Advanced Lab environment - 18 Setup MFA with PrivacyIDEA on Ubuntu 22.04

Описание

PrivacyIDEA Documentation
https://www.privacyidea.org/documentation/

I used BlueStacks in the video and referenced below video to setup virtual camera to scan the QR code.
https://www.youtube.com/watch?v=r5xeiWQeLOc

Commands and notes are here
https://github.com/Infinibang/Junkyard/blob/main/01AdvancedLabEnvironment/PrivacyIDEA/01FirstNode.txt

00:57 Install Ubuntu 22.04
09:49 SSH to the server and update packages
13:32 Install PrivacyIDEA
15:50 Add a admin user in PrivacyIDEA
16:34 Login to the webui
17:20 Create webui policy (extend 2 minutes timeout and disable welcome msg)
19:00 Create another policy for returning detail of the user
19:52 Create realm
20:18 Create a user resolver (identity source from AD)
21:36 Adding CA chain to the server
22:53 AD preset and mapping groups from memberOf attribute
24:49 Test the user resolver
25:02 Add the user resolver to the realm
25:19 Check users are listed
25:24 Enroll an TOTP token for pfadmin
26:30 Scan the QR code
28:40 Create policy to use AD password instead of PIN in PrivacyIDEA
30:37 Test otp and token
33:15 Use url to test the token (with detail response)
35:00 Mapping groups to class in radius reponse
37:10 Add radius clients
38:06 Stop freeradius and start it in debug mode
39:00 Use radtest to test the radius
41:04 Add a radius authentication server in pfsense
42:16 Test the authentication server