TFA with Active Directory or FreeIPA

D

D0peX

Member
May 5, 2017
32
0
11
Hi guys,

I'm curious if anyone could explain me. when adding LDAP or AD server as auth realm. There is the option for TFA:
upload_2018-6-2_19-34-20.png
Now,
How do I manage the OTP tokens for each user? Are they created in AD/LDAP or are they stored in proxmox (manually create them).

Bonus question:
Anyone maybe tried to get OAuth/OpenID working as a login method for Proxmox. I.e. Keycloak (link).
 
Hi,

In one system what we manage, we have Duo based 2fa. In this env, we implemented 2fa using with Duo Authentication Proxy, what basically connect to Active Directory, add duo based 2fa features, and providing LDAP, Radius, etc auth interface, what you can connect to your system. With this solution, we can integrate and enable 2fa all devices, even when the devices doesnt have this feauture (eq. old switches).

Proxmox also configured to use this proxy as an LDAP server.
 
You must log in or register to reply here.
Top Bottom