[Freeipa-users] Windows client authentication with OTP not supported
Alexander Bokovoy
abokovoy at redhat.com
Thu May 11 07:42:30 UTC 2017
On to, 11 touko 2017, Felix Chu wrote:
>Hi , I would like to implement SSO for my Linux+Windows2012 machines
>with MFA.
>
>I have installed FreeIPA, it works well for my Linux client
>authentication with OTP enabled. However, for Windows client, I can
>only make it works with FreeIPA without OTP.
>
>The Windows machines are 2012 R2 without AD(workgroup only). When I
>login Windows using FreeIPA user accounts enabled with OTP, it shows
>"An unsupported preauthentication mechanism was presented to the
>Kerberos package", is that not supported ? or something I configured
>wrong?
Windows does not support OTP in Kerberos the same way how MIT Kerberos
does implement it.
--
/ Alexander Bokovoy
More information about the Freeipa-users
mailing list