on 2019 Jun 26 10:34 AM
Good day,
Before I go down the road of writing a policy script to use for the scenario of OTP external passcode validation with LDAP virtual users I thought I'd first check here if someone has already done this and can give some pointers ?
My aim is to allow Finance users the option to use OTP with passcode authentication using e.g. Google Authenticator and the first factor would be authenticating to an internal LDAP(AD) server. These users are not included in the UME i.e. they are virtual users. After successful authentication a x.509 certificate will be used for access. The use of certificates with LDAP authentication I have already implemented and is working well. I just want to add OTP now without having to specifically create OTP users in the UME.
Is what I am trying to do even possible ?
If this can be confirmed that it has been done then I'm happy to at least attempt developing my own policy script.
Thanks & regards,
Nelis
Request clarification before answering.
Hello Nelis,
In SAP Single Sing-On version 3.0 and higher, two-factor authentication can work with virtual users. If a user passes the first factor authentication against an external data source (for example LDAP), but does not exist in the UME database, a temporary virtual user is created for the duration of the application session in the following cases:
You are welcome
Cheers Carsten
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
82 | |
29 | |
9 | |
8 | |
7 | |
7 | |
7 | |
6 | |
6 | |
5 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.