enteprise enteprise 2fa to your owncloud 2fa to your
play

enteprise enteprise 2FA to your ownCloud 2FA to your ownCloud in - PowerPoint PPT Presentation

Add Add enteprise enteprise 2FA to your ownCloud 2FA to your ownCloud in 15 minutes in 15 minutes FOSDEM 2019, February 3rd Cornelius Klbel about me about me Cornelius Klbel 2FA since 2005 2014: privacyIDEA


  1. Add Add enteprise enteprise 2FA to your ownCloud 2FA to your ownCloud in 15 minutes in 15 minutes FOSDEM 2019, February 3rd Cornelius Kölbel

  2. about me about me Cornelius Kölbel 2FA since 2005 2014: privacyIDEA cornelius.koelbel@netknights.it @cornelinux @privacyidea

  3. Status Status ownCloud 10. Connected to Active Directory. User authenticates with password.

  4. ownCloud (10.0.2.16) ssh / 1622 https / 16443 Active Directory (10.0.2.231) virtualbox

  5. source: https://www.cnet.com/news/massive-breach-leaks-773-million-emails-21-million- passwords/

  6. TOTP in ownCloud TOTP in ownCloud Pro: User is in control. Cons: It is TOTP. Cons: User is in control! Cons: biiiiig keychanin.

  7. Requirements for enterprise 2FA Requirements for enterprise 2FA Users need to comply to policies . Choose token type that is best for your organization. Central management Managed by admins or helpdesk. Can be used for lots of applications.

  8. What privacyIDEA can do for you What privacyIDEA can do for you Central Mgmt with admins and service desk. Use existing userstore (LDAP, SQL, Flatfile, SCIM) Many token types . Policies and events. Connect your ownCloud, SSH, Desktop, VPN, Web- Application...

  9. example 2FA setup - enterprise grade example 2FA setup - enterprise grade privacyIDEA reads users from AD. ...and assigns tokens to users. Authentication at ownCloud UI: 1. ownCloud (Active Directory) 2. privacyIDEA

  10. privacyIDEA ssh / 2022 (10.0.2.20) https / 20443 REST- API LDAP ownCloud (10.0.2.16) App ssh / 1622 https / 16443 LDAP Active Directory (10.0.2.231) virtualbox

  11. Installation privacyIDEA on Ubuntu 16.04LTS Installation privacyIDEA on Ubuntu 16.04LTS Start at 9:09am by adding the launchpad repository.

  12. Read new repo data Read new repo data At 9:10 we update the repository data...

  13. System update System update ...and update the system.

  14. Install meta pacakge Install meta pacakge At 9:10 we choose to install a meta package...

  15. Install meta package Install meta package Wow! All batteries included!

  16. Meta package ships its own database Meta package ships its own database During installation at 9:11 we set the MySQL root password.

  17. Initial administrator Initial administrator 9:13:34: No standard passwords involved!

  18. Install privacyIDEA ownCloud App Install privacyIDEA ownCloud App in under a minute. 0:00 / 0:49

  19. Hands On! Hands On! Connect privacyIDEA to Active Directory. Enroll Tokens to users. Smartphone App. OTP Card. Yubikey. Configure privacyIDEA ownCloud App. Authenticate. Administratively block user. Provide lost token.

  20. Next steps... Next steps... Processes... Helpdesk groups... Policies for users and admins... Workflows... Connect more applications...

  21. Thanks a lot! Thanks a lot! Star, Clone, Rull Requests: Star, Clone, Rull Requests: https://github.com/privacyidea https://github.com/privacyidea Questions: https://community.privacyidea.org Questions: https://community.privacyidea.org @privacyidea @privacyidea

Recommend


More recommend