Thanks you all. Let me give a try. Thanks
On Thu, Jul 11, 2013 at 11:47 PM, Dan White <[email protected]> wrote: > On 07/11/13 18:49 +0200, Dieter Klünter wrote: > >> Am Thu, 11 Jul 2013 21:46:40 +0530 >> schrieb Vishesh kumar <[email protected]>: >> >> Do anyone point me right direction for setting up OTP authentication >>> in openldap. Reference to URL or guide will be sufficient. >>> >> >> If openldap has been compiled with cyrus-sasl, you have to add otp to >> the sasl mechanism list. Read on opie(4), opiepasswd(1) and opiekeys(5) >> in order to create keys. >> > > If cyrus-sasl is compiled with opie disabled, it will use your configured > auxprop plugin to store and retrieve the otp keys. Slapd will, by > default, store those keys internally within the user's entry. > > You'll need an appropriate schema definition such as > http://web.olp.net/dwhite/**openldap/cmusasl.schema<http://web.olp.net/dwhite/openldap/cmusasl.schema> > . > > With this approach, you can populate the otp key for a given user by using > the ldapdb auxprop plugin, and with saslpasswd2: > > cat > /usr/lib/sasl2/saslpasswd.conf <<EOF > auxprop_plugin: ldapdb > ldapdb_uri: ldapi:/// > ldapdb_mech: EXTERNAL > EOF > > saslpasswd2 -n [email protected] > > -- > Dan White > > -- http://linuxmantra.com
