    >         > Depends: python (>= 2.7), python (<< 2.8), 
    python:any (>= 
    >         > 2.7.1-0ubuntu2), python-flask, 
    python-flask-migrate, 
    >         > python-flask-sqlalchemy, python-flask-script, 
    >         python-jinja2, 
    >         > python-mako, python-markupsafe, python-pymysql, 
    >         python-pillow, 
    >         > python-pyjwt, python-yaml, python-pygments, 
    >         python-sqlalchemy, 
    >         > python-werkzeug, alembic, python-bcrypt, 
    python-bs4, 
    >         python-cffi, 
    >         > python-configobj, python-docutils, 
    python-funcparserlib, 
    >         > python-itsdangerous, python-ldap3, 
    python-netaddr, 
    >         python-passlib, 
    >         > python-pyasn1, python-openssl, python-pycparser, 
    >         python-crypto, 
    >         > python-pyrad, python-usb, python-qrcode, 
    python-requests, 
    >         > python-sqlsoup, python-ecdsa, python-lxml, 
    python-pandas, 
    >         > python-matplotlib 
    >         > Breaks: privacyidea (<< 2.0) 
    >         > Filename: 
    >         > 
    > 

pool/main/p/python-privacyidea/python-privacyidea_2.12.1-1trusty_all.deb

    >         > Size: 1668282 
    >         > MD5sum: 33323220961aa83251d79fa768cf61a6 
    >         > SHA1: a3e951809b8490c9b05931583bf9450d373b97ad 
    >         > SHA256: 
    >         > 
    > 
    d511d991903ac319b3d72cff34435cb8da7aff12adacbfb54e36635a448f747e 
    >         > Description-en: two-factor authentication system 
    e.g. for 
    >         OTP devices 
    >         >  privacyIDEA: identity, multifactor 
    authentication, 
    >         authorization. 
    >         >  This package contains the python module for 
    privacyIDEA. If 
    >         you want 
    >         >  to run it in a productive webserver you might 
    want to 
    >         install 
    >         >  privacyidea-nginx or privacyidea-apache2. 
    >         >  privacyIDEA is an open solution for strong 
    two-factor 
    >         authentication. 
    >         >  privacyIDEA aims to not bind you to any decision 
    of the 
    >         > authentication protocol 
    >         >  or it does not dictate you where your user 
    information 
    >         should be 
    >         > stored. 
    >         >  This is achieved by its totally modular 
    architecture. 
    >         >  privacyIDEA is not only open as far as its 
    modular 
    >         architecture is 
    >         > concerned. 
    >         >  But privacyIDEA is completely licensed under the 
    AGPLv3. 
    >         > Description-md5: d83384f70b39fc92f22fd9110f628dd2 
    >         > 
    >         > On Monday, June 13, 2016 at 12:46:51 PM UTC+2,  Cornelius  Kölbel wrote: 
    >         >         Hi, 
    >         >         
    >         >         this behaviour was changed/fixed/clarified 
    in 
    >         version 2.8. 
    >         > 
    > 

https://github.com/privacyidea/privacyidea/blob/master/Changelog#L119

    >         >         
    >         >         Kind regards 
    >         >         Cornelius 
    >         >         
    >         >         Am Montag, den 13.06.2016, 03:29 -0700  schrieb 
    >         jmdeking: 
    >         >         > To be clear, the files do exist in the 
    directory 
    >         so i am not 
    >         >         sure what 
    >         >         > is happening here. 
    >         >         > 
    >         >         > 
    >         >         > 
    >         >         > 
    >         >         > On Monday, June 13, 2016 at 12:23:27 PM  UTC+2,  jmdeking  wrote: 
    >         >         >         Hi there, 
    >         >         >         
    >         >         >         
    >         >         >         I use the following setup: 
    >         >         >         
    >         >         >         
    >         >         >         Ubuntu 14.04 with Privacyidea 
    2.7 from the 
    >         provided 
    >         >         repo. 
    >         >         >         
    >         >         >         
    >         >         >         
    >         >         >         
    >         >         >         When i set a system wide policy 
    to set 
    >         the 
    >         >         default_token type 
    >         >         >         to email a user logs in but 
    doesnt get the 
    >         default 
    >         >         token i 
    >         >         >         setup in the WebUI policy: 
    >         >         >         
    >         >         >         
    >         >         >         10.200.200.183 - - 
    [13/Jun/2016:12:20:55 
    >         +0200] 404 
    >         >         > 
    >         > 
    > 
    "GET /static/components/token/views/token.enrolled.email.html 
    >         >         >         HTTP/1.1"  233 
    "https://changed/" 
    >         "Mozilla/5.0 (X11; 
    >         >         Linux 
    >         >         >         x86_64) AppleWebKit/537.36 
    (KHTML, like 
    >         Gecko) 
    >         >         Ubuntu 
    >         >         >         Chromium/49.0.2623.108 
    >         Chrome/49.0.2623.108 
    >         >         Safari/537.36" 
    >         >         >         10.200.200.183 - - 
    [13/Jun/2016:12:20:55 
    >         +0200] 404 
    >         >         > 
    >         > 
    > 
    "GET /static/components/token/views/token.enrolled.sms.html 
    >         >         >         HTTP/1.1"  233 
    "https://changed/" 
    >         "Mozilla/5.0 (X11; 
    >         >         Linux 
    >         >         >         x86_64) AppleWebKit/537.36 
    (KHTML, like 
    >         Gecko) 
    >         >         Ubuntu 
    >         >         >         Chromium/49.0.2623.108 
    >         Chrome/49.0.2623.108 
    >         >         Safari/537.36" 
    >         >         >         
    >         >         >         
    >         >         >         Do you know what i going wrong 
    here? 
    >         >         >         
    >         >         >         
    >         >         >         
    >         >         >         
    >         >         >         
    >         >         >         
    >         >         >         PI.CFG: 
    >         >         >         
    >         >         >         
    >         >         >         import logging 
    >         >         >         # The realm, where users are 
    allowed to 
    >         login as 
    >         >         >         administrators 
    >         >         >         SUPERUSER_REALM = ['super'] 
    >         >         >         # Your database 
    >         >         >         #SQLALCHEMY_DATABASE_URI = 
    >         >         > 
    'sqlite:////etc/privacyidea/data.sqlite' 
    >         >         >         # This is used to encrypt the 
    auth_token 
    >         >         >         #SECRET_KEY = 't0p s3cr3t' 
    >         >         >         # This is used to encrypt the 
    admin 
    >         passwords 
    >         >         >         #PI_PEPPER = "Never know..." 
    >         >         >         # This is used to encrypt the 
    token data 
    >         and token 
    >         >         passwords 
    >         >         >         PI_ENCFILE = 
    '/etc/privacyidea/enckey' 
    >         >         >         # This is used to sign the audit 
    log 
    >         >         >         # This is the dummy base class 
    >         >         >         #PI_AUDIT_MODULE = 
    >         >         'privacyidea.lib.auditmodules.base' 
    >         >         >         # This is the default 
    >         >         >         #PI_AUDIT_MODULE = 
    >         >         'privacyidea.lib.auditmodules.sqlaudit' 
    >         >         >         # This is used to sign the audit 
    log 
    >         >         >         PI_AUDIT_KEY_PRIVATE = 
    >         >         '/etc/privacyidea/private.pem' 
    >         >         >         PI_AUDIT_KEY_PUBLIC = 
    >         '/etc/privacyidea/public.pem' 
    >         >         >         PI_LOGFILE = 
    >         '/var/log/privacyidea/privacyidea.log' 
    >         >         >         PI_LOGLEVEL = logging.INFO 
    >         >         >         
    >         >         >         
    >         >         >         #PI_CUSTOMIZATION = "/" 
    >         >         >         
    >         >         >         
    >         >         >         #PI_CSS = 
    >         > 
    '/static/customize/css/bootstrap-theme.css' 
    >         >         >         
    >         >         >         
    >         >         >         PI_PEPPER = 'changed' 
    >         >         >         SECRET_KEY = 'changed' 
    >         >         >         SQLALCHEMY_DATABASE_URI = 
    >         >         'mysql://pi:changed@localhost/pi' 
    >         >         > -- 
    >         >         > Please read the blog post about getting 
    help 
    >         >         > 
    https://www.privacyidea.org/getting-help/. 
    >         >         >   
    >         >         > For professional services and 
    consultancy 
    >         regarding two 
    >         >         factor 
    >         >         > authentication please visit 
    >         >         > 
    > 
    https://netknights.it/en/leistungen/one-time-services/ 
    >         >         >   
    >         >         > In an enterprise environment you should 
    get a 
    >         SERVICE LEVEL 
    >         >         AGREEMENT 
    >         >         > which suites your needs for SECURITY, 
    AVAILABILITY 
    >         and 
    >         >         LIABILITY: 
    >         >         > 
    >         > 
    > 
    https://netknights.it/en/leistungen/service-level-agreements/ 
    >         >         > --- 
    >         >         > You received this message because you 
    are 
    >         subscribed to the 
    >         >         Google 
    >         >         > Groups "privacyidea" group. 
    >         >         > To unsubscribe from this group and stop 
    receiving 
    >         emails 
    >         >         from it, send 
    >         >         > an email to 
    privacyidea...@googlegroups.com. 
    >         >         > To post to this group, send email to 
    >         >         priva...@googlegroups.com. 
    >         >         > Visit this group at 
    >         > 
    https://groups.google.com/group/privacyidea. 
    >         >         > To view this discussion on the web 
    visit 
    >         >         > 
    >         > 
    > 

https://groups.google.com/d/msgid/privacyidea/74fc71fb-b8ea-4076-a8d2-a7b16bdb7bb6%40googlegroups.com.

    >         >         > For more options, visit 
    >         https://groups.google.com/d/optout. 
    >         >         
    >         >         -- 
    >         >         Cornelius Kölbel 
    >         >         corneliu...@netknights.it 
    >         >         +49 151 2960 1417 
    >         >         
    >         >         NetKnights GmbH 
    >         >         http://www.netknights.it 
    >         >         Landgraf-Karl-Str. 19, 34131 Kassel, 
    Germany 
    >         >         Tel: +49 561 3166797, Fax: +49 561 
    3166798 
    >         >         
    >         >         Amtsgericht Kassel, HRB 16405 
    >         >         Geschäftsführer: Cornelius Kölbel 
    >         >         
    >         >         
    >         > -- 
    >         > Please read the blog post about getting help 
    >         > https://www.privacyidea.org/getting-help/. 
    >         >   
    >         > For professional services and consultancy 
    regarding two 
    >         factor 
    >         > authentication please visit 
    >         > 
    https://netknights.it/en/leistungen/one-time-services/ 
    >         >   
    >         > In an enterprise environment you should get a 
    SERVICE LEVEL 
    >         AGREEMENT 
    >         > which suites your needs for SECURITY, AVAILABILITY 
    and 
    >         LIABILITY: 
    >         > 
    > 
    https://netknights.it/en/leistungen/service-level-agreements/ 
    >         > --- 
    >         > You received this message because you are 
    subscribed to the 
    >         Google 
    >         > Groups "privacyidea" group. 
    >         > To unsubscribe from this group and stop receiving 
    emails 
    >         from it, send 
    >         > an email to privacyidea...@googlegroups.com. 
    >         > To post to this group, send email to 
    >         priva...@googlegroups.com. 
    >         > Visit this group at 
    >         https://groups.google.com/group/privacyidea. 
    >         > To view this discussion on the web visit 
    >         > 
    > 

https://groups.google.com/d/msgid/privacyidea/ef7fd503-e74e-47e9-8421-68fb3b1a30bb%40googlegroups.com.

    >         > For more options, visit 
    https://groups.google.com/d/optout. 
    >         
    >         -- 
    >         Cornelius Kölbel 
    >         corneliu...@netknights.it 
    >         +49 151 2960 1417 
    >         
    >         NetKnights GmbH 
    >         http://www.netknights.it 
    >         Landgraf-Karl-Str. 19, 34131 Kassel, Germany 
    >         Tel: +49 561 3166797, Fax: +49 561 3166798 
    >         
    >         Amtsgericht Kassel, HRB 16405 
    >         Geschäftsführer: Cornelius Kölbel 
    >         
    >         
    > -- 
    > Please read the blog post about getting help 
    > https://www.privacyidea.org/getting-help/. 
    >   
    > For professional services and consultancy regarding two 
    factor 
    > authentication please visit 
    > https://netknights.it/en/leistungen/one-time-services/ 
    >   
    > In an enterprise environment you should get a SERVICE LEVEL 
    AGREEMENT 
    > which suites your needs for SECURITY, AVAILABILITY and 
    LIABILITY: 
    > 
    https://netknights.it/en/leistungen/service-level-agreements/ 
    > --- 
    > You received this message because you are subscribed to the 
    Google 
    > Groups "privacyidea" group. 
    > To unsubscribe from this group and stop receiving emails 
    from it, send 
    > an email to privacyidea...@googlegroups.com. 
    > To post to this group, send email to 
    priva...@googlegroups.com. 
    > Visit this group at 
    https://groups.google.com/group/privacyidea. 
    > To view this discussion on the web visit 
    > 

https://groups.google.com/d/msgid/privacyidea/25228782-5705-431c-82f1-4e6e5775d782%40googlegroups.com.

    > For more options, visit https://groups.google.com/d/optout. 
    
    -- 
    Cornelius Kölbel 
    corneliu...@netknights.it 
    +49 151 2960 1417 
    
    NetKnights GmbH 
    http://www.netknights.it 
    Landgraf-Karl-Str. 19, 34131 Kassel, Germany 
    Tel: +49 561 3166797, Fax: +49 561 3166798 
    
    Amtsgericht Kassel, HRB 16405 
    Geschäftsführer: Cornelius Kölbel 


Please read the blog post about getting help
https://www.privacyidea.org/getting-help/.

For professional services and consultancy regarding two factor
authentication please visit
https://netknights.it/en/leistungen/one-time-services/

In an enterprise environment you should get a SERVICE LEVEL AGREEMENT
which suites your needs for SECURITY, AVAILABILITY and LIABILITY:
https://netknights.it/en/leistungen/service-level-agreements/

You received this message because you are subscribed to the Google
Groups “privacyidea” group.
To unsubscribe from this group and stop receiving emails from it, send
an email to privacyidea...@googlegroups.com <javascript:>.
To post to this group, send email to priva...@googlegroups.com
<javascript:>.
Visit this group at https://groups.google.com/group/privacyidea.
To view this discussion on the web visit

https://groups.google.com/d/msgid/privacyidea/1553807c-aad2-4871-a4b1-06662671edbd%40googlegroups.com.

For more options, visit https://groups.google.com/d/optout.


Cornelius Kölbel
corneliu...@netknights.it <javascript:>
+49 151 2960 1417

NetKnights GmbH
http://www.netknights.it
Landgraf-Karl-Str. 19, 34131 Kassel, Germany
Tel: +49 561 3166797, Fax: +49 561 3166798

Amtsgericht Kassel, HRB 16405
Geschäftsführer: Cornelius Kölbel

I just uploaded the source.
I will take a time for processing. The package privacyidea 2.13-dev1
will be available in may be half an hour.

Kind regards
CorneliusAm Dienstag, den 14.06.2016, 05:19 -0700 schrieb jmdeking:

Great, if you can post the issue on github and fix this on short
notice would be really nice. Let me know if there is an update.

Our company is in the proces of reviewing your software and if this
satisfies our needs we are gonna buy a service contract for sure :slight_smile:

Thanks for your time.

Kind Regards,
Johan

On Tuesday, June 14, 2016 at 1:05:33 PM UTC+2, Cornelius Kölbel wrote:
Hello JM,

    thanks a lot for sending the detailed policy definition, this
    helps a 
    lot. 
    
    I can confirm this being a bug in the UI. The server provides
    all 
    information correct to the UI (default_tokentype and list of
    enrollable 
    tokens). 
    
    If you wish to, you can open an issue at 
    https://github.com/privacyidea/privacyidea/issues or I will do
    so later. 
    
    Kind regards 
    Cornelius 
    
    Am Dienstag, den 14.06.2016, 02:53 -0700 schrieb jmdeking: 
    > There is no conflicting policy: 
    > 
    > 
    > Please have a look below: 
    > --------------------------------------------- 
    > Policy Configuration 
    > -------------------- 
    > Policies define the behaviour of privacyIDEA. 
    > To learn more about policies read [#policies]_. 
    > 
    > 
    > The following policies are defined in your system: 
    > 
    > 
    > test 
    > ~~~~~~~~~~~~~~~~~ 
    > 
    > 
    > user: **[]** 
    > 
    > 
    > resolver: **[]** 
    > 
    > 
    > active: **True** 
    > 
    > 
    > adminrealm: **[]** 
    > 
    > 
    > condition: **0** 
    > 
    > 
    > realm: **[u'defrealm']** 
    > 
    > 
    > client: **[]** 
    > 
    > 
    > time: **** 
    > 
    > 
    > action: **{u'default_tokentype': u'email'}** 
    > 
    > 
    > scope: **webui** 
    > 
    > 
    > user 
    > ~~~~~~~~~~~~~~~~~ 
    > 
    > 
    > user: **[]** 
    > 
    > 
    > resolver: **[]** 
    > 
    > 
    > active: **True** 
    > 
    > 
    > adminrealm: **[]** 
    > 
    > 
    > condition: **0** 
    > 
    > 
    > realm: **[u'defrealm']** 
    > 
    > 
    > client: **[]** 
    > 
    > 
    > time: **** 
    > 
    > 
    > action: **{u'enrollSMS': True, u'enrollEMAIL': True}** 
    > 
    > 
    > scope: **user** 
    > 
    > On Monday, June 13, 2016 at 9:40:04 PM UTC+2, Cornelius Kölbel wrote: 
    >         Please take a closer look at your policies. You
    probably have 
    >         contradicting policies. If the user is not allowed
    to enroll 
    >         the token 
    >         type you define as default_tokentype things will
    happen, I do 
    >         not know. 
    >         
    >         You can go to Config->System->System documentation
    which will 
    >         output a 
    >         restructured text. You can paste the section of
    your 
    >         policies. 
    >         
    >         Starting at 
    >         
    >            Policy Configuration 
    >            -------------------- 
    >         
    >         Thanks. 
    >         
    >         Am Montag, den 13.06.2016, 05:53 -0700 schrieb
    jmdeking: 
    >         > Action: 
    >         > I create a WebUI policy with the setting
    "default_tokentype" 
    >         to the 
    >         > value email or sms or whatever and assign it to my
    realm. 
    >         > 
    >         > 
    >         > Result: 
    >         > User logs in to webportal and when he clicks
    "Enroll Token" 
    >         the first 
    >         > option is sms. 
    >         > Above is good! Great! 
    >         > 
    >         > 
    >         > Problem: 
    >         > i also create a User policy with a random setting
    and assign 
    >         it to my 
    >         > realm. 
    >         > 
    >         > 
    >         > Problem: 
    >         > User logs io to webportal and when he clicks
    "Enroll token" 
    >         the first 
    >         > option is not sms, but another available token
    type. (in 
    >         this case 
    >         > email or totp) 
    >         > 
    >         > 
    >         > Question: What is going wrong? 
    >         > 
    >         > 
    >         > Things i have try'd to solve the problem: 
    >         > - Reverted to ;last snapshot without any
    configuration and 
    >         after 
    >         > configuring the same result so no success. 
    >         > - in the webui profile checked everything off
    except the 
    >         > "default_tokentype" alas no success. 
    >         > - in the user profile checked everything off
    except enroll 
    >         email and 
    >         > enroll sms but no success. 
    >         > ----------------- 
    >         > *** My Setup *** 
    >         > 
    >         > 
    >         > Privacyidea Version: 2.12.1 (from ubuntu repo) 
    >         > 
    >         > 2x LDAP Backend in a realm. 
    >         > 
    >         > 
    >         > pi.cfg 
    >         > import logging 
    >         > # The realm, where users are allowed to login as 
    >         administrators 
    >         > SUPERUSER_REALM = ['super'] 
    >         > # Your database 
    >         > #SQLALCHEMY_DATABASE_URI = 
    >         'sqlite:////etc/privacyidea/data.sqlite' 
    >         > # This is used to encrypt the auth_token 
    >         > #SECRET_KEY = 'changed' 
    >         > # This is used to encrypt the admin passwords 
    >         > #PI_PEPPER = "Never know..." 
    >         > # This is used to encrypt the token data and
    token 
    >         passwords 
    >         > PI_ENCFILE = '/etc/privacyidea/enckey' 
    >         > # This is used to sign the audit log 
    >         > # This is the dummy base class 
    >         > #PI_AUDIT_MODULE =
    'privacyidea.lib.auditmodules.base' 
    >         > # This is the default 
    >         > #PI_AUDIT_MODULE =
    'privacyidea.lib.auditmodules.sqlaudit' 
    >         > # This is used to sign the audit log 
    >         > PI_AUDIT_KEY_PRIVATE =
    '/etc/privacyidea/private.pem' 
    >         > PI_AUDIT_KEY_PUBLIC =
    '/etc/privacyidea/public.pem' 
    >         > PI_LOGFILE =
    '/var/log/privacyidea/privacyidea.log' 
    >         > PI_LOGLEVEL = logging.INFO 
    >         > 
    >         > 
    >         > PI_PEPPER = 'changed' 
    >         > SECRET_KEY = 'changed' 
    >         > SQLALCHEMY_DATABASE_URI =
    'mysql://pi:changed@localhost/pi' 
    >         > 
    >         > 
    >         > 
    >         > 
    >         > ssl_access.log when of i access the "Enroll Token"
    page. 
    >         > 10.200.200.183 - - [06/Jun/2016:14:07:01 +0200]
    200 
    >         "GET /policy/ 
    >         > HTTP/1.1"  1741 "https://changed/" "Mozilla/5.0
    (X11; Linux 
    >         x86_64) 
    >         > AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu 
    >         Chromium/49.0.2623.108 
    >         > Chrome/49.0.2623.108 Safari/537.36" 
    >         > 10.200.200.183 - - [06/Jun/2016:14:07:07 +0200]
    200 
    >         "POST /auth 
    >         > HTTP/1.1"  1816 "https://changed/" "Mozilla/5.0
    (X11; Linux 
    >         x86_64) 
    >         > AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu 
    >         Chromium/49.0.2623.108 
    >         > Chrome/49.0.2623.108 Safari/537.36" 
    >         > 10.200.200.183 - - [06/Jun/2016:14:07:07 +0200]
    200 
    >         "GET /token/ 
    >         > HTTP/1.1"  854 "https://changed/" "Mozilla/5.0
    (X11; Linux 
    >         x86_64) 
    >         > AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu 
    >         Chromium/49.0.2623.108 
    >         > Chrome/49.0.2623.108 Safari/537.36" 
    >         > 10.200.200.183 - - [06/Jun/2016:14:07:07 +0200]
    200 
    >         "GET /token/ 
    >         > HTTP/1.1"  854 "https://changedl/" "Mozilla/5.0
    (X11; Linux 
    >         x86_64) 
    >         > AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu 
    >         Chromium/49.0.2623.108 
    >         > Chrome/49.0.2623.108 Safari/537.36" 
    >         > 10.200.200.183 - - [06/Jun/2016:14:07:09 +0200]
    404 
    >         > 
    >
    "GET /static/components/token/views/token.enrolled.email.html 
    >         > HTTP/1.1"  233 "https://changed/" "Mozilla/5.0
    (X11; Linux 
    >         x86_64) 
    >         > AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu 
    >         Chromium/49.0.2623.108 
    >         > Chrome/49.0.2623.108 Safari/537.36" 
    >         > 10.200.200.183 - - [06/Jun/2016:14:07:09 +0200]
    200 
    >         "GET /auth/rights 
    >         > HTTP/1.1"  926 "https://changed/" "Mozilla/5.0
    (X11; Linux 
    >         x86_64) 
    >         > AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu 
    >         Chromium/49.0.2623.108 
    >         > Chrome/49.0.2623.108 Safari/537.36" 
    >         > 10.200.200.183 - - [06/Jun/2016:14:07:10 +0200]
    404 
    >         >
    "GET /static/components/token/views/token.enrolled.sms.html 
    >         HTTP/1.1" 
    >         >  233 "https://changed/" "Mozilla/5.0 (X11; Linux
    x86_64) 
    >         > AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu 
    >         Chromium/49.0.2623.108 
    >         > Chrome/49.0.2623.108 Safari/537.36" 
    >         > 10.200.200.183 - - [06/Jun/2016:14:07:09 +0200]
    200 
    >         > "GET /radiusserver/ HTTP/1.1"  789
    "https://changed/" 
    >         "Mozilla/5.0 
    >         > (X11; Linux x86_64) AppleWebKit/537.36 (KHTML,
    like Gecko) 
    >         Ubuntu 
    >         > Chromium/49.0.2623.108 Chrome/49.0.2623.108
    Safari/537.36" 
    >         > 10.200.200.183 - - [06/Jun/2016:14:07:09 +0200]
    200 
    >         "GET /system/ 
    >         > HTTP/1.1"  834 "https://changed/" "Mozilla/5.0
    (X11; Linux 
    >         x86_64) 
    >         > AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu 
    >         Chromium/49.0.2623.108 
    >         > Chrome/49.0.2623.108 Safari/537.36" 
    >         > 10.200.200.183 - - [06/Jun/2016:14:07:09 +0200]
    200 
    >         "GET /caconnector/ 
    >         > HTTP/1.1"  789 "https://changed/" "Mozilla/5.0
    (X11; Linux 
    >         x86_64) 
    >         > AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu 
    >         Chromium/49.0.2623.108 
    >         > Chrome/49.0.2623.108 Safari/537.36" 
    >         > 
    >         > On Monday, June 13, 2016 at 2:00:52 PM UTC+2, Cornelius  Kölbel wrote: 
    >         >         My magic glass ball does not work. 
    >         >         Please send more information, what you
    have 
    >         configured, what 
    >         >         you are 
    >         >         doing, what you are seeing and what you
    expect. 
    >         >         
    >         >         https://www.privacyidea.org/getting-help/ 
    >         >         
    >         >         Am Montag, den 13.06.2016, 04:06 -0700 schrieb 
    >         jmdeking: 
    >         >         > I think i am running the latest
    version. 
    >         >         > 
    >         >         > 
    >         >         > sudo apt-get install python-privacyidea 
    >         >         > Pakketlijsten worden ingelezen... Klaar 
    >         >         > Boom van vereisten wordt opgebouwd
      
    >         >         > De status informatie wordt gelezen...
    Klaar 
    >         >         > python-privacyidea is already latest
    version. 
    >         >         > 
    >         >         > 
    >         >         > sudo apt-cache show python-privacyidea 
    >         >         > Package: python-privacyidea 
    >         >         > Priority: optional 
    >         >         > Section: python 
    >         >         > Installed-Size: 7811 
    >         >         > Maintainer: Cornelius Kölbel < 
    >         >         > Architecture: all 
    >         >         > Version: 2.12.1-1trusty 
    >         >         > Replaces: privacyidea (<< 2.0) 
    >         >         > Depends: python (>= 2.7), python (<<
    2.8), 
    >         python:any (>= 
    >         >         > 2.7.1-0ubuntu2), python-flask, 
    >         python-flask-migrate, 
    >         >         > python-flask-sqlalchemy,
    python-flask-script, 
    >         >         python-jinja2, 
    >         >         > python-mako, python-markupsafe,
    python-pymysql, 
    >         >         python-pillow, 
    >         >         > python-pyjwt, python-yaml,
    python-pygments, 
    >         >         python-sqlalchemy, 
    >         >         > python-werkzeug, alembic,
    python-bcrypt, 
    >         python-bs4, 
    >         >         python-cffi, 
    >         >         > python-configobj, python-docutils, 
    >         python-funcparserlib, 
    >         >         > python-itsdangerous, python-ldap3, 
    >         python-netaddr, 
    >         >         python-passlib, 
    >         >         > python-pyasn1, python-openssl,
    python-pycparser, 
    >         >         python-crypto, 
    >         >         > python-pyrad, python-usb,
    python-qrcode, 
    >         python-requests, 
    >         >         > python-sqlsoup, python-ecdsa,
    python-lxml, 
    >         python-pandas, 
    >         >         > python-matplotlib 
    >         >         > Breaks: privacyidea (<< 2.0) 
    >         >         > Filename: 
    >         >         > 
    >         > 
    >
    pool/main/p/python-privacyidea/python-privacyidea_2.12.1-1trusty_all.deb 
    >         >         > Size: 1668282 
    >         >         > MD5sum:
    33323220961aa83251d79fa768cf61a6 
    >         >         > SHA1:
    a3e951809b8490c9b05931583bf9450d373b97ad 
    >         >         > SHA256: 
    >         >         > 
    >         > 
    >
    d511d991903ac319b3d72cff34435cb8da7aff12adacbfb54e36635a448f747e 
    >         >         > Description-en: two-factor
    authentication system 
    >         e.g. for 
    >         >         OTP devices 
    >         >         >  privacyIDEA: identity, multifactor 
    >         authentication, 
    >         >         authorization. 
    >         >         >  This package contains the python module
    for 
    >         privacyIDEA. If 
    >         >         you want 
    >         >         >  to run it in a productive webserver you
    might 
    >         want to 
    >         >         install 
    >         >         >  privacyidea-nginx or
    privacyidea-apache2. 
    >         >         >  privacyIDEA is an open solution for
    strong 
    >         two-factor 
    >         >         authentication. 
    >         >         >  privacyIDEA aims to not bind you to any
    decision 
    >         of the 
    >         >         > authentication protocol 
    >         >         >  or it does not dictate you where your
    user 
    >         information 
    >         >         should be 
    >         >         > stored. 
    >         >         >  This is achieved by its totally
    modular 
    >         architecture. 
    >         >         >  privacyIDEA is not only open as far as
    its 
    >         modular 
    >         >         architecture is 
    >         >         > concerned. 
    >         >         >  But privacyIDEA is completely licensed
    under the 
    >         AGPLv3. 
    >         >         > Description-md5:
    d83384f70b39fc92f22fd9110f628dd2 
    >         >         > 
    >         >         > On Monday, June 13, 2016 at 12:46:51 PM UTC+2,  Cornelius  Kölbel wrote: 
    >         >         >         Hi, 
    >         >         >         
    >         >         >         this behaviour was
    changed/fixed/clarified 
    >         in 
    >         >         version 2.8. 
    >         >         > 
    >         > 
    >
    https://github.com/privacyidea/privacyidea/blob/master/Changelog#L119 
    >         >         >         
    >         >         >         Kind regards 
    >         >         >         Cornelius 
    >         >         >         
    >         >         >         Am Montag, den 13.06.2016, 03:29 0700  schrieb 
    >         >         jmdeking: 
    >         >         >         > To be clear, the files do
    exist in the 
    >         directory 
    >         >         so i am not 
    >         >         >         sure what 
    >         >         >         > is happening here. 
    >         >         >         > 
    >         >         >         > 
    >         >         >         > 
    >         >         >         > 
    >         >         >         > On Monday, June 13, 2016 at 12:23:27 PM  UTC+2,  jmdeking  wrote: 
    >         >         >         >         Hi there, 
    >         >         >         >         
    >         >         >         >         
    >         >         >         >         I use the following
    setup: 
    >         >         >         >         
    >         >         >         >         
    >         >         >         >         Ubuntu 14.04 with
    Privacyidea 
    >         2.7 from the 
    >         >         provided 
    >         >         >         repo. 
    >         >         >         >         
    >         >         >         >         
    >         >         >         >         
    >         >         >         >         
    >         >         >         >         When i set a system
    wide policy 
    >         to set 
    >         >         the 
    >         >         >         default_token type 
    >         >         >         >         to email a user logs
    in but 
    >         doesnt get the 
    >         >         default 
    >         >         >         token i 
    >         >         >         >         setup in the WebUI
    policy: 
    >         >         >         >         
    >         >         >         >         
    >         >         >         >         10.200.200.183 - - 
    >         [13/Jun/2016:12:20:55 
    >         >         +0200] 404 
    >         >         >         > 
    >         >         > 
    >         > 
    >
    "GET /static/components/token/views/token.enrolled.email.html 
    >         >         >         >         HTTP/1.1"  233 
    >         "https://changed/" 
    >         >         "Mozilla/5.0 (X11; 
    >         >         >         Linux 
    >         >         >         >         x86_64)
    AppleWebKit/537.36 
    >         (KHTML, like 
    >         >         Gecko) 
    >         >         >         Ubuntu 
    >         >         >         >
    Chromium/49.0.2623.108 
    >         >         Chrome/49.0.2623.108 
    >         >         >         Safari/537.36" 
    >         >         >         >         10.200.200.183 - - 
    >         [13/Jun/2016:12:20:55 
    >         >         +0200] 404 
    >         >         >         > 
    >         >         > 
    >         > 
    >
    "GET /static/components/token/views/token.enrolled.sms.html 
    >         >         >         >         HTTP/1.1"  233 
    >         "https://changed/" 
    >         >         "Mozilla/5.0 (X11; 
    >         >         >         Linux 
    >         >         >         >         x86_64)
    AppleWebKit/537.36 
    >         (KHTML, like 
    >         >         Gecko) 
    >         >         >         Ubuntu 
    >         >         >         >
    Chromium/49.0.2623.108 
    >         >         Chrome/49.0.2623.108 
    >         >         >         Safari/537.36" 
    >         >         >         >         
    >         >         >         >         
    >         >         >         >         Do you know what i
    going wrong 
    >         here? 
    >         >         >         >         
    >         >         >         >         
    >         >         >         >         
    >         >         >         >         
    >         >         >         >         
    >         >         >         >         
    >         >         >         >         PI.CFG: 
    >         >         >         >         
    >         >         >         >         
    >         >         >         >         import logging 
    >         >         >         >         # The realm, where
    users are 
    >         allowed to 
    >         >         login as 
    >         >         >         >         administrators 
    >         >         >         >         SUPERUSER_REALM =
    ['super'] 
    >         >         >         >         # Your database 
    >         >         >         >
    #SQLALCHEMY_DATABASE_URI = 
    >         >         >         > 
    >         'sqlite:////etc/privacyidea/data.sqlite' 
    >         >         >         >         # This is used to
    encrypt the 
    >         auth_token 
    >         >         >         >         #SECRET_KEY = 't0p
    s3cr3t' 
    >         >         >         >         # This is used to
    encrypt the 
    >         admin 
    >         >         passwords 
    >         >         >         >         #PI_PEPPER = "Never
    know..." 
    >         >         >         >         # This is used to
    encrypt the 
    >         token data 
    >         >         and token 
    >         >         >         passwords 
    >         >         >         >         PI_ENCFILE = 
    >         '/etc/privacyidea/enckey' 
    >         >         >         >         # This is used to sign
    the audit 
    >         log 
    >         >         >         >         # This is the dummy
    base class 
    >         >         >         >         #PI_AUDIT_MODULE = 
    >         >         >
    'privacyidea.lib.auditmodules.base' 
    >         >         >         >         # This is the default 
    >         >         >         >         #PI_AUDIT_MODULE = 
    >         >         >
    'privacyidea.lib.auditmodules.sqlaudit' 
    >         >         >         >         # This is used to sign
    the audit 
    >         log 
    >         >         >         >         PI_AUDIT_KEY_PRIVATE
    = 
    >         >         >         '/etc/privacyidea/private.pem' 
    >         >         >         >         PI_AUDIT_KEY_PUBLIC = 
    >         >         '/etc/privacyidea/public.pem' 
    >         >         >         >         PI_LOGFILE = 
    >         >         '/var/log/privacyidea/privacyidea.log' 
    >         >         >         >         PI_LOGLEVEL =
    logging.INFO 
    >         >         >         >         
    >         >         >         >         
    >         >         >         >         #PI_CUSTOMIZATION =
    "/" 
    >         >         >         >         
    >         >         >         >         
    >         >         >         >         #PI_CSS = 
    >         >         > 
    >         '/static/customize/css/bootstrap-theme.css' 
    >         >         >         >         
    >         >         >         >         
    >         >         >         >         PI_PEPPER = 'changed' 
    >         >         >         >         SECRET_KEY =
    'changed' 
    >         >         >         >
    SQLALCHEMY_DATABASE_URI = 
    >         >         >
    'mysql://pi:changed@localhost/pi' 
    >         >         >         > -- 
    >         >         >         > Please read the blog post
    about getting 
    >         help 
    >         >         >         > 
    >         https://www.privacyidea.org/getting-help/. 
    >         >         >         >   
    >         >         >         > For professional services and 
    >         consultancy 
    >         >         regarding two 
    >         >         >         factor 
    >         >         >         > authentication please visit 
    >         >         >         > 
    >         > 
    >
    https://netknights.it/en/leistungen/one-time-services/ 
    >         >         >         >   
    >         >         >         > In an enterprise environment
    you should 
    >         get a 
    >         >         SERVICE LEVEL 
    >         >         >         AGREEMENT 
    >         >         >         > which suites your needs for
    SECURITY, 
    >         AVAILABILITY 
    >         >         and 
    >         >         >         LIABILITY: 
    >         >         >         > 
    >         >         > 
    >         > 
    >
    https://netknights.it/en/leistungen/service-level-agreements/ 
    >         >         >         > --- 
    >         >         >         > You received this message
    because you 
    >         are 
    >         >         subscribed to the 
    >         >         >         Google 
    >         >         >         > Groups "privacyidea" group. 
    >         >         >         > To unsubscribe from this group
    and stop 
    >         receiving 
    >         >         emails 
    >         >         >         from it, send 
    >         >         >         > an email to 
    >         privacyidea...@googlegroups.com. 
    >         >         >         > To post to this group, send
    email to 
    >         >         >         priva...@googlegroups.com. 
    >         >         >         > Visit this group at 
    >         >         > 
    >         https://groups.google.com/group/privacyidea. 
    >         >         >         > To view this discussion on the
    web 
    >         visit 
    >         >         >         > 
    >         >         > 
    >         > 
    >
    https://groups.google.com/d/msgid/privacyidea/74fc71fb-b8ea-4076-a8d2-a7b16bdb7bb6%40googlegroups.com. 
    >         >         >         > For more options, visit 
    >         >         https://groups.google.com/d/optout. 
    >         >         >         
    >         >         >         -- 
    >         >         >         Cornelius Kölbel 
    >         >         >         corneliu...@netknights.it 
    >         >         >         +49 151 2960 1417 
    >         >         >         
    >         >         >         NetKnights GmbH 
    >         >         >         http://www.netknights.it 
    >         >         >         Landgraf-Karl-Str. 19, 34131
    Kassel, 
    >         Germany 
    >         >         >         Tel: +49 561 3166797, Fax: +49
    561 
    >         3166798 
    >         >         >         
    >         >         >         Amtsgericht Kassel, HRB 16405 
    >         >         >         Geschäftsführer: Cornelius
    Kölbel 
    >         >         >         
    >         >         >         
    >         >         > -- 
    >         >         > Please read the blog post about getting
    help 
    >         >         >
    https://www.privacyidea.org/getting-help/. 
    >         >         >   
    >         >         > For professional services and
    consultancy 
    >         regarding two 
    >         >         factor 
    >         >         > authentication please visit 
    >         >         > 
    >
    https://netknights.it/en/leistungen/one-time-services/ 
    >         >         >   
    >         >         > In an enterprise environment you should
    get a 
    >         SERVICE LEVEL 
    >         >         AGREEMENT 
    >         >         > which suites your needs for SECURITY,
    AVAILABILITY 
    >         and 
    >         >         LIABILITY: 
    >         >         > 
    >         > 
    >
    https://netknights.it/en/leistungen/service-level-agreements/ 
    >         >         > --- 
    >         >         > You received this message because you
    are 
    >         subscribed to the 
    >         >         Google 
    >         >         > Groups "privacyidea" group. 
    >         >         > To unsubscribe from this group and stop
    receiving 
    >         emails 
    >         >         from it, send 
    >         >         > an email to
    privacyidea...@googlegroups.com. 
    >         >         > To post to this group, send email to 
    >         >         priva...@googlegroups.com. 
    >         >         > Visit this group at 
    >         >
    https://groups.google.com/group/privacyidea. 
    >         >         > To view this discussion on the web
    visit 
    >         >         > 
    >         > 
    >
    https://groups.google.com/d/msgid/privacyidea/ef7fd503-e74e-47e9-8421-68fb3b1a30bb%40googlegroups.com. 
    >         >         > For more options, visit 
    >         https://groups.google.com/d/optout. 
    >         >         
    >         >         -- 
    >         >         Cornelius Kölbel 
    >         >         corneliu...@netknights.it 
    >         >         +49 151 2960 1417 
    >         >         
    >         >         NetKnights GmbH 
    >         >         http://www.netknights.it 
    >         >         Landgraf-Karl-Str. 19, 34131 Kassel,
    Germany 
    >         >         Tel: +49 561 3166797, Fax: +49 561
    3166798 
    >         >         
    >         >         Amtsgericht Kassel, HRB 16405 
    >         >         Geschäftsführer: Cornelius Kölbel 
    >         >         
    >         >         
    >         > -- 
    >         > Please read the blog post about getting help 
    >         > https://www.privacyidea.org/getting-help/. 
    >         >   
    >         > For professional services and consultancy
    regarding two 
    >         factor 
    >         > authentication please visit 
    >         >
    https://netknights.it/en/leistungen/one-time-services/ 
    >         >   
    >         > In an enterprise environment you should get a
    SERVICE LEVEL 
    >         AGREEMENT 
    >         > which suites your needs for SECURITY, AVAILABILITY
    and 
    >         LIABILITY: 
    >         > 
    >
    https://netknights.it/en/leistungen/service-level-agreements/ 
    >         > --- 
    >         > You received this message because you are
    subscribed to the 
    >         Google 
    >         > Groups "privacyidea" group. 
    >         > To unsubscribe from this group and stop receiving
    emails 
    >         from it, send 
    >         > an email to privacyidea...@googlegroups.com. 
    >         > To post to this group, send email to 
    >         priva...@googlegroups.com. 
    >         > Visit this group at 
    >         https://groups.google.com/group/privacyidea. 
    >         > To view this discussion on the web visit 
    >         > 
    >
    https://groups.google.com/d/msgid/privacyidea/25228782-5705-431c-82f1-4e6e5775d782%40googlegroups.com. 
    >         > For more options, visit
    https://groups.google.com/d/optout. 
    >         
    >         -- 
    >         Cornelius Kölbel 
    >         corneliu...@netknights.it 
    >         +49 151 2960 1417 
    >         
    >         NetKnights GmbH 
    >         http://www.netknights.it 
    >         Landgraf-Karl-Str. 19, 34131 Kassel, Germany 
    >         Tel: +49 561 3166797, Fax: +49 561 3166798 
    >         
    >         Amtsgericht Kassel, HRB 16405 
    >         Geschäftsführer: Cornelius Kölbel 
    >         
    >         
    > -- 
    > Please read the blog post about getting help 
    > https://www.privacyidea.org/getting-help/. 
    >   
    > For professional services and consultancy regarding two
    factor 
    > authentication please visit 
    > https://netknights.it/en/leistungen/one-time-services/ 
    >   
    > In an enterprise environment you should get a SERVICE LEVEL
    AGREEMENT 
    > which suites your needs for SECURITY, AVAILABILITY and
    LIABILITY: 
    >
    https://netknights.it/en/leistungen/service-level-agreements/ 
    > --- 
    > You received this message because you are subscribed to the
    Google 
    > Groups "privacyidea" group. 
    > To unsubscribe from this group and stop receiving emails
    from it, send 
    > an email to privacyidea...@googlegroups.com. 
    > To post to this group, send email to
    priva...@googlegroups.com. 
    > Visit this group at
    https://groups.google.com/group/privacyidea. 
    > To view this discussion on the web visit 
    >
    https://groups.google.com/d/msgid/privacyidea/1553807c-aad2-4871-a4b1-06662671edbd%40googlegroups.com. 
    > For more options, visit https://groups.google.com/d/optout. 
    
    -- 
    Cornelius Kölbel 
    corneliu...@netknights.it 
    +49 151 2960 1417 
    
    NetKnights GmbH 
    http://www.netknights.it 
    Landgraf-Karl-Str. 19, 34131 Kassel, Germany 
    Tel: +49 561 3166797, Fax: +49 561 3166798 
    
    Amtsgericht Kassel, HRB 16405 
    Geschäftsführer: Cornelius Kölbel 


Please read the blog post about getting help
https://www.privacyidea.org/getting-help/.

For professional services and consultancy regarding two factor
authentication please visit
https://netknights.it/en/leistungen/one-time-services/

In an enterprise environment you should get a SERVICE LEVEL AGREEMENT
which suites your needs for SECURITY, AVAILABILITY and LIABILITY:
https://netknights.it/en/leistungen/service-level-agreements/

You received this message because you are subscribed to the Google
Groups “privacyidea” group.
To unsubscribe from this group and stop receiving emails from it, send
an email to privacyidea+unsubscribe@googlegroups.com.
To post to this group, send email to privacyidea@googlegroups.com.
Visit this group at https://groups.google.com/group/privacyidea.
To view this discussion on the web visit
https://groups.google.com/d/msgid/privacyidea/28f9be78-4fb9-4498-9124-bcb9c24c0483%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


Cornelius Kölbel
@cornelinux
+49 151 2960 1417

NetKnights GmbH
http://www.netknights.it
Landgraf-Karl-Str. 19, 34131 Kassel, Germany
Tel: +49 561 3166797, Fax: +49 561 3166798

Amtsgericht Kassel, HRB 16405
Geschäftsführer: Cornelius Kölbel

signature.asc (836 Bytes)

There is no conflicting policy:

Please have a look below:---------------------------------------------
Policy Configuration

Policies define the behaviour of privacyIDEA.
To learn more about policies read [#policies]_.

The following policies are defined in your system:

test


user: **[]**

resolver: **[]**

active: **True**

adminrealm: **[]**

condition: **0**

realm: **[u'defrealm']**

client: **[]**

time: ****

action: **{u'default_tokentype': u'email'}**

scope: **webui**

user

user: []

resolver: []

active: True

adminrealm: []

condition: 0

realm: [u’defrealm’]

client: []

time: ****

action: {u’enrollSMS’: True, u’enrollEMAIL’: True}

scope: user

On Monday, June 13, 2016 at 9:40:04 PM UTC+2, Cornelius Kölbel wrote:

Please take a closer look at your policies. You probably have
contradicting policies. If the user is not allowed to enroll the token
type you define as default_tokentype things will happen, I do not know.

You can go to Config->System->System documentation which will output a
restructured text. You can paste the section of your policies.

Starting at

Policy Configuration

Thanks.

Am Montag, den 13.06.2016, 05:53 -0700 schrieb jmdeking:

Action:
I create a WebUI policy with the setting “default_tokentype” to the
value email or sms or whatever and assign it to my realm.

Result:
User logs in to webportal and when he clicks “Enroll Token” the first
option is sms.
Above is good! Great!

Problem:
i also create a User policy with a random setting and assign it to my
realm.

Problem:
User logs io to webportal and when he clicks “Enroll token” the first
option is not sms, but another available token type. (in this case
email or totp)

Question: What is going wrong?

Things i have try’d to solve the problem:

  • Reverted to ;last snapshot without any configuration and after
    configuring the same result so no success.
  • in the webui profile checked everything off except the
    "default_tokentype" alas no success.
  • in the user profile checked everything off except enroll email and
    enroll sms but no success.

*** My Setup ***

Privacyidea Version: 2.12.1 (from ubuntu repo)

2x LDAP Backend in a realm.

pi.cfg
import logging

The realm, where users are allowed to login as administrators

SUPERUSER_REALM = [‘super’]

Your database

#SQLALCHEMY_DATABASE_URI = ‘sqlite:////etc/privacyidea/data.sqlite’

This is used to encrypt the auth_token

#SECRET_KEY = ‘changed’

This is used to encrypt the admin passwords

#PI_PEPPER = “Never know…”

This is used to encrypt the token data and token passwords

PI_ENCFILE = ‘/etc/privacyidea/enckey’

This is used to sign the audit log

This is the dummy base class

#PI_AUDIT_MODULE = ‘privacyidea.lib.auditmodules.base’

This is the default

#PI_AUDIT_MODULE = ‘privacyidea.lib.auditmodules.sqlaudit’

This is used to sign the audit log

PI_AUDIT_KEY_PRIVATE = '/etc/privacyidea/private.pem’
PI_AUDIT_KEY_PUBLIC = '/etc/privacyidea/public.pem’
PI_LOGFILE = '/var/log/privacyidea/privacyidea.log’
PI_LOGLEVEL = logging.INFO

PI_PEPPER = 'changed’
SECRET_KEY = 'changed’
SQLALCHEMY_DATABASE_URI = ‘mysql://pi:changed@localhost/pi’

ssl_access.log when of i access the “Enroll Token” page.
10.200.200.183 - - [06/Jun/2016:14:07:01 +0200] 200 “GET /policy/
HTTP/1.1” 1741 “https://changed/” "Mozilla/5.0 (X11; Linux x86_64)
AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu Chromium/49.0.2623.108
Chrome/49.0.2623.108 Safari/537.36"
10.200.200.183 - - [06/Jun/2016:14:07:07 +0200] 200 “POST /auth
HTTP/1.1” 1816 “https://changed/” "Mozilla/5.0 (X11; Linux x86_64)
AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu Chromium/49.0.2623.108
Chrome/49.0.2623.108 Safari/537.36"
10.200.200.183 - - [06/Jun/2016:14:07:07 +0200] 200 “GET /token/
HTTP/1.1” 854 “https://changed/” "Mozilla/5.0 (X11; Linux x86_64)
AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu Chromium/49.0.2623.108
Chrome/49.0.2623.108 Safari/537.36"
10.200.200.183 - - [06/Jun/2016:14:07:07 +0200] 200 “GET /token/
HTTP/1.1” 854 “https://changedl/” “Mozilla/5.0 (X11; Linux x86_64)
AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu Chromium/49.0.2623.108
Chrome/49.0.2623.108 Safari/537.36"
10.200.200.183 - - [06/Jun/2016:14:07:09 +0200] 404
"GET /static/components/token/views/token.enrolled.email.html
HTTP/1.1” 233 “https://changed/” "Mozilla/5.0 (X11; Linux x86_64)
AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu Chromium/49.0.2623.108
Chrome/49.0.2623.108 Safari/537.36"
10.200.200.183 - - [06/Jun/2016:14:07:09 +0200] 200 “GET /auth/rights
HTTP/1.1” 926 “https://changed/” "Mozilla/5.0 (X11; Linux x86_64)
AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu Chromium/49.0.2623.108
Chrome/49.0.2623.108 Safari/537.36"
10.200.200.183 - - [06/Jun/2016:14:07:10 +0200] 404
"GET /static/components/token/views/token.enrolled.sms.html HTTP/1.1"
233 “https://changed/” “Mozilla/5.0 (X11; Linux x86_64)
AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu Chromium/49.0.2623.108
Chrome/49.0.2623.108 Safari/537.36"
10.200.200.183 - - [06/Jun/2016:14:07:09 +0200] 200
"GET /radiusserver/ HTTP/1.1” 789 “https://changed/” "Mozilla/5.0
(X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu
Chromium/49.0.2623.108 Chrome/49.0.2623.108 Safari/537.36"
10.200.200.183 - - [06/Jun/2016:14:07:09 +0200] 200 “GET /system/
HTTP/1.1” 834 “https://changed/” "Mozilla/5.0 (X11; Linux x86_64)
AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu Chromium/49.0.2623.108
Chrome/49.0.2623.108 Safari/537.36"
10.200.200.183 - - [06/Jun/2016:14:07:09 +0200] 200 “GET /caconnector/
HTTP/1.1” 789 “https://changed/” “Mozilla/5.0 (X11; Linux x86_64)
AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu Chromium/49.0.2623.108
Chrome/49.0.2623.108 Safari/537.36”

On Monday, June 13, 2016 at 2:00:52 PM UTC+2, Cornelius Kölbel wrote:
My magic glass ball does not work.
Please send more information, what you have configured, what
you are
doing, what you are seeing and what you expect.

    https://www.privacyidea.org/getting-help/ 
    
    Am Montag, den 13.06.2016, 04:06 -0700 schrieb jmdeking: 
    > I think i am running the latest version. 
    > 
    > 
    > sudo apt-get install python-privacyidea 
    > Pakketlijsten worden ingelezen... Klaar 
    > Boom van vereisten wordt opgebouwd       
    > De status informatie wordt gelezen... Klaar 
    > python-privacyidea is already latest version. 
    > 
    > 
    > sudo apt-cache show python-privacyidea 
    > Package: python-privacyidea 
    > Priority: optional 
    > Section: python 
    > Installed-Size: 7811 
    > Maintainer: Cornelius Kölbel < 
    > Architecture: all 
    > Version: 2.12.1-1trusty 
    > Replaces: privacyidea (<< 2.0) 
    > Depends: python (>= 2.7), python (<< 2.8), python:any (>= 
    > 2.7.1-0ubuntu2), python-flask, python-flask-migrate, 
    > python-flask-sqlalchemy, python-flask-script, 
    python-jinja2, 
    > python-mako, python-markupsafe, python-pymysql, 
    python-pillow, 
    > python-pyjwt, python-yaml, python-pygments, 
    python-sqlalchemy, 
    > python-werkzeug, alembic, python-bcrypt, python-bs4, 
    python-cffi, 
    > python-configobj, python-docutils, python-funcparserlib, 
    > python-itsdangerous, python-ldap3, python-netaddr, 
    python-passlib, 
    > python-pyasn1, python-openssl, python-pycparser, 
    python-crypto, 
    > python-pyrad, python-usb, python-qrcode, python-requests, 
    > python-sqlsoup, python-ecdsa, python-lxml, python-pandas, 
    > python-matplotlib 
    > Breaks: privacyidea (<< 2.0) 
    > Filename: 
    > 

pool/main/p/python-privacyidea/python-privacyidea_2.12.1-1trusty_all.deb

    > Size: 1668282 
    > MD5sum: 33323220961aa83251d79fa768cf61a6 
    > SHA1: a3e951809b8490c9b05931583bf9450d373b97ad 
    > SHA256: 
    > 
    d511d991903ac319b3d72cff34435cb8da7aff12adacbfb54e36635a448f747e 
    > Description-en: two-factor authentication system e.g. for 
    OTP devices 
    >  privacyIDEA: identity, multifactor authentication, 
    authorization. 
    >  This package contains the python module for privacyIDEA. If 
    you want 
    >  to run it in a productive webserver you might want to 
    install 
    >  privacyidea-nginx or privacyidea-apache2. 
    >  privacyIDEA is an open solution for strong two-factor 
    authentication. 
    >  privacyIDEA aims to not bind you to any decision of the 
    > authentication protocol 
    >  or it does not dictate you where your user information 
    should be 
    > stored. 
    >  This is achieved by its totally modular architecture. 
    >  privacyIDEA is not only open as far as its modular 
    architecture is 
    > concerned. 
    >  But privacyIDEA is completely licensed under the AGPLv3. 
    > Description-md5: d83384f70b39fc92f22fd9110f628dd2 
    > 
    > On Monday, June 13, 2016 at 12:46:51 PM UTC+2, Cornelius  Kölbel wrote: 
    >         Hi, 
    >         
    >         this behaviour was changed/fixed/clarified in 
    version 2.8. 
    > 

https://github.com/privacyidea/privacyidea/blob/master/Changelog#L119

    >         
    >         Kind regards 
    >         Cornelius 
    >         
    >         Am Montag, den 13.06.2016, 03:29 -0700 schrieb 
    jmdeking: 
    >         > To be clear, the files do exist in the directory 
    so i am not 
    >         sure what 
    >         > is happening here. 
    >         > 
    >         > 
    >         > 
    >         > 
    >         > On Monday, June 13, 2016 at 12:23:27 PM UTC+2,  jmdeking  wrote: 
    >         >         Hi there, 
    >         >         
    >         >         
    >         >         I use the following setup: 
    >         >         
    >         >         
    >         >         Ubuntu 14.04 with Privacyidea 2.7 from the 
    provided 
    >         repo. 
    >         >         
    >         >         
    >         >         
    >         >         
    >         >         When i set a system wide policy to set 
    the 
    >         default_token type 
    >         >         to email a user logs in but doesnt get the 
    default 
    >         token i 
    >         >         setup in the WebUI policy: 
    >         >         
    >         >         
    >         >         10.200.200.183 - - [13/Jun/2016:12:20:55 
    +0200] 404 
    >         > 
    > 
    "GET /static/components/token/views/token.enrolled.email.html 
    >         >         HTTP/1.1"  233 "https://changed/" 
    "Mozilla/5.0 (X11; 
    >         Linux 
    >         >         x86_64) AppleWebKit/537.36 (KHTML, like 
    Gecko) 
    >         Ubuntu 
    >         >         Chromium/49.0.2623.108 
    Chrome/49.0.2623.108 
    >         Safari/537.36" 
    >         >         10.200.200.183 - - [13/Jun/2016:12:20:55 
    +0200] 404 
    >         > 
    > 
    "GET /static/components/token/views/token.enrolled.sms.html 
    >         >         HTTP/1.1"  233 "https://changed/" 
    "Mozilla/5.0 (X11; 
    >         Linux 
    >         >         x86_64) AppleWebKit/537.36 (KHTML, like 
    Gecko) 
    >         Ubuntu 
    >         >         Chromium/49.0.2623.108 
    Chrome/49.0.2623.108 
    >         Safari/537.36" 
    >         >         
    >         >         
    >         >         Do you know what i going wrong here? 
    >         >         
    >         >         
    >         >         
    >         >         
    >         >         
    >         >         
    >         >         PI.CFG: 
    >         >         
    >         >         
    >         >         import logging 
    >         >         # The realm, where users are allowed to 
    login as 
    >         >         administrators 
    >         >         SUPERUSER_REALM = ['super'] 
    >         >         # Your database 
    >         >         #SQLALCHEMY_DATABASE_URI = 
    >         >         'sqlite:////etc/privacyidea/data.sqlite' 
    >         >         # This is used to encrypt the auth_token 
    >         >         #SECRET_KEY = 't0p s3cr3t' 
    >         >         # This is used to encrypt the admin 
    passwords 
    >         >         #PI_PEPPER = "Never know..." 
    >         >         # This is used to encrypt the token data 
    and token 
    >         passwords 
    >         >         PI_ENCFILE = '/etc/privacyidea/enckey' 
    >         >         # This is used to sign the audit log 
    >         >         # This is the dummy base class 
    >         >         #PI_AUDIT_MODULE = 
    >         'privacyidea.lib.auditmodules.base' 
    >         >         # This is the default 
    >         >         #PI_AUDIT_MODULE = 
    >         'privacyidea.lib.auditmodules.sqlaudit' 
    >         >         # This is used to sign the audit log 
    >         >         PI_AUDIT_KEY_PRIVATE = 
    >         '/etc/privacyidea/private.pem' 
    >         >         PI_AUDIT_KEY_PUBLIC = 
    '/etc/privacyidea/public.pem' 
    >         >         PI_LOGFILE = 
    '/var/log/privacyidea/privacyidea.log' 
    >         >         PI_LOGLEVEL = logging.INFO 
    >         >         
    >         >         
    >         >         #PI_CUSTOMIZATION = "/" 
    >         >         
    >         >         
    >         >         #PI_CSS = 
    >         '/static/customize/css/bootstrap-theme.css' 
    >         >         
    >         >         
    >         >         PI_PEPPER = 'changed' 
    >         >         SECRET_KEY = 'changed' 
    >         >         SQLALCHEMY_DATABASE_URI = 
    >         'mysql://pi:changed@localhost/pi' 
    >         > -- 
    >         > Please read the blog post about getting help 
    >         > https://www.privacyidea.org/getting-help/. 
    >         >   
    >         > For professional services and consultancy 
    regarding two 
    >         factor 
    >         > authentication please visit 
    >         > 
    https://netknights.it/en/leistungen/one-time-services/ 
    >         >   
    >         > In an enterprise environment you should get a 
    SERVICE LEVEL 
    >         AGREEMENT 
    >         > which suites your needs for SECURITY, AVAILABILITY 
    and 
    >         LIABILITY: 
    >         > 
    > 
    https://netknights.it/en/leistungen/service-level-agreements/ 
    >         > --- 
    >         > You received this message because you are 
    subscribed to the 
    >         Google 
    >         > Groups "privacyidea" group. 
    >         > To unsubscribe from this group and stop receiving 
    emails 
    >         from it, send 
    >         > an email to privacyidea...@googlegroups.com. 
    >         > To post to this group, send email to 
    >         priva...@googlegroups.com. 
    >         > Visit this group at 
    >         https://groups.google.com/group/privacyidea. 
    >         > To view this discussion on the web visit 
    >         > 
    > 

https://groups.google.com/d/msgid/privacyidea/74fc71fb-b8ea-4076-a8d2-a7b16bdb7bb6%40googlegroups.com.

    >         > For more options, visit 
    https://groups.google.com/d/optout. 
    >         
    >         -- 
    >         Cornelius Kölbel 
    >         corneliu...@netknights.it 
    >         +49 151 2960 1417 
    >         
    >         NetKnights GmbH 
    >         http://www.netknights.it 
    >         Landgraf-Karl-Str. 19, 34131 Kassel, Germany 
    >         Tel: +49 561 3166797, Fax: +49 561 3166798 
    >         
    >         Amtsgericht Kassel, HRB 16405 
    >         Geschäftsführer: Cornelius Kölbel 
    >         
    >         
    > -- 
    > Please read the blog post about getting help 
    > https://www.privacyidea.org/getting-help/. 
    >   
    > For professional services and consultancy regarding two 
    factor 
    > authentication please visit 
    > https://netknights.it/en/leistungen/one-time-services/ 
    >   
    > In an enterprise environment you should get a SERVICE LEVEL 
    AGREEMENT 
    > which suites your needs for SECURITY, AVAILABILITY and 
    LIABILITY: 
    > 
    https://netknights.it/en/leistungen/service-level-agreements/ 
    > --- 
    > You received this message because you are subscribed to the 
    Google 
    > Groups "privacyidea" group. 
    > To unsubscribe from this group and stop receiving emails 
    from it, send 
    > an email to privacyidea...@googlegroups.com. 
    > To post to this group, send email to 
    priva...@googlegroups.com. 
    > Visit this group at 
    https://groups.google.com/group/privacyidea. 
    > To view this discussion on the web visit 
    > 

https://groups.google.com/d/msgid/privacyidea/ef7fd503-e74e-47e9-8421-68fb3b1a30bb%40googlegroups.com.

    > For more options, visit https://groups.google.com/d/optout. 
    
    -- 
    Cornelius Kölbel 
    corneliu...@netknights.it 
    +49 151 2960 1417 
    
    NetKnights GmbH 
    http://www.netknights.it 
    Landgraf-Karl-Str. 19, 34131 Kassel, Germany 
    Tel: +49 561 3166797, Fax: +49 561 3166798 
    
    Amtsgericht Kassel, HRB 16405 
    Geschäftsführer: Cornelius Kölbel 


Please read the blog post about getting help
https://www.privacyidea.org/getting-help/.

For professional services and consultancy regarding two factor
authentication please visit
https://netknights.it/en/leistungen/one-time-services/

In an enterprise environment you should get a SERVICE LEVEL AGREEMENT
which suites your needs for SECURITY, AVAILABILITY and LIABILITY:
https://netknights.it/en/leistungen/service-level-agreements/

You received this message because you are subscribed to the Google
Groups “privacyidea” group.
To unsubscribe from this group and stop receiving emails from it, send
an email to privacyidea...@googlegroups.com <javascript:>.
To post to this group, send email to priva...@googlegroups.com
<javascript:>.
Visit this group at https://groups.google.com/group/privacyidea.
To view this discussion on the web visit

https://groups.google.com/d/msgid/privacyidea/25228782-5705-431c-82f1-4e6e5775d782%40googlegroups.com.

For more options, visit https://groups.google.com/d/optout.


Cornelius Kölbel
corneliu...@netknights.it <javascript:>
+49 151 2960 1417

NetKnights GmbH
http://www.netknights.it
Landgraf-Karl-Str. 19, 34131 Kassel, Germany
Tel: +49 561 3166797, Fax: +49 561 3166798

Amtsgericht Kassel, HRB 16405
Geschäftsführer: Cornelius Kölbel

Hi Johan,

we try to stick to the github milestones.

This would be end of June.

Kind regards
CorneliusAm Dienstag, den 14.06.2016, 06:43 -0700 schrieb jmdeking:

Understood for now i will test it on my test environment, any eta on
this being in the next stable release?

Kind Regards,
Johan

On Tuesday, June 14, 2016 at 3:26:44 PM UTC+2, Cornelius Kölbel wrote:
Hi Johan,

    I am calling it "dev" because I do not want to take any
    responsibility 
    for these packages ;-) 
    
    I would not use it on a productive environment. The current
    packages 
    there are very likely no problem. But the repository can
    contain broken 
    packages next week. 
    
    Kind regards 
    Cornelius 
    
    Am Dienstag, den 14.06.2016, 06:11 -0700 schrieb jmdeking: 
    > Thanks, is it save to use this dev-package for my
    production 
    > environment? 
    > 
    > 
    > Kind Regards, 
    > Johan 
    > 
    > On Tuesday, June 14, 2016 at 2:59:35 PM UTC+2, Cornelius Kölbel wrote: 
    >         I just uploaded the source. 
    >         I will take a time for processing. The package
    privacyidea 
    >         2.13-dev1 
    >         will be available in may be half an hour. 
    >         
    >         Kind regards 
    >         Cornelius 
    >         
    >         Am Dienstag, den 14.06.2016, 05:19 -0700 schrieb
    jmdeking: 
    >         > Great, if you can post the issue on github and fix
    this on 
    >         short 
    >         > notice would be really nice. Let me know if there
    is an 
    >         update. 
    >         > 
    >         > 
    >         > Our company is in the proces of reviewing your
    software and 
    >         if this 
    >         > satisfies our needs we are gonna buy a service
    contract for 
    >         sure :) 
    >         > 
    >         > 
    >         > Thanks for your time. 
    >         > 
    >         > 
    >         > Kind Regards, 
    >         > Johan 
    >         > 
    >         > On Tuesday, June 14, 2016 at 1:05:33 PM UTC+2, Cornelius  Kölbel wrote: 
    >         >         Hello JM, 
    >         >         
    >         >         thanks a lot for sending the detailed
    policy 
    >         definition, this 
    >         >         helps a 
    >         >         lot. 
    >         >         
    >         >         I can confirm this being a bug in the UI.
    The server 
    >         provides 
    >         >         all 
    >         >         information correct to the UI
    (default_tokentype and 
    >         list of 
    >         >         enrollable 
    >         >         tokens). 
    >         >         
    >         >         If you wish to, you can open an issue at 
    >         >
    https://github.com/privacyidea/privacyidea/issues or 
    >         I will do 
    >         >         so later. 
    >         >         
    >         >         Kind regards 
    >         >         Cornelius 
    >         >         
    >         >         Am Dienstag, den 14.06.2016, 02:53 -0700 schrieb 
    >         jmdeking: 
    >         >         > There is no conflicting policy: 
    >         >         > 
    >         >         > 
    >         >         > Please have a look below: 
    >         >         >
    --------------------------------------------- 
    >         >         > Policy Configuration 
    >         >         > -------------------- 
    >         >         > Policies define the behaviour of
    privacyIDEA. 
    >         >         > To learn more about policies read
    [#policies]_. 
    >         >         > 
    >         >         > 
    >         >         > The following policies are defined in
    your 
    >         system: 
    >         >         > 
    >         >         > 
    >         >         > test 
    >         >         > ~~~~~~~~~~~~~~~~~ 
    >         >         > 
    >         >         > 
    >         >         > user: **[]** 
    >         >         > 
    >         >         > 
    >         >         > resolver: **[]** 
    >         >         > 
    >         >         > 
    >         >         > active: **True** 
    >         >         > 
    >         >         > 
    >         >         > adminrealm: **[]** 
    >         >         > 
    >         >         > 
    >         >         > condition: **0** 
    >         >         > 
    >         >         > 
    >         >         > realm: **[u'defrealm']** 
    >         >         > 
    >         >         > 
    >         >         > client: **[]** 
    >         >         > 
    >         >         > 
    >         >         > time: **** 
    >         >         > 
    >         >         > 
    >         >         > action: **{u'default_tokentype':
    u'email'}** 
    >         >         > 
    >         >         > 
    >         >         > scope: **webui** 
    >         >         > 
    >         >         > 
    >         >         > user 
    >         >         > ~~~~~~~~~~~~~~~~~ 
    >         >         > 
    >         >         > 
    >         >         > user: **[]** 
    >         >         > 
    >         >         > 
    >         >         > resolver: **[]** 
    >         >         > 
    >         >         > 
    >         >         > active: **True** 
    >         >         > 
    >         >         > 
    >         >         > adminrealm: **[]** 
    >         >         > 
    >         >         > 
    >         >         > condition: **0** 
    >         >         > 
    >         >         > 
    >         >         > realm: **[u'defrealm']** 
    >         >         > 
    >         >         > 
    >         >         > client: **[]** 
    >         >         > 
    >         >         > 
    >         >         > time: **** 
    >         >         > 
    >         >         > 
    >         >         > action: **{u'enrollSMS': True,
    u'enrollEMAIL': 
    >         True}** 
    >         >         > 
    >         >         > 
    >         >         > scope: **user** 
    >         >         > 
    >         >         > On Monday, June 13, 2016 at 9:40:04 PM UTC+2,  Cornelius  Kölbel wrote: 
    >         >         >         Please take a closer look at
    your 
    >         policies. You 
    >         >         probably have 
    >         >         >         contradicting policies. If the
    user is not 
    >         allowed 
    >         >         to enroll 
    >         >         >         the token 
    >         >         >         type you define as
    default_tokentype 
    >         things will 
    >         >         happen, I do 
    >         >         >         not know. 
    >         >         >         
    >         >         >         You can go to
    Config->System->System 
    >         documentation 
    >         >         which will 
    >         >         >         output a 
    >         >         >         restructured text. You can paste
    the 
    >         section of 
    >         >         your 
    >         >         >         policies. 
    >         >         >         
    >         >         >         Starting at 
    >         >         >         
    >         >         >            Policy Configuration 
    >         >         >            -------------------- 
    >         >         >         
    >         >         >         Thanks. 
    >         >         >         
    >         >         >         Am Montag, den 13.06.2016, 05:53 0700  schrieb 
    >         >         jmdeking: 
    >         >         >         > Action: 
    >         >         >         > I create a WebUI policy with
    the 
    >         setting 
    >         >         "default_tokentype" 
    >         >         >         to the 
    >         >         >         > value email or sms or whatever
    and 
    >         assign it to my 
    >         >         realm. 
    >         >         >         > 
    >         >         >         > 
    >         >         >         > Result: 
    >         >         >         > User logs in to webportal and
    when he 
    >         clicks 
    >         >         "Enroll Token" 
    >         >         >         the first 
    >         >         >         > option is sms. 
    >         >         >         > Above is good! Great! 
    >         >         >         > 
    >         >         >         > 
    >         >         >         > Problem: 
    >         >         >         > i also create a User policy
    with a 
    >         random setting 
    >         >         and assign 
    >         >         >         it to my 
    >         >         >         > realm. 
    >         >         >         > 
    >         >         >         > 
    >         >         >         > Problem: 
    >         >         >         > User logs io to webportal and
    when he 
    >         clicks 
    >         >         "Enroll token" 
    >         >         >         the first 
    >         >         >         > option is not sms, but another
    available 
    >         token 
    >         >         type. (in 
    >         >         >         this case 
    >         >         >         > email or totp) 
    >         >         >         > 
    >         >         >         > 
    >         >         >         > Question: What is going
    wrong? 
    >         >         >         > 
    >         >         >         > 
    >         >         >         > Things i have try'd to solve
    the 
    >         problem: 
    >         >         >         > - Reverted to ;last snapshot
    without 
    >         any 
    >         >         configuration and 
    >         >         >         after 
    >         >         >         > configuring the same result so
    no 
    >         success. 
    >         >         >         > - in the webui profile
    checked 
    >         everything off 
    >         >         except the 
    >         >         >         > "default_tokentype" alas no
    success. 
    >         >         >         > - in the user profile checked
    everything 
    >         off 
    >         >         except enroll 
    >         >         >         email and 
    >         >         >         > enroll sms but no success. 
    >         >         >         > ----------------- 
    >         >         >         > *** My Setup *** 
    >         >         >         > 
    >         >         >         > 
    >         >         >         > Privacyidea Version: 2.12.1
    (from ubuntu 
    >         repo) 
    >         >         >         > 
    >         >         >         > 2x LDAP Backend in a realm. 
    >         >         >         > 
    >         >         >         > 
    >         >         >         > pi.cfg 
    >         >         >         > import logging 
    >         >         >         > # The realm, where users are
    allowed to 
    >         login as 
    >         >         >         administrators 
    >         >         >         > SUPERUSER_REALM = ['super'] 
    >         >         >         > # Your database 
    >         >         >         > #SQLALCHEMY_DATABASE_URI = 
    >         >         >
    'sqlite:////etc/privacyidea/data.sqlite' 
    >         >         >         > # This is used to encrypt the 
    >         auth_token 
    >         >         >         > #SECRET_KEY = 'changed' 
    >         >         >         > # This is used to encrypt the
    admin 
    >         passwords 
    >         >         >         > #PI_PEPPER = "Never know..." 
    >         >         >         > # This is used to encrypt the
    token data 
    >         and 
    >         >         token 
    >         >         >         passwords 
    >         >         >         > PI_ENCFILE =
    '/etc/privacyidea/enckey' 
    >         >         >         > # This is used to sign the
    audit log 
    >         >         >         > # This is the dummy base
    class 
    >         >         >         > #PI_AUDIT_MODULE = 
    >         >         'privacyidea.lib.auditmodules.base' 
    >         >         >         > # This is the default 
    >         >         >         > #PI_AUDIT_MODULE = 
    >         >         'privacyidea.lib.auditmodules.sqlaudit' 
    >         >         >         > # This is used to sign the
    audit log 
    >         >         >         > PI_AUDIT_KEY_PRIVATE = 
    >         >         '/etc/privacyidea/private.pem' 
    >         >         >         > PI_AUDIT_KEY_PUBLIC = 
    >         >         '/etc/privacyidea/public.pem' 
    >         >         >         > PI_LOGFILE = 
    >         >         '/var/log/privacyidea/privacyidea.log' 
    >         >         >         > PI_LOGLEVEL = logging.INFO 
    >         >         >         > 
    >         >         >         > 
    >         >         >         > PI_PEPPER = 'changed' 
    >         >         >         > SECRET_KEY = 'changed' 
    >         >         >         > SQLALCHEMY_DATABASE_URI = 
    >         >         'mysql://pi:changed@localhost/pi' 
    >         >         >         > 
    >         >         >         > 
    >         >         >         > 
    >         >         >         > 
    >         >         >         > ssl_access.log when of i
    access the 
    >         "Enroll Token" 
    >         >         page. 
    >         >         >         > 10.200.200.183 - -
    [06/Jun/2016:14:07:01 
    >         +0200] 
    >         >         200 
    >         >         >         "GET /policy/ 
    >         >         >         > HTTP/1.1"  1741
    "https://changed/" 
    >         "Mozilla/5.0 
    >         >         (X11; Linux 
    >         >         >         x86_64) 
    >         >         >         > AppleWebKit/537.36 (KHTML,
    like Gecko) 
    >         Ubuntu 
    >         >         >         Chromium/49.0.2623.108 
    >         >         >         > Chrome/49.0.2623.108
    Safari/537.36" 
    >         >         >         > 10.200.200.183 - -
    [06/Jun/2016:14:07:07 
    >         +0200] 
    >         >         200 
    >         >         >         "POST /auth 
    >         >         >         > HTTP/1.1"  1816
    "https://changed/" 
    >         "Mozilla/5.0 
    >         >         (X11; Linux 
    >         >         >         x86_64) 
    >         >         >         > AppleWebKit/537.36 (KHTML,
    like Gecko) 
    >         Ubuntu 
    >         >         >         Chromium/49.0.2623.108 
    >         >         >         > Chrome/49.0.2623.108
    Safari/537.36" 
    >         >         >         > 10.200.200.183 - -
    [06/Jun/2016:14:07:07 
    >         +0200] 
    >         >         200 
    >         >         >         "GET /token/ 
    >         >         >         > HTTP/1.1"  854
    "https://changed/" 
    >         "Mozilla/5.0 
    >         >         (X11; Linux 
    >         >         >         x86_64) 
    >         >         >         > AppleWebKit/537.36 (KHTML,
    like Gecko) 
    >         Ubuntu 
    >         >         >         Chromium/49.0.2623.108 
    >         >         >         > Chrome/49.0.2623.108
    Safari/537.36" 
    >         >         >         > 10.200.200.183 - -
    [06/Jun/2016:14:07:07 
    >         +0200] 
    >         >         200 
    >         >         >         "GET /token/ 
    >         >         >         > HTTP/1.1"  854
    "https://changedl/" 
    >         "Mozilla/5.0 
    >         >         (X11; Linux 
    >         >         >         x86_64) 
    >         >         >         > AppleWebKit/537.36 (KHTML,
    like Gecko) 
    >         Ubuntu 
    >         >         >         Chromium/49.0.2623.108 
    >         >         >         > Chrome/49.0.2623.108
    Safari/537.36" 
    >         >         >         > 10.200.200.183 - -
    [06/Jun/2016:14:07:09 
    >         +0200] 
    >         >         404 
    >         >         >         > 
    >         >         > 
    >         > 
    >
    "GET /static/components/token/views/token.enrolled.email.html 
    >         >         >         > HTTP/1.1"  233
    "https://changed/" 
    >         "Mozilla/5.0 
    >         >         (X11; Linux 
    >         >         >         x86_64) 
    >         >         >         > AppleWebKit/537.36 (KHTML,
    like Gecko) 
    >         Ubuntu 
    >         >         >         Chromium/49.0.2623.108 
    >         >         >         > Chrome/49.0.2623.108
    Safari/537.36" 
    >         >         >         > 10.200.200.183 - -
    [06/Jun/2016:14:07:09 
    >         +0200] 
    >         >         200 
    >         >         >         "GET /auth/rights 
    >         >         >         > HTTP/1.1"  926
    "https://changed/" 
    >         "Mozilla/5.0 
    >         >         (X11; Linux 
    >         >         >         x86_64) 
    >         >         >         > AppleWebKit/537.36 (KHTML,
    like Gecko) 
    >         Ubuntu 
    >         >         >         Chromium/49.0.2623.108 
    >         >         >         > Chrome/49.0.2623.108
    Safari/537.36" 
    >         >         >         > 10.200.200.183 - -
    [06/Jun/2016:14:07:10 
    >         +0200] 
    >         >         404 
    >         >         >         > 
    >         > 
    >
    "GET /static/components/token/views/token.enrolled.sms.html 
    >         >         >         HTTP/1.1" 
    >         >         >         >  233 "https://changed/"
    "Mozilla/5.0 
    >         (X11; Linux 
    >         >         x86_64) 
    >         >         >         > AppleWebKit/537.36 (KHTML,
    like Gecko) 
    >         Ubuntu 
    >         >         >         Chromium/49.0.2623.108 
    >         >         >         > Chrome/49.0.2623.108
    Safari/537.36" 
    >         >         >         > 10.200.200.183 - -
    [06/Jun/2016:14:07:09 
    >         +0200] 
    >         >         200 
    >         >         >         > "GET /radiusserver/ HTTP/1.1"
     789 
    >         >         "https://changed/" 
    >         >         >         "Mozilla/5.0 
    >         >         >         > (X11; Linux x86_64)
    AppleWebKit/537.36 
    >         (KHTML, 
    >         >         like Gecko) 
    >         >         >         Ubuntu 
    >         >         >         > Chromium/49.0.2623.108 
    >         Chrome/49.0.2623.108 
    >         >         Safari/537.36" 
    >         >         >         > 10.200.200.183 - -
    [06/Jun/2016:14:07:09 
    >         +0200] 
    >         >         200 
    >         >         >         "GET /system/ 
    >         >         >         > HTTP/1.1"  834
    "https://changed/" 
    >         "Mozilla/5.0 
    >         >         (X11; Linux 
    >         >         >         x86_64) 
    >         >         >         > AppleWebKit/537.36 (KHTML,
    like Gecko) 
    >         Ubuntu 
    >         >         >         Chromium/49.0.2623.108 
    >         >         >         > Chrome/49.0.2623.108
    Safari/537.36" 
    >         >         >         > 10.200.200.183 - -
    [06/Jun/2016:14:07:09 
    >         +0200] 
    >         >         200 
    >         >         >         "GET /caconnector/ 
    >         >         >         > HTTP/1.1"  789
    "https://changed/" 
    >         "Mozilla/5.0 
    >         >         (X11; Linux 
    >         >         >         x86_64) 
    >         >         >         > AppleWebKit/537.36 (KHTML,
    like Gecko) 
    >         Ubuntu 
    >         >         >         Chromium/49.0.2623.108 
    >         >         >         > Chrome/49.0.2623.108
    Safari/537.36" 
    >         >         >         > 
    >         >         >         > On Monday, June 13, 2016 at 2:00:52 PM  UTC+2,  Cornelius  Kölbel wrote: 
    >         >         >         >         My magic glass ball
    does not 
    >         work. 
    >         >         >         >         Please send more
    information, 
    >         what you 
    >         >         have 
    >         >         >         configured, what 
    >         >         >         >         you are 
    >         >         >         >         doing, what you are
    seeing and 
    >         what you 
    >         >         expect. 
    >         >         >         >         
    >         >         >         > 
    >         https://www.privacyidea.org/getting-help/ 
    >         >         >         >         
    >         >         >         >         Am Montag, den 13.06.2016, 04:06  0700  schrieb 
    >         >         >         jmdeking: 
    >         >         >         >         > I think i am running
    the 
    >         latest 
    >         >         version. 
    >         >         >         >         > 
    >         >         >         >         > 
    >         >         >         >         > sudo apt-get
    install 
    >         python-privacyidea 
    >         >         >         >         > Pakketlijsten
    worden 
    >         ingelezen... Klaar 
    >         >         >         >         > Boom van vereisten
    wordt 
    >         opgebouwd 
    >         >           
    >         >         >         >         > De status informatie
    wordt 
    >         gelezen... 
    >         >         Klaar 
    >         >         >         >         > python-privacyidea
    is already 
    >         latest 
    >         >         version. 
    >         >         >         >         > 
    >         >         >         >         > 
    >         >         >         >         > sudo apt-cache show 
    >         python-privacyidea 
    >         >         >         >         > Package:
    python-privacyidea 
    >         >         >         >         > Priority: optional 
    >         >         >         >         > Section: python 
    >         >         >         >         > Installed-Size:
    7811 
    >         >         >         >         > Maintainer:
    Cornelius Kölbel 
    >         < 
    >         >         >         >         > Architecture: all 
    >         >         >         >         > Version:
    2.12.1-1trusty 
    >         >         >         >         > Replaces:
    privacyidea (<< 
    >         2.0) 
    >         >         >         >         > Depends: python (>=
    2.7), 
    >         python (<< 
    >         >         2.8), 
    >         >         >         python:any (>= 
    >         >         >         >         > 2.7.1-0ubuntu2), 
    >         python-flask, 
    >         >         >         python-flask-migrate, 
    >         >         >         >         >
    python-flask-sqlalchemy, 
    >         >         python-flask-script, 
    >         >         >         >         python-jinja2, 
    >         >         >         >         > python-mako, 
    >         python-markupsafe, 
    >         >         python-pymysql, 
    >         >         >         >         python-pillow, 
    >         >         >         >         > python-pyjwt,
    python-yaml, 
    >         >         python-pygments, 
    >         >         >         >         python-sqlalchemy, 
    >         >         >         >         > python-werkzeug,
    alembic, 
    >         >         python-bcrypt, 
    >         >         >         python-bs4, 
    >         >         >         >         python-cffi, 
    >         >         >         >         > python-configobj, 
    >         python-docutils, 
    >         >         >         python-funcparserlib, 
    >         >         >         >         >
    python-itsdangerous, 
    >         python-ldap3, 
    >         >         >         python-netaddr, 
    >         >         >         >         python-passlib, 
    >         >         >         >         > python-pyasn1, 
    >         python-openssl, 
    >         >         python-pycparser, 
    >         >         >         >         python-crypto, 
    >         >         >         >         > python-pyrad,
    python-usb, 
    >         >         python-qrcode, 
    >         >         >         python-requests, 
    >         >         >         >         > python-sqlsoup,
    python-ecdsa, 
    >         >         python-lxml, 
    >         >         >         python-pandas, 
    >         >         >         >         > python-matplotlib 
    >         >         >         >         > Breaks: privacyidea
    (<< 2.0) 
    >         >         >         >         > Filename: 
    >         >         >         >         > 
    >         >         >         > 
    >         >         > 
    >         > 
    >
    pool/main/p/python-privacyidea/python-privacyidea_2.12.1-1trusty_all.deb 
    >         >         >         >         > Size: 1668282 
    >         >         >         >         > MD5sum: 
    >         >         33323220961aa83251d79fa768cf61a6 
    >         >         >         >         > SHA1: 
    >         >         a3e951809b8490c9b05931583bf9450d373b97ad 
    >         >         >         >         > SHA256: 
    >         >         >         >         > 
    >         >         >         > 
    >         >         > 
    >         > 
    >
    d511d991903ac319b3d72cff34435cb8da7aff12adacbfb54e36635a448f747e 
    >         >         >         >         > Description-en:
    two-factor 
    >         >         authentication system 
    >         >         >         e.g. for 
    >         >         >         >         OTP devices 
    >         >         >         >         >  privacyIDEA:
    identity, 
    >         multifactor 
    >         >         >         authentication, 
    >         >         >         >         authorization. 
    >         >         >         >         >  This package
    contains the 
    >         python module 
    >         >         for 
    >         >         >         privacyIDEA. If 
    >         >         >         >         you want 
    >         >         >         >         >  to run it in a
    productive 
    >         webserver you 
    >         >         might 
    >         >         >         want to 
    >         >         >         >         install 
    >         >         >         >         >  privacyidea-nginx
    or 
    >         >         privacyidea-apache2. 
    >         >         >         >         >  privacyIDEA is an
    open 
    >         solution for 
    >         >         strong 
    >         >         >         two-factor 
    >         >         >         >         authentication. 
    >         >         >         >         >  privacyIDEA aims to
    not bind 
    >         you to any 
    >         >         decision 
    >         >         >         of the 
    >         >         >         >         > authentication
    protocol 
    >         >         >         >         >  or it does not
    dictate you 
    >         where your 
    >         >         user 
    >         >         >         information 
    >         >         >         >         should be 
    >         >         >         >         > stored. 
    >         >         >         >         >  This is achieved by
    its 
    >         totally 
    >         >         modular 
    >         >         >         architecture. 
    >         >         >         >         >  privacyIDEA is not
    only open 
    >         as far as 
    >         >         its 
    >         >         >         modular 
    >         >         >         >         architecture is 
    >         >         >         >         > concerned. 
    >         >         >         >         >  But privacyIDEA is
    completely 
    >         licensed 
    >         >         under the 
    >         >         >         AGPLv3. 
    >         >         >         >         > Description-md5: 
    >         >         d83384f70b39fc92f22fd9110f628dd2 
    >         >         >         >         > 
    >         >         >         >         > On Monday, June 13, 2016 at  12:46:51 PM  UTC+2,  Cornelius  Kölbel wrote: 
    >         >         >         >         >         Hi, 
    >         >         >         >         >         
    >         >         >         >         >         this
    behaviour was 
    >         >         changed/fixed/clarified 
    >         >         >         in 
    >         >         >         >         version 2.8. 
    >         >         >         >         > 
    >         >         >         > 
    >         >         > 
    >         > 
    >
    https://github.com/privacyidea/privacyidea/blob/master/Changelog#L119 
    >         >         >         >         >         
    >         >         >         >         >         Kind
    regards 
    >         >         >         >         >         Cornelius 
    >         >         >         >         >         
    >         >         >         >         >         Am Montag, den  13.06.2016, 03:29  0700  schrieb 
    >         >         >         >         jmdeking: 
    >         >         >         >         >         > To be
    clear, the 
    >         files do 
    >         >         exist in the 
    >         >         >         directory 
    >         >         >         >         so i am not 
    >         >         >         >         >         sure what 
    >         >         >         >         >         > is
    happening here. 
    >         >         >         >         >         > 
    >         >         >         >         >         > 
    >         >         >         >         >         > 
    >         >         >         >         >         > 
    >         >         >         >         >         > On Monday, June 13,  2016 at  12:23:27 PM  UTC+2,  jmdeking  wrote: 
    >         >         >         >         >         >         Hi
    there, 
    >         >         >         >         >         >         
    >         >         >         >         >         >         
    >         >         >         >         >         >         I
    use the 
    >         following 
    >         >         setup: 
    >         >         >         >         >         >         
    >         >         >         >         >         >         
    >         >         >         >         >         >
    Ubuntu 14.04 
    >         with 
    >         >         Privacyidea 
    >         >         >         2.7 from the 
    >         >         >         >         provided 
    >         >         >         >         >         repo. 
    >         >         >         >         >         >         
    >         >         >         >         >         >         
    >         >         >         >         >         >         
    >         >         >         >         >         >         
    >         >         >         >         >         >
    When i set a 
    >         system 
    >         >         wide policy 
    >         >         >         to set 
    >         >         >         >         the 
    >         >         >         >         >
    default_token type 
    >         >         >         >         >         >         to
    email a 
    >         user logs 
    >         >         in but 
    >         >         >         doesnt get the 
    >         >         >         >         default 
    >         >         >         >         >         token i 
    >         >         >         >         >         >
    setup in the 
    >         WebUI 
    >         >         policy: 
    >         >         >         >         >         >         
    >         >         >         >         >         >         
    >         >         >         >         >         > 
    >         10.200.200.183 - - 
    >         >         >         [13/Jun/2016:12:20:55 
    >         >         >         >         +0200] 404 
    >         >         >         >         >         > 
    >         >         >         >         > 
    >         >         >         > 
    >         >         > 
    >         > 
    >
    "GET /static/components/token/views/token.enrolled.email.html 
    >         >         >         >         >         >
    HTTP/1.1" 
    >          233 
    >         >         >         "https://changed/" 
    >         >         >         >         "Mozilla/5.0 (X11; 
    >         >         >         >         >         Linux 
    >         >         >         >         >         >
    x86_64) 
    >         >         AppleWebKit/537.36 
    >         >         >         (KHTML, like 
    >         >         >         >         Gecko) 
    >         >         >         >         >         Ubuntu 
    >         >         >         >         >         > 
    >         >         Chromium/49.0.2623.108 
    >         >         >         >         Chrome/49.0.2623.108 
    >         >         >         >         >
    Safari/537.36" 
    >         >         >         >         >         > 
    >         10.200.200.183 - - 
    >         >         >         [13/Jun/2016:12:20:55 
    >         >         >         >         +0200] 404 
    >         >         >         >         >         > 
    >         >         >         >         > 
    >         >         >         > 
    >         >         > 
    >         > 
    >
    "GET /static/components/token/views/token.enrolled.sms.html 
    >         >         >         >         >         >
    HTTP/1.1" 
    >          233 
    >         >         >         "https://changed/" 
    >         >         >         >         "Mozilla/5.0 (X11; 
    >         >         >         >         >         Linux 
    >         >         >         >         >         >
    x86_64) 
    >         >         AppleWebKit/537.36 
    >         >         >         (KHTML, like 
    >         >         >         >         Gecko) 
    >         >         >         >         >         Ubuntu 
    >         >         >         >         >         > 
    >         >         Chromium/49.0.2623.108 
    >         >         >         >         Chrome/49.0.2623.108 
    >         >         >         >         >
    Safari/537.36" 
    >         >         >         >         >         >         
    >         >         >         >         >         >         
    >         >         >         >         >         >         Do
    you know 
    >         what i 
    >         >         going wrong 
    >         >         >         here? 
    >         >         >         >         >         >         
    >         >         >         >         >         >         
    >         >         >         >         >         >         
    >         >         >         >         >         >         
    >         >         >         >         >         >         
    >         >         >         >         >         >         
    >         >         >         >         >         >
    PI.CFG: 
    >         >         >         >         >         >         
    >         >         >         >         >         >         
    >         >         >         >         >         >
    import 
    >         logging 
    >         >         >         >         >         >         #
    The realm, 
    >         where 
    >         >         users are 
    >         >         >         allowed to 
    >         >         >         >         login as 
    >         >         >         >         >         > 
    >         administrators 
    >         >         >         >         >         > 
    >         SUPERUSER_REALM = 
    >         >         ['super'] 
    >         >         >         >         >         >         #
    Your 
    >         database 
    >         >         >         >         >         > 
    >         >         #SQLALCHEMY_DATABASE_URI = 
    >         >         >         >         >         > 
    >         >         >
    'sqlite:////etc/privacyidea/data.sqlite' 
    >         >         >         >         >         >         #
    This is 
    >         used to 
    >         >         encrypt the 
    >         >         >         auth_token 
    >         >         >         >         >         >
    #SECRET_KEY 
    >         = 't0p 
    >         >         s3cr3t' 
    >         >         >         >         >         >         #
    This is 
    >         used to 
    >         >         encrypt the 
    >         >         >         admin 
    >         >         >         >         passwords 
    >         >         >         >         >         >
    #PI_PEPPER = 
    >         "Never 
    >         >         know..." 
    >         >         >         >         >         >         #
    This is 
    >         used to 
    >         >         encrypt the 
    >         >         >         token data 
    >         >         >         >         and token 
    >         >         >         >         >         passwords 
    >         >         >         >         >         >
    PI_ENCFILE 
    >         = 
    >         >         >         '/etc/privacyidea/enckey' 
    >         >         >         >         >         >         #
    This is 
    >         used to sign 
    >         >         the audit 
    >         >         >         log 
    >         >         >         >         >         >         #
    This is 
    >         the dummy 
    >         >         base class 
    >         >         >         >         >         > 
    >         #PI_AUDIT_MODULE = 
    >         >         >         >         > 
    >         >         'privacyidea.lib.auditmodules.base' 
    >         >         >         >         >         >         #
    This is 
    >         the default 
    >         >         >         >         >         > 
    >         #PI_AUDIT_MODULE = 
    >         >         >         >         > 
    >         >         'privacyidea.lib.auditmodules.sqlaudit' 
    >         >         >         >         >         >         #
    This is 
    >         used to sign 
    >         >         the audit 
    >         >         >         log 
    >         >         >         >         >         > 
    >         PI_AUDIT_KEY_PRIVATE 
    >         >         = 
    >         >         >         >         > 
    >         '/etc/privacyidea/private.pem' 
    >         >         >         >         >         > 
    >         PI_AUDIT_KEY_PUBLIC = 
    >         >         >         >
    '/etc/privacyidea/public.pem' 
    >         >         >         >         >         >
    PI_LOGFILE 
    >         = 
    >         >         >         > 
    >         '/var/log/privacyidea/privacyidea.log' 
    >         >         >         >         >         >
    PI_LOGLEVEL 
    >         = 
    >         >         logging.INFO 
    >         >         >         >         >         >         
    >         >         >         >         >         >         
    >         >         >         >         >         > 
    >         #PI_CUSTOMIZATION = 
    >         >         "/" 
    >         >         >         >         >         >         
    >         >         >         >         >         >         
    >         >         >         >         >         >
    #PI_CSS = 
    >         >         >         >         > 
    >         >         > 
    >         '/static/customize/css/bootstrap-theme.css' 
    >         >         >         >         >         >         
    >         >         >         >         >         >         
    >         >         >         >         >         >
    PI_PEPPER = 
    >         'changed' 
    >         >         >         >         >         >
    SECRET_KEY 
    >         = 
    >         >         'changed' 
    >         >         >         >         >         > 
    >         >         SQLALCHEMY_DATABASE_URI = 
    >         >         >         >         > 
    >         >         'mysql://pi:changed@localhost/pi' 
    >         >         >         >         >         > -- 
    >         >         >         >         >         > Please
    read the blog 
    >         post 
    >         >         about getting 
    >         >         >         help 
    >         >         >         >         >         > 
    >         >         > 
    >         https://www.privacyidea.org/getting-help/. 
    >         >         >         >         >         >   
    >         >         >         >         >         > For
    professional 
    >         services and 
    >         >         >         consultancy 
    >         >         >         >         regarding two 
    >         >         >         >         >         factor 
    >         >         >         >         >         >
    authentication 
    >         please visit 
    >         >         >         >         >         > 
    >         >         >         > 
    >         >         > 
    >         > 
    >
    https://netknights.it/en/leistungen/one-time-services/ 
    >         >         >         >         >         >   
    >         >         >         >         >         > In an
    enterprise 
    >         environment 
    >         >         you should 
    >         >         >         get a 
    >         >         >         >         SERVICE LEVEL 
    >         >         >         >         >         AGREEMENT 
    >         >         >         >         >         > which
    suites your 
    >         needs for 
    >         >         SECURITY, 
    >         >         >         AVAILABILITY 
    >         >         >         >         and 
    >         >         >         >         >         LIABILITY: 
    >         >         >         >         >         > 
    >         >         >         >         > 
    >         >         >         > 
    >         >         > 
    >         > 
    >
    https://netknights.it/en/leistungen/service-level-agreements/ 
    >         >         >         >         >         > --- 
    >         >         >         >         >         > You
    received this 
    >         message 
    >         >         because you 
    >         >         >         are 
    >         >         >         >         subscribed to the 
    >         >         >         >         >         Google 
    >         >         >         >         >         > Groups
    "privacyidea" 
    >         group. 
    >         >         >         >         >         > To
    unsubscribe from 
    >         this group 
    >         >         and stop 
    >         >         >         receiving 
    >         >         >         >         emails 
    >         >         >         >         >         from it,
    send 
    >         >         >         >         >         > an email
    to 
    >         >         >
    privacyidea...@googlegroups.com. 
    >         >         >         >         >         > To post to
    this 
    >         group, send 
    >         >         email to 
    >         >         >         >         > 
    >         priva...@googlegroups.com. 
    >         >         >         >         >         > Visit this
    group at 
    >         >         >         >         > 
    >         >         > 
    >         https://groups.google.com/group/privacyidea. 
    >         >         >         >         >         > To view
    this 
    >         discussion on the 
    >         >         web 
    >         >         >         visit 
    >         >         >         >         >         > 
    >         >         >         >         > 
    >         >         >         > 
    >         >         > 
    >         > 
    >
    https://groups.google.com/d/msgid/privacyidea/74fc71fb-b8ea-4076-a8d2-a7b16bdb7bb6%40googlegroups.com. 
    >         >         >         >         >         > For more
    options, 
    >         visit 
    >         >         >         > 
    >         https://groups.google.com/d/optout. 
    >         >         >         >         >         
    >         >         >         >         >         -- 
    >         >         >         >         >         Cornelius
    Kölbel 
    >         >         >         >         > 
    >         corneliu...@netknights.it 
    >         >         >         >         >         +49 151 2960
    1417 
    >         >         >         >         >         
    >         >         >         >         >         NetKnights
    GmbH 
    >         >         >         >         > 
    >         http://www.netknights.it 
    >         >         >         >         >
    Landgraf-Karl-Str. 19, 
    >         34131 
    >         >         Kassel, 
    >         >         >         Germany 
    >         >         >         >         >         Tel: +49 561
    3166797, 
    >         Fax: +49 
    >         >         561 
    >         >         >         3166798 
    >         >         >         >         >         
    >         >         >         >         >         Amtsgericht
    Kassel, 
    >         HRB 16405 
    >         >         >         >         >
    Geschäftsführer: 
    >         Cornelius 
    >         >         Kölbel 
    >         >         >         >         >         
    >         >         >         >         >         
    >         >         >         >         > -- 
    >         >         >         >         > Please read the blog
    post 
    >         about getting 
    >         >         help 
    >         >         >         >         > 
    >         >
    https://www.privacyidea.org/getting-help/. 
    >         >         >         >         >   
    >         >         >         >         > For professional
    services and 
    >         >         consultancy 
    >         >         >         regarding two 
    >         >         >         >         factor 
    >         >         >         >         > authentication
    please visit 
    >         >         >         >         > 
    >         >         > 
    >         > 
    >
    https://netknights.it/en/leistungen/one-time-services/ 
    >         >         >         >         >   
    >         >         >         >         > In an enterprise
    environment 
    >         you should 
    >         >         get a 
    >         >         >         SERVICE LEVEL 
    >         >         >         >         AGREEMENT 
    >         >         >         >         > which suites your
    needs for 
    >         SECURITY, 
    >         >         AVAILABILITY 
    >         >         >         and 
    >         >         >         >         LIABILITY: 
    >         >         >         >         > 
    >         >         >         > 
    >         >         > 
    >         > 
    >
    https://netknights.it/en/leistungen/service-level-agreements/ 
    >         >         >         >         > --- 
    >         >         >         >         > You received this
    message 
    >         because you 
    >         >         are 
    >         >         >         subscribed to the 
    >         >         >         >         Google 
    >         >         >         >         > Groups "privacyidea"
    group. 
    >         >         >         >         > To unsubscribe from
    this group 
    >         and stop 
    >         >         receiving 
    >         >         >         emails 
    >         >         >         >         from it, send 
    >         >         >         >         > an email to 
    >         >         privacyidea...@googlegroups.com. 
    >         >         >         >         > To post to this
    group, send 
    >         email to 
    >         >         >         >
    priva...@googlegroups.com. 
    >         >         >         >         > Visit this group at 
    >         >         >         > 
    >         >
    https://groups.google.com/group/privacyidea. 
    >         >         >         >         > To view this
    discussion on the 
    >         web 
    >         >         visit 
    >         >         >         >         > 
    >         >         >         > 
    >         >         > 
    >         > 
    >
    https://groups.google.com/d/msgid/privacyidea/ef7fd503-e74e-47e9-8421-68fb3b1a30bb%40googlegroups.com. 
    >         >         >         >         > For more options,
    visit 
    >         >         >
    https://groups.google.com/d/optout. 
    >         >         >         >         
    >         >         >         >         -- 
    >         >         >         >         Cornelius Kölbel 
    >         >         >         >
    corneliu...@netknights.it 
    >         >         >         >         +49 151 2960 1417 
    >         >         >         >         
    >         >         >         >         NetKnights GmbH 
    >         >         >         >
    http://www.netknights.it 
    >         >         >         >         Landgraf-Karl-Str. 19,
    34131 
    >         Kassel, 
    >         >         Germany 
    >         >         >         >         Tel: +49 561 3166797,
    Fax: +49 
    >         561 
    >         >         3166798 
    >         >         >         >         
    >         >         >         >         Amtsgericht Kassel,
    HRB 16405 
    >         >         >         >         Geschäftsführer:
    Cornelius 
    >         Kölbel 
    >         >         >         >         
    >         >         >         >         
    >         >         >         > -- 
    >         >         >         > Please read the blog post
    about getting 
    >         help 
    >         >         >         > 
    >         https://www.privacyidea.org/getting-help/. 
    >         >         >         >   
    >         >         >         > For professional services and 
    >         consultancy 
    >         >         regarding two 
    >         >         >         factor 
    >         >         >         > authentication please visit 
    >         >         >         > 
    >         > 
    >
    https://netknights.it/en/leistungen/one-time-services/ 
    >         >         >         >   
    >         >         >         > In an enterprise environment
    you should 
    >         get a 
    >         >         SERVICE LEVEL 
    >         >         >         AGREEMENT 
    >         >         >         > which suites your needs for
    SECURITY, 
    >         AVAILABILITY 
    >         >         and 
    >         >         >         LIABILITY: 
    >         >         >         > 
    >         >         > 
    >         > 
    >
    https://netknights.it/en/leistungen/service-level-agreements/ 
    >         >         >         > --- 
    >         >         >         > You received this message
    because you 
    >         are 
    >         >         subscribed to the 
    >         >         >         Google 
    >         >         >         > Groups "privacyidea" group. 
    >         >         >         > To unsubscribe from this group
    and stop 
    >         receiving 
    >         >         emails 
    >         >         >         from it, send 
    >         >         >         > an email to 
    >         privacyidea...@googlegroups.com. 
    >         >         >         > To post to this group, send
    email to 
    >         >         >         priva...@googlegroups.com. 
    >         >         >         > Visit this group at 
    >         >         > 
    >         https://groups.google.com/group/privacyidea. 
    >         >         >         > To view this discussion on the
    web 
    >         visit 
    >         >         >         > 
    >         >         > 
    >         > 
    >
    https://groups.google.com/d/msgid/privacyidea/25228782-5705-431c-82f1-4e6e5775d782%40googlegroups.com. 
    >         >         >         > For more options, visit 
    >         >         https://groups.google.com/d/optout. 
    >         >         >         
    >         >         >         -- 
    >         >         >         Cornelius Kölbel 
    >         >         >         corneliu...@netknights.it 
    >         >         >         +49 151 2960 1417 
    >         >         >         
    >         >         >         NetKnights GmbH 
    >         >         >         http://www.netknights.it 
    >         >         >         Landgraf-Karl-Str. 19, 34131
    Kassel, 
    >         Germany 
    >         >         >         Tel: +49 561 3166797, Fax: +49
    561 
    >         3166798 
    >         >         >         
    >         >         >         Amtsgericht Kassel, HRB 16405 
    >         >         >         Geschäftsführer: Cornelius
    Kölbel 
    >         >         >         
    >         >         >         
    >         >         > -- 
    >         >         > Please read the blog post about getting
    help 
    >         >         >
    https://www.privacyidea.org/getting-help/. 
    >         >         >   
    >         >         > For professional services and
    consultancy 
    >         regarding two 
    >         >         factor 
    >         >         > authentication please visit 
    >         >         > 
    >
    https://netknights.it/en/leistungen/one-time-services/ 
    >         >         >   
    >         >         > In an enterprise environment you should
    get a 
    >         SERVICE LEVEL 
    >         >         AGREEMENT 
    >         >         > which suites your needs for SECURITY,
    AVAILABILITY 
    >         and 
    >         >         LIABILITY: 
    >         >         > 
    >         > 
    >
    https://netknights.it/en/leistungen/service-level-agreements/ 
    >         >         > --- 
    >         >         > You received this message because you
    are 
    >         subscribed to the 
    >         >         Google 
    >         >         > Groups "privacyidea" group. 
    >         >         > To unsubscribe from this group and stop
    receiving 
    >         emails 
    >         >         from it, send 
    >         >         > an email to
    privacyidea...@googlegroups.com. 
    >         >         > To post to this group, send email to 
    >         >         priva...@googlegroups.com. 
    >         >         > Visit this group at 
    >         >
    https://groups.google.com/group/privacyidea. 
    >         >         > To view this discussion on the web
    visit 
    >         >         > 
    >         > 
    >
    https://groups.google.com/d/msgid/privacyidea/1553807c-aad2-4871-a4b1-06662671edbd%40googlegroups.com. 
    >         >         > For more options, visit 
    >         https://groups.google.com/d/optout. 
    >         >         
    >         >         -- 
    >         >         Cornelius Kölbel 
    >         >         corneliu...@netknights.it 
    >         >         +49 151 2960 1417 
    >         >         
    >         >         NetKnights GmbH 
    >         >         http://www.netknights.it 
    >         >         Landgraf-Karl-Str. 19, 34131 Kassel,
    Germany 
    >         >         Tel: +49 561 3166797, Fax: +49 561
    3166798 
    >         >         
    >         >         Amtsgericht Kassel, HRB 16405 
    >         >         Geschäftsführer: Cornelius Kölbel 
    >         >         
    >         >         
    >         > -- 
    >         > Please read the blog post about getting help 
    >         > https://www.privacyidea.org/getting-help/. 
    >         >   
    >         > For professional services and consultancy
    regarding two 
    >         factor 
    >         > authentication please visit 
    >         >
    https://netknights.it/en/leistungen/one-time-services/ 
    >         >   
    >         > In an enterprise environment you should get a
    SERVICE LEVEL 
    >         AGREEMENT 
    >         > which suites your needs for SECURITY, AVAILABILITY
    and 
    >         LIABILITY: 
    >         > 
    >
    https://netknights.it/en/leistungen/service-level-agreements/ 
    >         > --- 
    >         > You received this message because you are
    subscribed to the 
    >         Google 
    >         > Groups "privacyidea" group. 
    >         > To unsubscribe from this group and stop receiving
    emails 
    >         from it, send 
    >         > an email to privacyidea...@googlegroups.com. 
    >         > To post to this group, send email to 
    >         priva...@googlegroups.com. 
    >         > Visit this group at 
    >         https://groups.google.com/group/privacyidea. 
    >         > To view this discussion on the web visit 
    >         > 
    >
    https://groups.google.com/d/msgid/privacyidea/28f9be78-4fb9-4498-9124-bcb9c24c0483%40googlegroups.com. 
    >         > For more options, visit
    https://groups.google.com/d/optout. 
    >         
    >         -- 
    >         Cornelius Kölbel 
    >         corneliu...@netknights.it 
    >         +49 151 2960 1417 
    >         
    >         NetKnights GmbH 
    >         http://www.netknights.it 
    >         Landgraf-Karl-Str. 19, 34131 Kassel, Germany 
    >         Tel: +49 561 3166797, Fax: +49 561 3166798 
    >         
    >         Amtsgericht Kassel, HRB 16405 
    >         Geschäftsführer: Cornelius Kölbel 
    >         
    >         
    > -- 
    > Please read the blog post about getting help 
    > https://www.privacyidea.org/getting-help/. 
    >   
    > For professional services and consultancy regarding two
    factor 
    > authentication please visit 
    > https://netknights.it/en/leistungen/one-time-services/ 
    >   
    > In an enterprise environment you should get a SERVICE LEVEL
    AGREEMENT 
    > which suites your needs for SECURITY, AVAILABILITY and
    LIABILITY: 
    >
    https://netknights.it/en/leistungen/service-level-agreements/ 
    > --- 
    > You received this message because you are subscribed to the
    Google 
    > Groups "privacyidea" group. 
    > To unsubscribe from this group and stop receiving emails
    from it, send 
    > an email to privacyidea...@googlegroups.com. 
    > To post to this group, send email to
    priva...@googlegroups.com. 
    > Visit this group at
    https://groups.google.com/group/privacyidea. 
    > To view this discussion on the web visit 
    >
    https://groups.google.com/d/msgid/privacyidea/33bf016a-6429-45ee-a9a7-7574f97e383c%40googlegroups.com. 
    > For more options, visit https://groups.google.com/d/optout. 
    
    -- 
    Cornelius Kölbel 
    corneliu...@netknights.it 
    +49 151 2960 1417 
    
    NetKnights GmbH 
    http://www.netknights.it 
    Landgraf-Karl-Str. 19, 34131 Kassel, Germany 
    Tel: +49 561 3166797, Fax: +49 561 3166798 
    
    Amtsgericht Kassel, HRB 16405 
    Geschäftsführer: Cornelius Kölbel 


Please read the blog post about getting help
https://www.privacyidea.org/getting-help/.

For professional services and consultancy regarding two factor
authentication please visit
https://netknights.it/en/leistungen/one-time-services/

In an enterprise environment you should get a SERVICE LEVEL AGREEMENT
which suites your needs for SECURITY, AVAILABILITY and LIABILITY:
https://netknights.it/en/leistungen/service-level-agreements/

You received this message because you are subscribed to the Google
Groups “privacyidea” group.
To unsubscribe from this group and stop receiving emails from it, send
an email to privacyidea+unsubscribe@googlegroups.com.
To post to this group, send email to privacyidea@googlegroups.com.
Visit this group at https://groups.google.com/group/privacyidea.
To view this discussion on the web visit
https://groups.google.com/d/msgid/privacyidea/dc0630c5-2656-4f32-a012-bf47ea330f9e%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


Cornelius Kölbel
@cornelinux
+49 151 2960 1417

NetKnights GmbH
http://www.netknights.it
Landgraf-Karl-Str. 19, 34131 Kassel, Germany
Tel: +49 561 3166797, Fax: +49 561 3166798

Amtsgericht Kassel, HRB 16405
Geschäftsführer: Cornelius Kölbel

signature.asc (836 Bytes)