Support TFA on sites with LDAP authentication

Created on 23 February 2017, almost 8 years ago
Updated 8 August 2023, over 1 year ago

When a user is prompted for their password to set up TFA on a site with LDAP authentication their password does not pass validation. That's because the user doesn't really have a Drupal account password.

The problem has also been described in #2856520: tfa and tfa basic issues and is mentioned in Confirmation forms should not require passwords Needs review .

Original Report

Have you tried having a LDAP and TFA enabled on the same site? Do you know if they will work together? We're trying it here and it seems to conflict with each other - both work independently, but not when both enabled. Any thoughts on it?

Feature request
Status

Closed: duplicate

Version

1.0

Component

Code

Created by

🇮🇪Ireland stella

Live updates comments and jobs are added and updated live.
Sign in to follow issues

Comments & Activities

Not all content is available!

It's likely this issue predates Contrib.social: some issue and comment data are missing.

  • Hello @jcnventura,

    And if we will decide anyway to use TFA and SAML Drupal Login at the same time, what would be the correct approach to do so (knowing that when user is logged with sso it bypasses TFA) ?

  • 🇪🇸Spain joancatala

    I have the same problem: the user can't set up the TFA (OTP) application because Drupal doesn't recognize his LDAP password.
    Any solution?

Production build 0.71.5 2024