diff options
author | Nathaniel McCallum <npmccallum@redhat.com> | 2013-12-16 16:19:08 -0500 |
---|---|---|
committer | Petr Viktorin <pviktori@redhat.com> | 2014-02-21 10:26:02 +0100 |
commit | 49038cda9fcddf75e04d1e36df3707432b96fb6d (patch) | |
tree | a7c38748dbfea8dd311e88aff805a266d7fcef64 /daemons/ipa-slapi-plugins/ipa-otp-lasttoken/otp-lasttoken-conf.ldif | |
parent | abb63ed9d1027b967b4ac4473433e4eb5a3ff0b9 (diff) | |
download | freeipa.git-49038cda9fcddf75e04d1e36df3707432b96fb6d.tar.gz freeipa.git-49038cda9fcddf75e04d1e36df3707432b96fb6d.tar.xz freeipa.git-49038cda9fcddf75e04d1e36df3707432b96fb6d.zip |
Add OTP last token plugin
This plugin prevents the deletion or deactivation of the last
valid token for a user. This prevents the user from migrating
back to single factor authentication once OTP has been enabled.
Thanks to Mark Reynolds for helping me with this patch.
Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
Diffstat (limited to 'daemons/ipa-slapi-plugins/ipa-otp-lasttoken/otp-lasttoken-conf.ldif')
-rw-r--r-- | daemons/ipa-slapi-plugins/ipa-otp-lasttoken/otp-lasttoken-conf.ldif | 15 |
1 files changed, 15 insertions, 0 deletions
diff --git a/daemons/ipa-slapi-plugins/ipa-otp-lasttoken/otp-lasttoken-conf.ldif b/daemons/ipa-slapi-plugins/ipa-otp-lasttoken/otp-lasttoken-conf.ldif new file mode 100644 index 00000000..76788384 --- /dev/null +++ b/daemons/ipa-slapi-plugins/ipa-otp-lasttoken/otp-lasttoken-conf.ldif @@ -0,0 +1,15 @@ +dn: cn=IPA OTP Last Token,cn=plugins,cn=config +changetype: add +objectclass: top +objectclass: nsSlapdPlugin +objectclass: extensibleObject +cn: IPA OTP Last Token +nsslapd-pluginpath: libipa_otp_lasttoken +nsslapd-plugininitfunc: ipa_otp_lasttoken_init +nsslapd-plugintype: preoperation +nsslapd-pluginenabled: on +nsslapd-pluginid: ipa-otp-lasttoken +nsslapd-pluginversion: 1.0 +nsslapd-pluginvendor: Red Hat, Inc. +nsslapd-plugindescription: IPA OTP Last Token plugin +nsslapd-plugin-depends-on-type: database |