WMDE
/
LDAPAccountManager
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Duo

This commit is contained in:
Roland Gruber 2019-08-13 20:08:08 +02:00
parent a7f2f753c5
commit 9cae521150
1 changed files with 53 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

59
lam/docs/manual-sources/chapter-selfService.xml
View File

@ -325,6 +325,10 @@
<listitem> <listitem>
<para><ulink url="https://www.yubico.com/">YubiKey</ulink></para> <para><ulink url="https://www.yubico.com/">YubiKey</ulink></para>
</listitem> </listitem>
<listitem>
<para><ulink url="https://duo.com/">Duo</ulink></para>
</listitem>
</itemizedlist> </itemizedlist>
<para>privacyIDEA:</para> <para>privacyIDEA:</para>
@ -339,6 +343,19 @@
<para>User name attribute: please enter the LDAP attribute name <para>User name attribute: please enter the LDAP attribute name
that contains the user ID (e.g. "uid")</para> that contains the user ID (e.g. "uid")</para>
</listitem> </listitem>
<listitem>
<para>Optional: By default LAM will enforce to use a token and
reject users that did not setup one. You can set this check to
optional. But if a user has setup a token then this will always be
required.</para>
</listitem>
<listitem>
<para>Disable certificate check: This should be used on
development instances only. It skips the certificate check when
connecting to verification server.</para>
</listitem>
</itemizedlist> </itemizedlist>
<para>YubiKey:</para> <para>YubiKey:</para>
@ -362,15 +379,45 @@
<para>Secret key: this is only required for YubiKey cloud. You can <para>Secret key: this is only required for YubiKey cloud. You can
register here: https://upgrade.yubico.com/getapikey/</para> register here: https://upgrade.yubico.com/getapikey/</para>
</listitem> </listitem>
<listitem>
<para>Optional: By default LAM will enforce to use a token and
reject users that did not setup one. You can set this check to
optional. But if a user has setup a token then this will always be
required.</para>
</listitem>
<listitem>
<para>Disable certificate check: This should be used on
development instances only. It skips the certificate check when
connecting to verification server.</para>
</listitem>
</itemizedlist> </itemizedlist>
<para>Optional: By default LAM will enforce to use a token and reject <para>Duo:</para>
users that did not setup one. You can set this check to optional. But
if a user has setup a token then this will always be required.</para>
<para>Disable certificate check: This should be used on development <para>This requires to register a new "Web SDK" application in your
instances only. It skips the certificate check when connecting to Duo admin panel.</para>
verification server.</para>
<itemizedlist>
<listitem>
<para>User name attribute: please enter the LDAP attribute name
that contains the user ID (e.g. "uid").</para>
</listitem>
<listitem>
<para>Base URL: please enter the API-URL of your Duo instance
(e.g. api-12345.duosecurity.com).</para>
</listitem>
<listitem>
<para>Client id: please enter your integration key.</para>
</listitem>
<listitem>
<para>Secret key: please enter your secret key.</para>
</listitem>
</itemizedlist>
<screenshot> <screenshot>
<mediaobject> <mediaobject>