Parker - add

  1. Putty
  2. parker.css.d.l
  3. admin
  4. to do enrollments:
    1. cd /srv/www/htdocs/scripts/ut/2factor
    2. php import.php
    3. it won't prompt you, but you can enter a ulogin id and then return
    4. repeat as needed and then press return on a blank line to quit
  5. You can also paste a bunch of uloginids, one per line
    1. you have to press return an extra time to get it to process the last uloginid in your list
    2. it produces some output for each uloginid



References: 


Other Links and Notes:

  • CloudPC (unless you have Citrix Workspace desktop app open)
  • ID Vault iManager
    • Launch Firefox browser
    • Navigate to https://10.88.8.66:9000/identityconsole/
    • Continue despite the certificate warning if you get it
    • username format is cn=username,ou=People,dc=drew,dc=edu
    • server/IP is idmprod1.erp.drew.lan or idmprod2.erp.drew.lan (can also be used to connect to idmtest1.erp.drew.lan).
  • post log in
    • User Management
    • Look up user
    • Others
    • oh wait this is the add don't do it this way use Putty
    • Scroll to see if Duo attributes exist; if they do, skip the rest of this
    • Click Add
    • Select drewTwoFactorUser; OK
    • Close
    • Click username
    • Modify Object
    • Other 
    • Move drewTwoFactorEnabled from Unvalued Attributes to Valued Attributes
      • check box
      • OK
    • Move drewTwoFactorDevicePwd from Unvalued Attributes to Valued Attributes
      • enter in format xxxxx.xxxxx.xxxxx
      • OK
    • Move drewTwoFactorDevicePwdTime from Unvalued Attributes to Valued Attributes
      • use calendar button to get date in format 10/14/2022, 2:23:23 PM
      • OK
    • Apply
    • OK

Removing the Duo Attributes

Why bother? In case someone is an alum and we don't want them to get into TF-protected stuff anymore, or they get another job with Drew in the future and we want to make sure they're actually using Duo, that kind of thing.

  1. Go to Others
  2. Just double check that you don't see these in Modify Object > Other:
    1. drewTwoFactorDevicePwdTime
    2. drewTwoFactorDevicePwd
    3. drewTwoFactorDeviceNotifyEnabled
    4. drewTwoFactorEnabled
  3. Remove drewTwoFactorUserparker.css.drew.lan


Parker - remove

  1. Putty
  2. parker.css.d.l
  3. admin
  4. cd /srv/www/htdocs/scripts/ut/2factor
  5. php remove.php
    1. it won't prompt you, but you can enter a ulogin id and then return
    2. repeat as needed and then press return on a blank line to quit
  6. You can also paste a bunch of uloginids, one per line
    1. you have to press return an extra time to get it to process the last uloginid in your list
    2. it produces some output for each uloginid
  • No labels