Paul Lettich

Hi @melanger It looks like Windows Hello now uses the TPM attestation format (at least on my machine, Win 11 on Thinkpad) which is currently not implemented in privacyIDEA. We...

This should work now with #3292 and no attestation handling

What about checking against a different (internal) service? How do i.e. Linux distros check for bad passwords? Maybe we can utilize these tools.

https://www.heise.de/security/artikel/Nach-dem-Passwort-Leak-Eigene-Passwoerter-lokal-checken-4284756.html

Thanks for the PR. There were some other issues so i created another PR with these changes: #3262

There is a specific LDAP search for all groups a user is member of: https://ldapwiki.com/wiki/Active%20Directory%20User%20Related%20Searches#section-Active+Directory+User+Related+Searches-AllGroupsAUserIsAMemberOfIncludingNestedGroups but this would require a second LDAP-query only for the groups.

Hi @gregharvey I could not reproduce this with the latest mariadb (10.6.5) using a docker container. However it could be that AWS does some things differently. When a new resolver...

Hi @AlexFreeland thanks for reporting this. Unfortunately i could not reproduce this, talking to privacyIDEA through an SSH tunnel works just fine for me. According to the backtrace, this looks...

Ok, just now the error occurred here as well when having two connections through the tunnel. It looks like the mod_wsgi can not differentiate between requests when they come through...

> Hi @plettich have you attempted the workaround I gave in the actual outcome section? Yes, it does work for me as well. I still have to figure out, what...