This repository was archived by the owner on Dec 11, 2020. It is now read-only.
WIP: Create ocserv-authentication-ad-googleauth.md#8
Open
dpelivan wants to merge 1 commit intoopenconnect:masterfrom
Open
WIP: Create ocserv-authentication-ad-googleauth.md#8dpelivan wants to merge 1 commit intoopenconnect:masterfrom
dpelivan wants to merge 1 commit intoopenconnect:masterfrom
Conversation
Integrate ocserv with Microsoft Active Directory and Google Authenticator
nmav
reviewed
Apr 8, 2019
| This Recipe provides step by step instructions on how to install, configure, | ||
| and test Microsoft AD Authentication for Openconnect Server. This recipe focuses on | ||
| generic installation instructions, from packages available on Openconnect server. | ||
| No precompiled binary packages will be used, therefore this recipe was tested |
Contributor
There was a problem hiding this comment.
Not sure what this sentence means by "No precompiled binary packages will be used". Does it mean you didn't use the epel7 ocserv package?
nmav
reviewed
Apr 8, 2019
| auth [success=1 default=ignore] pam_sss.so use_first_pass | ||
| auth requisite pam_deny.so | ||
| auth required pam_permit.so | ||
| auth required pam_google_authenticator.so |
Contributor
There was a problem hiding this comment.
I suppose that you added this line, what about using a diff or explicitly saying to add this line?
nmav
reviewed
Apr 8, 2019
| fi | ||
| ``` | ||
| 3. Configure PAM to enable google-authenticator for password authentication. | ||
| You need to modify ```/etc/pam.d/ocserv```: |
Contributor
There was a problem hiding this comment.
wouldn't you also need to change something in ocserv.conf to instruct it to use pam for user authentication?
nmav
reviewed
Apr 8, 2019
|
|
||
| ### Scope | ||
|
|
||
| This Recipe provides step by step instructions on how to install, configure, |
Contributor
There was a problem hiding this comment.
Maybe this sentence should repeat that this is for both Microsoft AD and google authenticator OATH.
nmav
changed the title
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Integrate ocserv with Microsoft Active Directory and Google Authenticator