On to, 11 touko 2017, Felix Chu wrote:
Hi , I would like to implement SSO for my Linux+Windows2012 machines
with MFA.
I have installed FreeIPA, it works well for my Linux client
authentication with OTP enabled. However, for Windows client, I can
only make it works with FreeIPA without OTP.
The Windows machines are 2012 R2 without AD(workgroup only). When I
login Windows using FreeIPA user accounts enabled with OTP, it shows
"An unsupported preauthentication mechanism was presented to the
Kerberos package", is that not supported ? or something I configured
wrong?
Windows does not support OTP in Kerberos the same way how MIT Kerberos
does implement it.
--
/ Alexander Bokovoy
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project
