= Proposed Self Contained Change: FreeIPA OTP UI = https://fedoraproject.org/wiki/Changes/IPAv3OTPUI
Change owner(s): Nathaniel McCallum npmccallum@fedoraproject.org
FreeIPA will gain a user interface for managing users' OTP tokens.
== Detailed description == In Fedora 19 we introduced rudimentary support for OTP in krb5 and FreeIPA. Building on this work, we are creating a management system so that tokens can be managed alongside other user attributes.
== Scope == Proposal owners: change development Other developers: N/A (not a System Wide Change) Release engineering: N/A (not a System Wide Change) Policies and guidelines: N/A (not a System Wide Change) _______________________________________________ devel-announce mailing list devel-announce@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel-announce
On Tue, 2013-07-16 at 13:48 +0200, Jaroslav Reznik wrote:
= Proposed Self Contained Change: FreeIPA OTP UI = https://fedoraproject.org/wiki/Changes/IPAv3OTPUI
Change owner(s): Nathaniel McCallum npmccallum@fedoraproject.org
FreeIPA will gain a user interface for managing users' OTP tokens.
== Detailed description == In Fedora 19 we introduced rudimentary support for OTP in krb5 and FreeIPA. Building on this work, we are creating a management system so that tokens can be managed alongside other user attributes.
Not a lot of detail in this page, but I assume the UI here is a web ui for managing this ? I would be interested in discussing the implication for the client-side UI (control-center user panel, login screen, etc). E.g.: Can we know that OTPs are in use, and disable the password change UI ?
Matthias
On Tue, 16 Jul 2013, Matthias Clasen wrote:
On Tue, 2013-07-16 at 13:48 +0200, Jaroslav Reznik wrote:
= Proposed Self Contained Change: FreeIPA OTP UI = https://fedoraproject.org/wiki/Changes/IPAv3OTPUI
Change owner(s): Nathaniel McCallum npmccallum@fedoraproject.org
FreeIPA will gain a user interface for managing users' OTP tokens.
== Detailed description == In Fedora 19 we introduced rudimentary support for OTP in krb5 and FreeIPA. Building on this work, we are creating a management system so that tokens can be managed alongside other user attributes.
Not a lot of detail in this page, but I assume the UI here is a web ui for managing this ? I would be interested in discussing the implication for the client-side UI (control-center user panel, login screen, etc). E.g.: Can we know that OTPs are in use, and disable the password change UI ?
Yes, this is about FreeIPA's web UI.
I think realmd could detect that OTP is enabled for the user as it will be visible in 'ipa' command line commands and in LDAP entry for the user.