Check authentication of user with LDAP, IPA and AD
- Add a LDAP and IPA user with passkey_mapping:
- For IPA, ipa user-add-passkey <username> <passkey_mapping>,
- for LDAP, user must be added with objectclass: passkeyUser
and attribute, passkey,
- for AD, create the user and add the passkey to the altSecurityIdentities attribute.
- Setup SSSD client with FIDO2/passkey.
for LDAP server, we need to add 'local_auth_policy = only' under domain section.
How to test
- Check authentication of the user using su.
- User authenticates successfully.