From 062e05c071d8bb5b7ba1ed23cfa065bfe0e24ff4 Mon Sep 17 00:00:00 2001 From: aitzol Date: Wed, 8 Nov 2023 08:40:04 +0100 Subject: [PATCH] 2FA --- backup/export.ldif | 1 + docker-compose.yaml | 1 + schema/custom.schema | 9 +++++++-- 3 files changed, 9 insertions(+), 2 deletions(-) diff --git a/backup/export.ldif b/backup/export.ldif index c3c7fb4..d1fcebe 100644 --- a/backup/export.ldif +++ b/backup/export.ldif @@ -35,6 +35,7 @@ dn: cn=seiichi takimoto,cn=users,ou=groups,dc=example,dc=org active: TRUE cn: seiichi takimoto fakecn: FALSE +secureAuth: FALSE devices: unknown lastLogin: 199412161032Z ip: 185.14.36.84 diff --git a/docker-compose.yaml b/docker-compose.yaml index 1cdc3f1..96e861d 100644 --- a/docker-compose.yaml +++ b/docker-compose.yaml @@ -8,6 +8,7 @@ services: ports: - 389:389 - 636:636 + hostname: "ldap.lainoa.eus" environment: LDAP_ORGANISATION: example LDAP_DOMAIN: example.org diff --git a/schema/custom.schema b/schema/custom.schema index 9427ab2..889cac6 100644 --- a/schema/custom.schema +++ b/schema/custom.schema @@ -6,7 +6,6 @@ ## 1.3.6.1.4.1.19937.1.1.x - attributetypes ## 1.3.6.1.4.1.19937.1.2.x - objectclasses ## - attributetype ( 2.25.330098197460787237907941808102951680393.1.0 NAME 'active' DESC 'True if account is active' EQUALITY booleanMatch @@ -36,7 +35,13 @@ attributetype ( 2.25.330098197460787237907941808102951680393.1.4 NAME 'ip' SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) +attributetype ( 2.25.330098197460787237907941808102951680393.1.5 NAME 'secureAuth' + DESC 'True if 2FA active' + EQUALITY booleanMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 + SINGLE-VALUE ) + objectclass ( 2.25.330098197460787237907941808102951680393.1.2.0 NAME 'accountsManagement' SUP top AUXILIARY DESC 'Accounts management' MUST ( cn $ uid $ active $ fakeCn $ devices ) - MAY ( userPassword $ description $ lastLogin $ ip ) ) + MAY ( userPassword $ description $ lastLogin $ ip $ secureAuth) )