Cornelius Kölbel
Cornelius Kölbel
Thank you for your idea. I understand your point. However, I am not sure, if this would often not be the use case. Usually the enrollment would happen like this:...
The system behaves correct if the user only has one spass token. In this case the condition also match, if the password is wrong. To only trigger, if the login...
The sensible approve would be to add a comment to the read before update, if the audit log schema was changed. * check in which cases the audit log and...
:-) You are most probably right!
You are right. The admin client currently will only list the first 10 tokens. But: you can always filter the tokens and thus get "other ten tokens". privacyidea -U https://localhost/pi...
Take a look at this blog post https://www.privacyidea.org/create-user-portal/ to get an idea how to use ``httpie`` to also grab your tokens via the API. Cool tool. Also comes with colors...
Sorry for missing any response. @droobah So you are polling in the RADIUS response. How did you handle timeouts? Usually RADIUS timeouts are rather short like 5 seconds.
We added a [push_wait](https://privacyidea.readthedocs.io/en/latest/policies/authentication.html#push-wait) policy, maybe *after* your PR here. Actually privacyIDEA waits with the response to the RADIUS server. Maybe you also want to take a look into this?...
However, it is a good starting point :-)
This is already possible: ~~~~ [Attribute Something1] dir = user userAttribute = gruppen radiusAttribute = Filter-Id regex = CN=Enterprise\ Admins,CN=Users,DC=testfoo,DC=intranet prefix = FIX-BUILTIN-Enter [Attribute SOmething-Else] dir = user userAttribute =...