LinOTP Management Guide

• 1. Introduction
  • 1.1. System Overview
  • 1.2. Components
  • 1.3. LinOTP core
  • 1.4. OTP Calculation
  • 1.5. UserIdResolver
  • 1.6. Authentication Modules
  • 1.7. Management Clients
  • 1.8. Features of different management clients
  • 1.9. Licenses
• 2. Quickstart Guide
  • 2.1. What this guide is about
  • 2.2. Getting started - the Web UI
  • 2.3. UserIdResolvers
  • 2.4. Create Realm
  • 2.5. Create Token
  • 2.6. Assign Token to User
  • 2.7. Test authentication procedure
• 3. Configure Resolvers and Realms - The Details
  • 3.1. UserIdResolvers and Realms - The Concepts
  • 3.2. Configuring UserIdResolvers
  • 3.3. InternalSQLResolver
  • 3.4. Configuring Realms
• 4. Supported tokens
  • 4.1. Tokens
  • 4.2. Recommended Mobile Apps
• 5. Managing Tokens
  • 5.1. Tokentype Configuration
  • 5.2. Import tokens
  • 5.3. Viewing users in certain realms
  • 5.4. Viewing tokens in the WebUI
  • 5.5. Assign tokens
  • 5.6. Set OTP PIN
  • 5.7. Enrolling tokens
  • 5.8. Manage tokens
  • 5.9. FIDO U2F
  • 5.10. Set token realm
  • 5.11. Token info
  • 5.12. Lost token
  • 5.13. Get serial by OTP
  • 5.14. Get OTP
  • 5.15. Users with no token
  • 5.16. UserIdResolver migration
• 6. Policies
  • 6.1. Admin Policies
  • 6.2. Audit Policies
  • 6.3. Authentication Policies
  • 6.4. Authorization Policies
  • 6.5. Enrollment Policies
  • 6.6. Notification Policies
  • 6.7. Gettoken Policies
  • 6.8. OCRA Policies
  • 6.9. Reporting Policies
  • 6.10. Selfservice policies
  • 6.11. System policies
  • 6.12. Users in policies
  • 6.13. Clients in policies
  • 6.14. Policy checker
  • 6.15. Importing and exporting policies
  • 6.16. Best practice - policy example
• 7. Audit Trail
  • 7.1. Logging Scopes
  • 7.2. Viewing the Audit Trail
  • 7.3. Configuration
  • 7.4. Searching the Audit Trail
• 8. Challenge Response
  • 8.1. HOTP and TOTP Tokens
  • 8.2. SMS and e-mail
  • 8.3. Configure Challenge Message
  • 8.4. RADIUS
  • 8.5. Test Challenge Response
• 9. SMS Provider for SMS OTP Tokens / Mobile TANs
  • 9.1. Overview
  • 9.2. Configure SMS Provider
  • 9.3. SMSProviderConfig
• 10. E-mail Provider for E-mail Token
  • 10.1. Overview
  • 10.2. Configure E-mail Provider details
  • 10.3. E-mail ProviderConfig
• 11. Push Provider for KeyIdentity Push Token
  • 11.1. Configuration
  • 11.2. Testing of the KeyIdentity Push Token
• 12. Voice Provider
  • 12.1. Configuration
  • 12.2. Testing of the Voice Token
• 13. System Config
  • 13.1. Tab Settings
  • 13.2. Tab Caching
  • 13.3. Tab GUI settings
  • 13.4. Tab Client Identification
• 14. Security Module
  • 14.1. PKCS11 module and SafeNet LunaSA
  • 14.2. Password handling
  • 14.3. PKCS #11 and YubiHSM Padding bug
• 15. LinOTP as OpenID Provider
  • 15.1. Comfortable identity links
• 16. Retrieving OTP values
• 17. Selfservice Portal
  • 17.1. Managing token in self service
  • 17.2. Typical usecases for supported token in self service
  • 17.3. Individualize the Selfservice Portal
• 18. Tools
  • 18.1. linotp-sql-janitor
  • 18.2. linotp-tokens-used
  • 18.3. linotp-backup
  • 18.4. linotp-restore
  • 18.5. linotp-convert-token
  • 18.6. linotp-convert-xml-to-csv
  • 18.7. linotp-decrypt-otpkey
  • 18.8. LinotpLDAPProxy.pm
• 19. Backup and Restore
  • 19.1. Backup database and encryption key
  • 19.2. Backup additional resources
  • 19.3. Disaster Recovery
• 20. Monitoring / Reporting
  • 20.1. Monitoring
  • 20.2. Reporting
• 21. PCI DSS
• 22. Usage scenarios
  • 22.1. Protection levels
• 23. Troubleshooting
  • 23.1. LDAP/Active Directory Connection
  • 23.2. Testing the Freeradius Server
  • 23.3. RADIUS Authentication fails
  • 23.4. RADIUS server log file
  • 23.5. Access to Web API
  • 23.6. OTP Authentication
  • 23.7. LinOTP server log file
• 24. The linotp.ini file
  • 24.1. Auditing
  • 24.2. Misc
  • 24.3. RADIUS settings
  • 24.4. Default Values