OTPOverRadius IPA vs Krb

Henry B. Hotz hotz at jpl.nasa.gov
Wed Jun 12 03:28:10 EDT 2013

OK, so this isn't a question for Dimitri.  How does one set the required "user string" with kadmin?

Would it be

kadmin.local:  set_string smith at TEST.REALM otp "[{}]"


On Jun 11, 2013, at 7:24 AM, krbdev-request at mit.edu wrote:

> Date: Mon, 10 Jun 2013 14:35:56 -0400
> From: Dmitri Pal <dpal at redhat.com>
> Subject: Re: OTPOverRadius IPA vs Krb
> To: krbdev at mit.edu
> Message-ID: <51B61C8C.1040801 at redhat.com>
> Content-Type: text/plain; charset=ISO-8859-1
> On 06/10/2013 02:21 PM, Henry B. Hotz wrote:
>> The project page references an otp "user string" that needs to be set.  Is this something that can be set with kadmin, or is it strictly an IPA thing?
> It is not an IPA thing. The string should be manageable in KDB via
> kadmin in a pure kerberos environment without IPA.
> It is not required to be set.
> It effectively allows you to define the configuration on per user basis
> and override user login if needed.
> -- 
> Thank you,
> Dmitri Pal

The opinions expressed in this message are mine,
not those of Caltech, JPL, NASA, or the US Government.
Henry.B.Hotz at jpl.nasa.gov, or hbhotz at oxy.edu

More information about the krbdev mailing list