Windows credential providers

Hi,
i’v configured privacyID3a on a centos machine.

All works fine!

Vpn access, local unix account…

But an imprtant question.

I’ ave a 2008 active directory domain.

I want also taht all windows client pc (win7 e win 8 64 bit) log in againts
privacyid3a with the same
system (pin+otp)

It’ s possible ?

How configure my client windows machine ?

Thanks for your support!

Hi Cornelius!

I’m looking forward for your privacyidea credential provider!

Thanks a lot,

Have good day.

IT System admin
AlessandroOn Tuesday, June 9, 2015 at 1:58:21 PM UTC+2, Cornelius Kölbel wrote:

Hi,
there is a privacyidea credential provider, which expects:

  1. Windows Domain and Username
  2. Windows Domain Passwort
  3. OTP PIN (optional) and OTP

A colleague of mine developed it, but at the moment it is only
controlled available. (not publically)

I will forward the request accordingly.

Kind regards
Cornelius

Am Dienstag, den 09.06.2015, 04:37 -0700 schrieb 77istrid:

Hi,
i’v configured privacyID3a on a centos machine.

All works fine!

Vpn access, local unix account…

But an imprtant question.

I’ ave a 2008 active directory domain.

I want also taht all windows client pc (win7 e win 8 64 bit) log in
againts privacyid3a with the same
system (pin+otp)

It’ s possible ?

How configure my client windows machine ?

Thanks for your support!

You received this message because you are subscribed to the Google
Groups “privacyidea” group.
To unsubscribe from this group and stop receiving emails from it, send
an email to privacyidea...@googlegroups.com <javascript:>.
To post to this group, send email to priva...@googlegroups.com
<javascript:>.
To view this discussion on the web visit

https://groups.google.com/d/msgid/privacyidea/44a1ac7d-12b5-42c5-92a5-a914448eabb3%40googlegroups.com.

For more options, visit https://groups.google.com/d/optout.


Cornelius Kölbel
corneliu...@netknights.it <javascript:>
+49 151 2960 1417

NetKnights GmbH
http://www.netknights.it
Landgraf-Karl-Str. 19, 34131 Kassel, Germany
Tel: +49 561 3166797, Fax: +49 561 3166798

Amtsgericht Kassel, HRB 16405
Geschäftsführer: Cornelius Kölbel

Hi,
there is a privacyidea credential provider, which expects:

  1. Windows Domain and Username
  2. Windows Domain Passwort
  3. OTP PIN (optional) and OTP

A colleague of mine developed it, but at the moment it is only
controlled available. (not publically)

I will forward the request accordingly.

Kind regards
CorneliusAm Dienstag, den 09.06.2015, 04:37 -0700 schrieb 77istrid:

Hi,
i’v configured privacyID3a on a centos machine.

All works fine!

Vpn access, local unix account…

But an imprtant question.

I’ ave a 2008 active directory domain.

I want also taht all windows client pc (win7 e win 8 64 bit) log in
againts privacyid3a with the same
system (pin+otp)

It’ s possible ?

How configure my client windows machine ?

Thanks for your support!

You received this message because you are subscribed to the Google
Groups “privacyidea” group.
To unsubscribe from this group and stop receiving emails from it, send
an email to privacyidea+unsubscribe@googlegroups.com.
To post to this group, send email to privacyidea@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/privacyidea/44a1ac7d-12b5-42c5-92a5-a914448eabb3%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


Cornelius Kölbel
@cornelinux
+49 151 2960 1417

NetKnights GmbH
http://www.netknights.it
Landgraf-Karl-Str. 19, 34131 Kassel, Germany
Tel: +49 561 3166797, Fax: +49 561 3166798

Amtsgericht Kassel, HRB 16405
Geschäftsführer: Cornelius Kölbel

signature.asc (819 Bytes)

Hello Roman,

I will create the contact.
The Credential Provider at the moment does only work online, i.e. the
privacyIDEA server needs to be available.

Nevertheless, privacyIDEA comes with the possibility to do offline OTP,
which was already implemented in the Linux PAM module.
https://www.privacyidea.org/privacyidea-2-2-released-otp-offline-authentication/

It couldTM also be implemented into the Credential Provider.

Kind regards
CorneliusAm Mittwoch, den 02.09.2015, 17:14 -0700 schrieb Roman Canto:

Hi Cornelinux, any chance you can get a hand to this credential
provider module for privacyidea?

On Tuesday, June 9, 2015 at 6:58:21 AM UTC-5, Cornelinux K wrote:
Hi,
there is a privacyidea credential provider, which expects:

    1. Windows Domain and Username 
    2. Windows Domain Passwort 
    3. OTP PIN (optional) and OTP 
    
    A colleague of mine developed it, but at the moment it is
    only 
    controlled available. (not publically) 
    
    I will forward the request accordingly. 
    
    Kind regards 
    Cornelius 
    
    Am Dienstag, den 09.06.2015, 04:37 -0700 schrieb 77istrid: 
    > Hi, 
    > i'v configured privacyID3a on a centos machine. 
    > 
    > 
    > All works fine! 
    > 
    > 
    > Vpn access, local unix account... 
    > 
    > 
    > But an imprtant question. 
    > 
    > 
    > I' ave a 2008 active directory domain. 
    > 
    > 
    > I want also taht all windows client pc (win7 e win 8 64 bit)
    log in 
    > againts privacyid3a with the same 
    > system (pin+otp) 
    > 
    > 
    > 
    > 
    > It' s possible ? 
    > 
    > 
    > How configure my client windows machine ? 
    > 
    > 
    > 
    > 
    > Thanks for your support! 
    > -- 
    > You received this message because you are subscribed to the
    Google 
    > Groups "privacyidea" group. 
    > To unsubscribe from this group and stop receiving emails
    from it, send 
    > an email to privacyidea...@googlegroups.com. 
    > To post to this group, send email to
    priva...@googlegroups.com. 
    > To view this discussion on the web visit 
    >
    https://groups.google.com/d/msgid/privacyidea/44a1ac7d-12b5-42c5-92a5-a914448eabb3%40googlegroups.com. 
    > For more options, visit https://groups.google.com/d/optout. 
    
    -- 
    Cornelius Kölbel 
    corneliu...@netknights.it 
    +49 151 2960 1417 
    
    NetKnights GmbH 
    http://www.netknights.it 
    Landgraf-Karl-Str. 19, 34131 Kassel, Germany 
    Tel: +49 561 3166797, Fax: +49 561 3166798 
    
    Amtsgericht Kassel, HRB 16405 
    Geschäftsführer: Cornelius Kölbel 


You received this message because you are subscribed to the Google
Groups “privacyidea” group.
To unsubscribe from this group and stop receiving emails from it, send
an email to privacyidea+unsubscribe@googlegroups.com.
To post to this group, send email to privacyidea@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/privacyidea/09283821-7929-4bc7-9e40-dd905176434b%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


Cornelius Kölbel
@cornelinux
+49 151 2960 1417

NetKnights GmbH
http://www.netknights.it
Landgraf-Karl-Str. 19, 34131 Kassel, Germany
Tel: +49 561 3166797, Fax: +49 561 3166798

Amtsgericht Kassel, HRB 16405
Geschäftsführer: Cornelius Kölbel

signature.asc (836 Bytes)

Hi Cornelinux, any chance you can get a hand to this credential provider
module for privacyidea?On Tuesday, June 9, 2015 at 6:58:21 AM UTC-5, Cornelinux K wrote:

Hi,
there is a privacyidea credential provider, which expects:

  1. Windows Domain and Username
  2. Windows Domain Passwort
  3. OTP PIN (optional) and OTP

A colleague of mine developed it, but at the moment it is only
controlled available. (not publically)

I will forward the request accordingly.

Kind regards
Cornelius

Am Dienstag, den 09.06.2015, 04:37 -0700 schrieb 77istrid:

Hi,
i’v configured privacyID3a on a centos machine.

All works fine!

Vpn access, local unix account…

But an imprtant question.

I’ ave a 2008 active directory domain.

I want also taht all windows client pc (win7 e win 8 64 bit) log in
againts privacyid3a with the same
system (pin+otp)

It’ s possible ?

How configure my client windows machine ?

Thanks for your support!

You received this message because you are subscribed to the Google
Groups “privacyidea” group.
To unsubscribe from this group and stop receiving emails from it, send
an email to privacyidea...@googlegroups.com <javascript:>.
To post to this group, send email to priva...@googlegroups.com
<javascript:>.
To view this discussion on the web visit

https://groups.google.com/d/msgid/privacyidea/44a1ac7d-12b5-42c5-92a5-a914448eabb3%40googlegroups.com.

For more options, visit https://groups.google.com/d/optout.


Cornelius Kölbel
corneliu...@netknights.it <javascript:>
+49 151 2960 1417

NetKnights GmbH
http://www.netknights.it
Landgraf-Karl-Str. 19, 34131 Kassel, Germany
Tel: +49 561 3166797, Fax: +49 561 3166798

Amtsgericht Kassel, HRB 16405
Geschäftsführer: Cornelius Kölbel

Hi Ivaylo,

this is developed by a colleague of mine.
At the moment this is under a code rewrite.
I forward your request to him, so that you may get into contact.

Kind regards
CorneliusAm Montag, den 21.09.2015, 23:55 -0700 schrieb Ivaylo Bratoev:

Hi guys,

I am interested in the Windows Credential Provider as well. Is it
available somewhere or how do you get access to it?

Following the documentation I reached this empty
repo: https://github.com/LastSquirrelIT/PrivacyIDEA-CredentialProvider . Is it in development or is it private?

Regards,
Ivaylo Bratoev

On Thursday, September 3, 2015 at 11:42:26 AM UTC+3, Cornelinux K wrote:
Hello Roman,

    I will create the contact. 
    The Credential Provider at the moment does only work online,
    i.e. the 
    privacyIDEA server needs to be available. 
    
    Nevertheless, privacyIDEA comes with the possibility to do
    offline OTP, 
    which was already implemented in the Linux PAM module. 
    https://www.privacyidea.org/privacyidea-2-2-released-otp-offline-authentication/ 
    
    It couldTM also be implemented into the Credential Provider. 
    
    Kind regards 
    Cornelius 
    
    Am Mittwoch, den 02.09.2015, 17:14 -0700 schrieb Roman Canto: 
    > Hi Cornelinux, any chance you can get a hand to this
    credential 
    > provider module for privacyidea? 
    > 
    > On Tuesday, June 9, 2015 at 6:58:21 AM UTC-5, Cornelinux K wrote: 
    >         Hi, 
    >         there is a privacyidea credential provider, which
    expects: 
    >         
    >         1. Windows Domain and Username 
    >         2. Windows Domain Passwort 
    >         3. OTP PIN (optional) and OTP 
    >         
    >         A colleague of mine developed it, but at the moment
    it is 
    >         only 
    >         controlled available. (not publically) 
    >         
    >         I will forward the request accordingly. 
    >         
    >         Kind regards 
    >         Cornelius 
    >         
    >         Am Dienstag, den 09.06.2015, 04:37 -0700 schrieb
    77istrid: 
    >         > Hi, 
    >         > i'v configured privacyID3a on a centos machine. 
    >         > 
    >         > 
    >         > All works fine! 
    >         > 
    >         > 
    >         > Vpn access, local unix account... 
    >         > 
    >         > 
    >         > But an imprtant question. 
    >         > 
    >         > 
    >         > I' ave a 2008 active directory domain. 
    >         > 
    >         > 
    >         > I want also taht all windows client pc (win7 e win
    8 64 bit) 
    >         log in 
    >         > againts privacyid3a with the same 
    >         > system (pin+otp) 
    >         > 
    >         > 
    >         > 
    >         > 
    >         > It' s possible ? 
    >         > 
    >         > 
    >         > How configure my client windows machine ? 
    >         > 
    >         > 
    >         > 
    >         > 
    >         > Thanks for your support! 
    >         > -- 
    >         > You received this message because you are
    subscribed to the 
    >         Google 
    >         > Groups "privacyidea" group. 
    >         > To unsubscribe from this group and stop receiving
    emails 
    >         from it, send 
    >         > an email to privacyidea...@googlegroups.com. 
    >         > To post to this group, send email to 
    >         priva...@googlegroups.com. 
    >         > To view this discussion on the web visit 
    >         > 
    >
    https://groups.google.com/d/msgid/privacyidea/44a1ac7d-12b5-42c5-92a5-a914448eabb3%40googlegroups.com. 
    >         > For more options, visit
    https://groups.google.com/d/optout. 
    >         
    >         -- 
    >         Cornelius Kölbel 
    >         corneliu...@netknights.it 
    >         +49 151 2960 1417 
    >         
    >         NetKnights GmbH 
    >         http://www.netknights.it 
    >         Landgraf-Karl-Str. 19, 34131 Kassel, Germany 
    >         Tel: +49 561 3166797, Fax: +49 561 3166798 
    >         
    >         Amtsgericht Kassel, HRB 16405 
    >         Geschäftsführer: Cornelius Kölbel 
    >         
    >         
    > -- 
    > You received this message because you are subscribed to the
    Google 
    > Groups "privacyidea" group. 
    > To unsubscribe from this group and stop receiving emails
    from it, send 
    > an email to privacyidea...@googlegroups.com. 
    > To post to this group, send email to
    priva...@googlegroups.com. 
    > To view this discussion on the web visit 
    >
    https://groups.google.com/d/msgid/privacyidea/09283821-7929-4bc7-9e40-dd905176434b%40googlegroups.com. 
    > For more options, visit https://groups.google.com/d/optout. 
    
    -- 
    Cornelius Kölbel 
    corneliu...@netknights.it 
    +49 151 2960 1417 
    
    NetKnights GmbH 
    http://www.netknights.it 
    Landgraf-Karl-Str. 19, 34131 Kassel, Germany 
    Tel: +49 561 3166797, Fax: +49 561 3166798 
    
    Amtsgericht Kassel, HRB 16405 
    Geschäftsführer: Cornelius Kölbel 


You received this message because you are subscribed to the Google
Groups “privacyidea” group.
To unsubscribe from this group and stop receiving emails from it, send
an email to privacyidea+unsubscribe@googlegroups.com.
To post to this group, send email to privacyidea@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/privacyidea/93355caa-f698-4728-af87-4eb88aebf707%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


Cornelius Kölbel
@cornelinux
+49 151 2960 1417

NetKnights GmbH
http://www.netknights.it
Landgraf-Karl-Str. 19, 34131 Kassel, Germany
Tel: +49 561 3166797, Fax: +49 561 3166798

Amtsgericht Kassel, HRB 16405
Geschäftsführer: Cornelius Kölbel

signature.asc (836 Bytes)

Hi guys,

I am interested in the Windows Credential Provider as well. Is it available
somewhere or how do you get access to it?

Following the documentation I reached this empty
repo: https://github.com/LastSquirrelIT/PrivacyIDEA-CredentialProvider . Is
it in development or is it private?

Regards,
Ivaylo BratoevOn Thursday, September 3, 2015 at 11:42:26 AM UTC+3, Cornelinux K wrote:

Hello Roman,

I will create the contact.
The Credential Provider at the moment does only work online, i.e. the
privacyIDEA server needs to be available.

Nevertheless, privacyIDEA comes with the possibility to do offline OTP,
which was already implemented in the Linux PAM module.

https://www.privacyidea.org/privacyidea-2-2-released-otp-offline-authentication/

It couldTM also be implemented into the Credential Provider.

Kind regards
Cornelius

Am Mittwoch, den 02.09.2015, 17:14 -0700 schrieb Roman Canto:

Hi Cornelinux, any chance you can get a hand to this credential
provider module for privacyidea?

On Tuesday, June 9, 2015 at 6:58:21 AM UTC-5, Cornelinux K wrote:
Hi,
there is a privacyidea credential provider, which expects:

    1. Windows Domain and Username 
    2. Windows Domain Passwort 
    3. OTP PIN (optional) and OTP 
    
    A colleague of mine developed it, but at the moment it is 
    only 
    controlled available. (not publically) 
    
    I will forward the request accordingly. 
    
    Kind regards 
    Cornelius 
    
    Am Dienstag, den 09.06.2015, 04:37 -0700 schrieb 77istrid: 
    > Hi, 
    > i'v configured privacyID3a on a centos machine. 
    > 
    > 
    > All works fine! 
    > 
    > 
    > Vpn access, local unix account... 
    > 
    > 
    > But an imprtant question. 
    > 
    > 
    > I' ave a 2008 active directory domain. 
    > 
    > 
    > I want also taht all windows client pc (win7 e win 8 64 bit) 
    log in 
    > againts privacyid3a with the same 
    > system (pin+otp) 
    > 
    > 
    > 
    > 
    > It' s possible ? 
    > 
    > 
    > How configure my client windows machine ? 
    > 
    > 
    > 
    > 
    > Thanks for your support! 
    > -- 
    > You received this message because you are subscribed to the 
    Google 
    > Groups "privacyidea" group. 
    > To unsubscribe from this group and stop receiving emails 
    from it, send 
    > an email to privacyidea...@googlegroups.com. 
    > To post to this group, send email to 
    priva...@googlegroups.com. 
    > To view this discussion on the web visit 
    > 

https://groups.google.com/d/msgid/privacyidea/44a1ac7d-12b5-42c5-92a5-a914448eabb3%40googlegroups.com.

    > For more options, visit https://groups.google.com/d/optout. 
    
    -- 
    Cornelius Kölbel 
    corneliu...@netknights.it 
    +49 151 2960 1417 
    
    NetKnights GmbH 
    http://www.netknights.it 
    Landgraf-Karl-Str. 19, 34131 Kassel, Germany 
    Tel: +49 561 3166797, Fax: +49 561 3166798 
    
    Amtsgericht Kassel, HRB 16405 
    Geschäftsführer: Cornelius Kölbel 


You received this message because you are subscribed to the Google
Groups “privacyidea” group.
To unsubscribe from this group and stop receiving emails from it, send
an email to privacyidea...@googlegroups.com <javascript:>.
To post to this group, send email to priva...@googlegroups.com
<javascript:>.
To view this discussion on the web visit

https://groups.google.com/d/msgid/privacyidea/09283821-7929-4bc7-9e40-dd905176434b%40googlegroups.com.

For more options, visit https://groups.google.com/d/optout.


Cornelius Kölbel
corneliu...@netknights.it <javascript:>
+49 151 2960 1417

NetKnights GmbH
http://www.netknights.it
http://www.google.com/url?q=http%3A%2F%2Fwww.netknights.it&sa=D&sntz=1&usg=AFQjCNHoBmjJRwmwzu0G1UhoM2kTRcTweg
Landgraf-Karl-Str. 19, 34131 Kassel, Germany
Tel: +49 561 3166797, Fax: +49 561 3166798

Amtsgericht Kassel, HRB 16405
Geschäftsführer: Cornelius Kölbel

Hi Yoann,

thanks a lot for the feedback. Sounds great.

The SSH servers - are these machines also UCS or other linux machines.
On UCS you might want to use the App “privacyIDEA PAM”.

You might also think of using OTP as second factor for SSH but also
manage your SSH keys with privacyIDEA.

You can upload the public SSH keys and assign those keys to machines.
This way you can manage the keys centrally for all machines.

I have a new blog article here about combining all three:

  • password
  • OTP token
  • ssh key

https://www.privacyidea.org/ssh-keys-and-otp-really-strong-two-factor-authentication/

Kind regards
CorneliusAm Mittwoch, den 04.11.2015, 07:47 -0800 schrieb Yoann JOUVENT:

Hello Cornelius,

Thanks for your fast answer !!!

We use UCS for authentication ldap and we use also authentication
802.1x with radius server integrated in UCS.
We use privacyIDEA integrated on UCS to add authentication ldap with
OTP in addition of authentication 802.1x.
We are at beginning of our integration of privacyIDEA but the first
tests are conclusive and integration on UCS is very easy.
We use also privacyIDEA for connection ssh and connection of our
applications.

Thanks.

JOUVENT Yoann


You received this message because you are subscribed to the Google
Groups “privacyidea” group.
To unsubscribe from this group and stop receiving emails from it, send
an email to privacyidea+unsubscribe@googlegroups.com.
To post to this group, send email to privacyidea@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/privacyidea/92eb01b5-9aa7-495d-8b48-713faae2d78d%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


Cornelius Kölbel
@cornelinux
+49 151 2960 1417

NetKnights GmbH
http://www.netknights.it
Landgraf-Karl-Str. 19, 34131 Kassel, Germany
Tel: +49 561 3166797, Fax: +49 561 3166798

Amtsgericht Kassel, HRB 16405
Geschäftsführer: Cornelius Kölbel

signature.asc (836 Bytes)

Hello,

please contact dominik.pretzsch@lastsquirrel.com for the privacyIDEA
Credential Provider.

May I also ask for feedback and experience with the privacyIDEA
Integration on UCS?

Thanks a lot
CorneliusAm Mittwoch, den 04.11.2015, 04:15 -0800 schrieb Yoann JOUVENT:

Hi Cornelius,

We are also interested by Windows Credential Provider. We use
privacyIDEA with Univention Corporate Server and we wish to use
privacyIDEA on our windows client !!
Is it possible to have a contact ?

Thanks.

JOUVENT Yoann


You received this message because you are subscribed to the Google
Groups “privacyidea” group.
To unsubscribe from this group and stop receiving emails from it, send
an email to privacyidea+unsubscribe@googlegroups.com.
To post to this group, send email to privacyidea@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/privacyidea/b27e7106-48d6-4582-bf88-16683493fc71%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


Cornelius Kölbel
@cornelinux
+49 151 2960 1417

NetKnights GmbH
http://www.netknights.it
Landgraf-Karl-Str. 19, 34131 Kassel, Germany
Tel: +49 561 3166797, Fax: +49 561 3166798

Amtsgericht Kassel, HRB 16405
Geschäftsführer: Cornelius Kölbel

signature.asc (836 Bytes)

Hi Cornelius,

We are also interested by Windows Credential Provider. We use privacyIDEA
with Univention Corporate Server and we wish to use privacyIDEA on our
windows client !!
Is it possible to have a contact ?

Thanks.

JOUVENT Yoann

Hello Cornelius,

Thanks for your fast answer !!!

We use UCS for authentication ldap and we use also authentication 802.1x
with radius server integrated in UCS.
We use privacyIDEA integrated on UCS to add authentication ldap with OTP in
addition of authentication 802.1x.
We are at beginning of our integration of privacyIDEA but the first tests
are conclusive and integration on UCS is very easy.
We use also privacyIDEA for connection ssh and connection of our
applications.

Thanks.

JOUVENT Yoann

Hi Cornelius,

Our servers are other linux machines.
Thanks for all those informations !!! We will see what we can put in place
!!

Thanks.

Best regards

JOUVENT YoannLe mercredi 4 novembre 2015 16:52:38 UTC+1, Cornelinux K a écrit :

Hi Yoann,

thanks a lot for the feedback. Sounds great.

The SSH servers - are these machines also UCS or other linux machines.
On UCS you might want to use the App “privacyIDEA PAM”.

You might also think of using OTP as second factor for SSH but also
manage your SSH keys with privacyIDEA.

You can upload the public SSH keys and assign those keys to machines.
This way you can manage the keys centrally for all machines.

I have a new blog article here about combining all three:

  • password
  • OTP token
  • ssh key

https://www.privacyidea.org/ssh-keys-and-otp-really-strong-two-factor-authentication/

Kind regards
Cornelius

Am Mittwoch, den 04.11.2015, 07:47 -0800 schrieb Yoann JOUVENT:

Hello Cornelius,

Thanks for your fast answer !!!

We use UCS for authentication ldap and we use also authentication
802.1x with radius server integrated in UCS.
We use privacyIDEA integrated on UCS to add authentication ldap with
OTP in addition of authentication 802.1x.
We are at beginning of our integration of privacyIDEA but the first
tests are conclusive and integration on UCS is very easy.
We use also privacyIDEA for connection ssh and connection of our
applications.

Thanks.

JOUVENT Yoann


You received this message because you are subscribed to the Google
Groups “privacyidea” group.
To unsubscribe from this group and stop receiving emails from it, send
an email to privacyidea...@googlegroups.com <javascript:>.
To post to this group, send email to priva...@googlegroups.com
<javascript:>.
To view this discussion on the web visit

https://groups.google.com/d/msgid/privacyidea/92eb01b5-9aa7-495d-8b48-713faae2d78d%40googlegroups.com.

For more options, visit https://groups.google.com/d/optout.


Cornelius Kölbel
corneliu...@netknights.it <javascript:>
+49 151 2960 1417

NetKnights GmbH
http://www.netknights.it
Landgraf-Karl-Str. 19, 34131 Kassel, Germany
Tel: +49 561 3166797, Fax: +49 561 3166798

Amtsgericht Kassel, HRB 16405
Geschäftsführer: Cornelius Kölbel

Hi Yoann,

If your other servers are linux machines, you can got with the normal
privacyIDEA pam.

I think using UCS as your directory it is really nice idea.

You might have heard that in version 4.1 of UCS they will add SSO via
simpleSAMLphp.

This is designed to be combined with privacyIDEA.

With the privacyIDA PAM App you will be able to add two factor
authentication to the normal UMC login.
(A blog article on this will follow)

With the privacyIDEA SAML App you can authenticate every SAML Service
Provider against UCS and thus add two factors to those services.

Kind regards
CorneliusAm Donnerstag, den 05.11.2015, 00:13 -0800 schrieb Yoann JOUVENT:

Hi Cornelius,

Our servers are other linux machines.
Thanks for all those informations !!! We will see what we can put in
place !!

Thanks.

Best regards

JOUVENT Yoann

Le mercredi 4 novembre 2015 16:52:38 UTC+1, Cornelinux K a écrit :
Hi Yoann,

    thanks a lot for the feedback. Sounds great. 
    
    The SSH servers - are these machines also UCS or other linux
    machines. 
    On UCS you might want to use the App "privacyIDEA PAM". 
    
    You might also think of using OTP as second factor for SSH but
    also 
    manage your SSH keys with privacyIDEA. 
    
    You can upload the public SSH keys and assign those keys to
    machines. 
    This way you can manage the keys centrally for all machines. 
    
    I have a new blog article here about combining all three: 
    
    * password 
    * OTP token 
    * ssh key 
    
    https://www.privacyidea.org/ssh-keys-and-otp-really-strong-two-factor-authentication/ 
    
    Kind regards 
    Cornelius 
    
    Am Mittwoch, den 04.11.2015, 07:47 -0800 schrieb Yoann
    JOUVENT: 
    > Hello Cornelius, 
    > 
    > Thanks for your fast answer !!! 
    > 
    > We use UCS for authentication ldap and we use also
    authentication 
    > 802.1x with radius server integrated in UCS. 
    > We use privacyIDEA integrated on UCS to add authentication
    ldap with 
    > OTP in addition of authentication 802.1x. 
    > We are at beginning of our integration of privacyIDEA but
    the first 
    > tests are conclusive and integration on UCS is very easy.   
    > We use also privacyIDEA for connection ssh and connection of
    our 
    > applications. 
    > 
    > Thanks. 
    > 
    > JOUVENT Yoann 
    > 
    > -- 
    > You received this message because you are subscribed to the
    Google 
    > Groups "privacyidea" group. 
    > To unsubscribe from this group and stop receiving emails
    from it, send 
    > an email to privacyidea...@googlegroups.com. 
    > To post to this group, send email to
    priva...@googlegroups.com. 
    > To view this discussion on the web visit 
    >
    https://groups.google.com/d/msgid/privacyidea/92eb01b5-9aa7-495d-8b48-713faae2d78d%40googlegroups.com. 
    > For more options, visit https://groups.google.com/d/optout. 
    
    -- 
    Cornelius Kölbel 
    corneliu...@netknights.it 
    +49 151 2960 1417 
    
    NetKnights GmbH 
    http://www.netknights.it 
    Landgraf-Karl-Str. 19, 34131 Kassel, Germany 
    Tel: +49 561 3166797, Fax: +49 561 3166798 
    
    Amtsgericht Kassel, HRB 16405 
    Geschäftsführer: Cornelius Kölbel 


You received this message because you are subscribed to the Google
Groups “privacyidea” group.
To unsubscribe from this group and stop receiving emails from it, send
an email to privacyidea+unsubscribe@googlegroups.com.
To post to this group, send email to privacyidea@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/privacyidea/85365ba5-2ee7-4ecb-aef0-120ce8785a25%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


Cornelius Kölbel
@cornelinux
+49 151 2960 1417

NetKnights GmbH
http://www.netknights.it
Landgraf-Karl-Str. 19, 34131 Kassel, Germany
Tel: +49 561 3166797, Fax: +49 561 3166798

Amtsgericht Kassel, HRB 16405
Geschäftsführer: Cornelius Kölbel

signature.asc (836 Bytes)

Hello Cornelius,

Is it possible that i can receive PrivacyIdea Windows Credential Provider.

We want to use it for our Windows servers. We have allready PrivacyIdea up
and running.

Thanks,

Beste regards,

Michael

Hello Michael,

the privacyIDEA Credential Provider at the moment is not free of charge.
However, I can provide you with an evaluation copy.

I will drop you a note off-list.

Kind regards
CorneliusAm Donnerstag, den 04.02.2016, 00:44 -0800 schrieb Michael Broeknellis:

    Hello Cornelius,

Is it possible that i can receive PrivacyIdea Windows Credential
Provider.

We want to use it for our Windows servers. We have allready
PrivacyIdea up and running.

Thanks,

Beste regards,

Michael

Please read the blog post about getting help
https://www.privacyidea.org/getting-help/.

For professional services and consultancy regarding two factor
authentication please visit
https://netknights.it/en/leistungen/one-time-services/

In an enterprise environment you should get a SERVICE LEVEL AGREEMENT
which suites your needs for SECURITY, AVAILABILITY and LIABILITY:
https://netknights.it/en/leistungen/service-level-agreements/

You received this message because you are subscribed to the Google
Groups “privacyidea” group.
To unsubscribe from this group and stop receiving emails from it, send
an email to privacyidea+unsubscribe@googlegroups.com.
To post to this group, send email to privacyidea@googlegroups.com.
Visit this group at https://groups.google.com/group/privacyidea.
To view this discussion on the web visit
https://groups.google.com/d/msgid/privacyidea/3ffb14ce-7c64-4954-b5b7-30301cdb0903%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


Cornelius Kölbel
@cornelinux
+49 151 2960 1417

NetKnights GmbH
http://www.netknights.it
Landgraf-Karl-Str. 19, 34131 Kassel, Germany
Tel: +49 561 3166797, Fax: +49 561 3166798

Amtsgericht Kassel, HRB 16405
Geschäftsführer: Cornelius Kölbel

signature.asc (836 Bytes)

I have allready a Server PrivacyIdea up and running and use it for VPN
access, I want to use 2FA for secure my Windows server, but i don’t have
PrivacyIdea Windows Credential Provider, Is it possible that i can receive
it?

Thanks,

Best regards,
NamOn Tuesday, 9 June 2015 18:37:45 UTC+7, 77istrid wrote:

Hi,
i’v configured privacyID3a on a centos machine.

All works fine!

Vpn access, local unix account…

But an imprtant question.

I’ ave a 2008 active directory domain.

I want also taht all windows client pc (win7 e win 8 64 bit) log in
againts privacyid3a with the same
system (pin+otp)

It’ s possible ?

How configure my client windows machine ?

Thanks for your support!