@Storck1 Can you throw some more light on how you managed to get it working, since I am facing the same issue.

from multiotp.

@Storck1 Can you throw some more light on how you managed to get it working, since I am facing the same issue.

Hello @kaushikb1996,

i don't realy solved the problem but i found an alternativ to make it work temporaly. For this, i went on the serveur in the multiOTP folder, and copy the folder "Users". After that, i install the client "Crédiential Provider" and when i have the image for the test of the user, i went to the folder MultiOTP in my client, and past the users folder from the server.

i don't know if it's realy clear ?
my problem was the users didn't syncrhonised or, when i forced the LDAP sync, the users had problem on them files.

Regards

PS: sorry for my bad english, my mother tongue is french.

Arnaud

Edit: After a reboot, i see that the sync isn't anymore working and i can't access to my 2 clients machine :(
hopefully i did some backup of my VM and i can roll back. But i really don't know how to solve the problem.

from multiotp.

Hello Storck1,
we have published a new 5.4.0.1 version of multiOTP which should correct the issue.
Could you give it a try and let us know if it's ok now ?
Best regards

from multiotp.

@Storck1

Version: 5.4.0.1
Windows Tested on: 7/8.1/10

I have tested the new version and I am still facing the same issue. Firstly I am trying to install on my local machine. There is a user file which is begin generated and stored in the mutliotp/users folder but in the credential provider it's displaying that the user doesn't exist. So I went ahead and ran checkmultiotp and identified couple of things. One is that nircmd is missing from the tools folder so it was passing 24/28 tests. Post adding nircmd All the tests have passed (27/28) expect for the one linked to radius server I suppose, which is returning this error -> radclient: received bad packet: Error receiving packet: An existing connection was forcibly closed by the remote host.

ALSO I HAVE ENTERED THE VALID TOTP (Not represented in the image)

Few more things I would like to add

• I can see the users from the web service and also I have verified that the TOTP's are working by the webservice.
• The Credential Provider from LastSquirrelIT Release 3.0 RC1 seems to work, but it has it's own set of bugs.
• The new credential Provider is returning -> User doesn't exist and Status not activated

Please let me know if you need any additional configuration/environment details you require from my end.

Cheers,
Kaushik Bharadwaj

from multiotp.

Hello Kaushik,
Please be sure that multiOTP server is also in version 5.4.0.1, because the fixed issue is when cache information is given back from the server to the client.
Regards,

from multiotp.

@multiOTP Hey, thanks for the quick response. But I am trying to do a LOCAL ONLY STRONG setup. It would be great if you can guide me through to resolve the issue if it's on my end.

from multiotp.

Hello Kaushik,
Sorry for misunderstanding clearly your issue.
Where did you install the multiOTP Credential Provider (which path) during the installation process ?
How did you exactly create the multiotp user kaushik ?
Regards,

from multiotp.

Did you do like written in the README file ?

LOCAL ONLY STRONG AUTHENTICATION INSTALLATION

1. Install the multiOTP Credential Provider, which contains also multiOTP inside.
2. During the installation, specify the folder on the client where the
   multiotp.exe file and folders must be installed and configured.
3. In the wizard, leave the URL of the multiOTP server(s) empty.
4. You can also choose to require a strong authentication only for RDP.
5. When you are on the test page, open a command prompt in the folder where
   multiOTP is now installed and create a new local user. Example:
   1. multiotp -fastcreatenopin my_user
   2. multiotp -qrcode my_user my_qrcode.png)
6. If the test is successful, the Credential Provider is installed.
7. To disable the Credential Provider, uninstall it from Windows,
   or execute multiOTPCredentialProvider-unregister.reg

from multiotp.

@multiOTP
For some more context this is the use case I am looking at: To run multiotp on a single local/RDP machine where in this would replace the windows login with multiotp for multi factor authentication

OK, I have now changed the installation path of Credential Provider to where the mutliotp folder is present ( C:\multiotp ) and now went ahead ran these commands
multiotp -fastcreatenopin kaushik
multiotp -qrcode kaushik my_qrcode.png

and it was successful.

I scanned the QR Code from the admin Panel ( http://127.0.0.1:8112/?method=PrintQrCode&options=kaushik )

Now I have got a validated message in the credential provider.

So I sign out to check if it's activated. But then I am again shown the default Windows login. Even tried rebooting but still shows the windows login and I ran the Credential Provider again and it still says validated and active.

from multiotp.

During the installation, you can select if you want to use the Credential Provider for "Only RDP connection...". This is checked by default, and you need to un select it if you want to have a local 2FA authentication also:

from multiotp.

@multiOTP Went ahead and did a fresh install of cred provider with the configuration you have mentioned.

Got it running with installed and activated.
But issue still persists, Sign out/Reboot still take me to default Windows login.

PS:

• Running Windows 10
• The Credential Provider from LastSquirrelIT Release 3.0 RC1 seems to work, but it has it's own set of bugs.
• Let me know if you need any additional info from my end!

from multiotp.

Hello @multiOTP ,

I just Installed the new version on my test server at home and it seams to work well !

thanks alot for your help and your modification

from multiotp.

@Storck1, are you sure you're not getting the issue mentioned by Kaushik with respect to the 2FA login not being visible?

Also, if it's working perfectly fine, can you please mention the steps you've taken? It'd be a checklist for us.

from multiotp.

Hey @multiOTP ,

I am able to get it working by using an old Credential Provider ( mOTP-CP-2.1.2-RC2-x64-eng.zip ). So I suppose that the issue is with the new Credential Provider. If you could emulate a x64 Windows 10 system to test the new Credential Provider for a local authentication setup it would be great! As in we can check whether it's a global issue or If It's just pertaining to my environment.

Cheers!

from multiotp.

@Storck1, are you sure you're not getting the issue mentioned by Kaushik with respect to the 2FA login not being visible?

Also, if it's working perfectly fine, can you please mention the steps you've taken? It'd be a checklist for us.

i had this problem but after litle research it was an update who was missing (when i tried on W7 i had a missing DLL dll-msvcp140.dll) and after cheaking on internet it was a Microsoft Visual C++ runtime who was missing.

After few test, i can say that it work but not with 100%.
i explain myself, i can make it work but for that i must connect first with the CMD on the client, if i don't do that i have the message user doesn't exist (in Credential Provider) and after that if i try to connect with a user i didn't try with CMD i cannot connect.
(if in the CMD i have connect with User1 but not User2. on the login Windows i cannot connect to User2, i must connect him with the command in the CMD)

I think when we install the programm it doesn't really syncronize the user so actually you have to do it by hand (with the CMD commande : multiotp -display-log -log -debug "user" "otp"

i don't know if it's clear what i said, don't be afraid to ask more details (btw my mother tongue is french sorry for the bad english)

but anyway i can continue my project and i'm realy thankful of your work !

from multiotp.

Hello,
exactly it doesn't synchronise the users. It only keep a cache locally on the computer once the user has loged-in on the pc with access to the multiOTP server then the credentials are cached.
Hope this helps.
Have a great day.

from multiotp.

Please note that VC++ redistributable libraries are now included in the installer.

from multiotp.

Dear developers.
I have the same problem with your product - when I'm trying to authentificate on my windows server 2019 I revice an error: "TOTP password is wrong". The version of the multiotp is
root@f9d7ff3a4d91:/# cat /etc/multiotp/config/multiotp.ini | grep version
actual_version=5.9.5.5
The verion of credentialProvider is 5.9.6.1
I'm using AD authentification. On my TOTP web interface I can see all users in group which was set in container.
"DeletePrintScratchlistResync yrpogosyan [AD/LDAP]"
Both tests, one from web interface (check a user), another from container succeed:
root@f9d7ff3a4d91:/# multiotp -display-log yrpogosyan 569647
LOG 2024-04-14 19:47:50 notice (user yrpogosyan) User OK: User yrpogosyan successfully logged in with TOTP token
But in cmd-line from windows server (where this cred provider is installed) I'm receiving exectly the same answer as was posted by Mr. Storck1 on Sep 11, 2018 on the top of this issue. When I'm checking the directory users in Program files\multiotp it appears to be empty. The firewall on the windows server is turned off, the server is in domain.
The Linux server where container is deployed and windows server are in the same network.
Can you help me with this ptoblem? Thank you in advance.

from multiotp.