[Freeipa-devel] [PATCH] 907 webui: add LDAP vs Kerberos behavior description to user auth types
David Kupka
dkupka at redhat.com
Mon Aug 10 12:52:21 UTC 2015
On 10/08/15 13:05, Petr Vobornik wrote:
> Text in the ticket is IMHO wrong. Patch uses different text.:
> """"
> If you choose the password and two-factor authentication types at once,
> Kerberos still enforces authentication with both password and OTP. LDAP
> allows authentication with either one of the authentication types in
> this situation.
> """
>
> One can also use only "Password" with kinit but must provide an armor
> ccache.
>
> e.g.:
> $ kinit admin
> $ klist
> Ticket cache: KEYRING:persistent:17127:17127
> ...
> $ kinit -T KEYRING:persistent:17127:17127 fbar
>
>
> https://fedorahosted.org/freeipa/ticket/4935
>
>
Works for me, ACK.
--
David Kupka
More information about the Freeipa-devel
mailing list