Not sure if it's what you're looking for, but I developed a bash script to auto-generate tokens daily for all users not in my service-accounts group if they did not exist. It then emails a QR code to the user and a notification email to the management email. This may not be the best way to do it, but it works for us.
https://gogs.tfmm.co/tfmm/freeipa-generate-otp-tokens --Russ On Thu, Mar 11, 2021 at 8:39 AM dd4321 Dey via FreeIPA-users < [email protected]> wrote: > Hi > > Is it possible to add/generate OTP token without using IPA user interface > ? Due to security reasons, i don't want to give access to IPA web interface > to users. Recently, i have configured password manager which integrates > OpenLDAP/IPA server. So each user can change their password using password > manager eliminating needs for accessing IPA web UI. In the same way, is it > possible to do the same i.e generating OTP token using any third party > application ? > > Regards > > _______________________________________________ > FreeIPA-users mailing list -- [email protected] > To unsubscribe send an email to [email protected] > Fedora Code of Conduct: > https://docs.fedoraproject.org/en-US/project/code-of-conduct/ > List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines > List Archives: > https://lists.fedorahosted.org/archives/list/[email protected] > Do not reply to spam on the list, report it: > https://pagure.io/fedora-infrastructure >
_______________________________________________ FreeIPA-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected] Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
