Open skattar1406 opened 6 years ago
➤ Ray Powell commented:
As we pursue using ITS/CNETID/Grouper, I might be able to tie this into an LDAP role + Config/x509. Which I think might be easier ?
➤ Ray Powell commented:
https://github.com/uc-cdis/cloud-automation/issues/309 I think UChicago AD probably has a public ldap-query IP address so just need to figure out what the ldap query is to check if reubenonrye@uchicago.edu or whatever is still online still employed :stuck_out_tongue: it was with UChicago identity management people - the people that maintain CNET-id check with Ray - he was there, and I bet he knows how to query UChicago AD over the public internet - could be an easy patch :awesome-face:
rarya [12:20 PM] hmmm...I see; will check this looks like their public service https://uchicago.service-now.com/it?id=kb_article&kb=KB00015284
OpenVPN currently stores TOTP codes, Client Configs/SSL, and Sever SSLs on single server. Either need to store it out to something else, or setup some kind of HA cloning for ticket #251