Am Sun, Jul 14, 2024 at 11:27:36PM -0000 schrieb Christopher Byrne:
In the end, I was able to work around this by adding the following line to /etc/sssd.conf:
ldap_host_fqdn = cn
I have some YubiKeys on order and intend to test and document using passkey support (and as one of the maintainers of sssd in Gentoo, add passkey support to it). However, there is no schema with the "passkey" attribute, nor is there another attribute I can map to (like I can with ssh).
Is there a schema available for the "missing" attributes? If not, could one be created?
Hi,
please have a look at https://docs.yubico.com/hardware/oid/oid-ldap-arc.html#ldap-attributes, the 'yubicoPublicKeys' attribute seems suitable.
A more generic one, i.e. without a company name, can be found at https://github.com/osstech-jp/fido2-ldap-demo/blob/master/ldap/fido2.schema.
HTH
bye, Sumit
-- _______________________________________________ sssd-users mailing list -- sssd-users@lists.fedorahosted.org To unsubscribe send an email to sssd-users-leave@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/sssd-users@lists.fedorahosted.o... Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue