Is there a way to put a policy or something in place, so when users login for the first time, they are forced to create an OTP Token? We need to force OTP into the system as well as the servers that authenticate with it.
Thanks!
Any ideas on this? I need to enforce OTP, and short of using a radiusproxy to another OTP service, I'm unsure how to do that.
Solved this in a roundabout way, I have setup a script to run after users are created which creates and emails them the OTP token information. This, coupled with only enabling Password+OTP in the admin settings enforces OTP on every login, including the first.
freeipa-users@lists.fedorahosted.org