Comments (18)
@Storck1 Can you throw some more light on how you managed to get it working, since I am facing the same issue.
from multiotp.
@Storck1 Can you throw some more light on how you managed to get it working, since I am facing the same issue.
Hello @kaushikb1996,
i don't realy solved the problem but i found an alternativ to make it work temporaly. For this, i went on the serveur in the multiOTP folder, and copy the folder "Users". After that, i install the client "Crédiential Provider" and when i have the image for the test of the user, i went to the folder MultiOTP in my client, and past the users folder from the server.
i don't know if it's realy clear ?
my problem was the users didn't syncrhonised or, when i forced the LDAP sync, the users had problem on them files.
Regards
PS: sorry for my bad english, my mother tongue is french.
Arnaud
Edit: After a reboot, i see that the sync isn't anymore working and i can't access to my 2 clients machine :(
hopefully i did some backup of my VM and i can roll back. But i really don't know how to solve the problem.
from multiotp.
Hello Storck1,
we have published a new 5.4.0.1 version of multiOTP which should correct the issue.
Could you give it a try and let us know if it's ok now ?
Best regards
from multiotp.
Version: 5.4.0.1
Windows Tested on: 7/8.1/10
I have tested the new version and I am still facing the same issue. Firstly I am trying to install on my local machine. There is a user file which is begin generated and stored in the mutliotp/users folder but in the credential provider it's displaying that the user doesn't exist. So I went ahead and ran checkmultiotp and identified couple of things. One is that nircmd is missing from the tools folder so it was passing 24/28 tests. Post adding nircmd All the tests have passed (27/28) expect for the one linked to radius server I suppose, which is returning this error -> radclient: received bad packet: Error receiving packet: An existing connection was forcibly closed by the remote host.
ALSO I HAVE ENTERED THE VALID TOTP (Not represented in the image)
Few more things I would like to add
- I can see the users from the web service and also I have verified that the TOTP's are working by the webservice.
- The Credential Provider from LastSquirrelIT Release 3.0 RC1 seems to work, but it has it's own set of bugs.
- The new credential Provider is returning -> User doesn't exist and Status not activated
Please let me know if you need any additional configuration/environment details you require from my end.
Cheers,
Kaushik Bharadwaj
from multiotp.
Hello Kaushik,
Please be sure that multiOTP server is also in version 5.4.0.1, because the fixed issue is when cache information is given back from the server to the client.
Regards,
from multiotp.
@multiOTP Hey, thanks for the quick response. But I am trying to do a LOCAL ONLY STRONG setup. It would be great if you can guide me through to resolve the issue if it's on my end.
from multiotp.
Hello Kaushik,
Sorry for misunderstanding clearly your issue.
Where did you install the multiOTP Credential Provider (which path) during the installation process ?
How did you exactly create the multiotp user kaushik ?
Regards,
from multiotp.
Did you do like written in the README file ?
LOCAL ONLY STRONG AUTHENTICATION INSTALLATION
- Install the multiOTP Credential Provider, which contains also multiOTP inside.
- During the installation, specify the folder on the client where the
multiotp.exe file and folders must be installed and configured. - In the wizard, leave the URL of the multiOTP server(s) empty.
- You can also choose to require a strong authentication only for RDP.
- When you are on the test page, open a command prompt in the folder where
multiOTP is now installed and create a new local user. Example:- multiotp -fastcreatenopin my_user
- multiotp -qrcode my_user my_qrcode.png)
- If the test is successful, the Credential Provider is installed.
- To disable the Credential Provider, uninstall it from Windows,
or execute multiOTPCredentialProvider-unregister.reg
from multiotp.
@multiOTP
For some more context this is the use case I am looking at: To run multiotp on a single local/RDP machine where in this would replace the windows login with multiotp for multi factor authentication
OK, I have now changed the installation path of Credential Provider to where the mutliotp folder is present ( C:\multiotp ) and now went ahead ran these commands
multiotp -fastcreatenopin kaushik
multiotp -qrcode kaushik my_qrcode.png
and it was successful.
I scanned the QR Code from the admin Panel ( http://127.0.0.1:8112/?method=PrintQrCode&options=kaushik )
Now I have got a validated message in the credential provider.
So I sign out to check if it's activated. But then I am again shown the default Windows login. Even tried rebooting but still shows the windows login and I ran the Credential Provider again and it still says validated and active.
from multiotp.
During the installation, you can select if you want to use the Credential Provider for "Only RDP connection...". This is checked by default, and you need to un select it if you want to have a local 2FA authentication also:
from multiotp.
@multiOTP Went ahead and did a fresh install of cred provider with the configuration you have mentioned.
Got it running with installed and activated.
But issue still persists, Sign out/Reboot still take me to default Windows login.
PS:
- Running Windows 10
- The Credential Provider from LastSquirrelIT Release 3.0 RC1 seems to work, but it has it's own set of bugs.
- Let me know if you need any additional info from my end!
from multiotp.
Hello @multiOTP ,
I just Installed the new version on my test server at home and it seams to work well !
thanks alot for your help and your modification
from multiotp.
@Storck1, are you sure you're not getting the issue mentioned by Kaushik with respect to the 2FA login not being visible?
Also, if it's working perfectly fine, can you please mention the steps you've taken? It'd be a checklist for us.
from multiotp.
Hey @multiOTP ,
I am able to get it working by using an old Credential Provider ( mOTP-CP-2.1.2-RC2-x64-eng.zip ). So I suppose that the issue is with the new Credential Provider. If you could emulate a x64 Windows 10 system to test the new Credential Provider for a local authentication setup it would be great! As in we can check whether it's a global issue or If It's just pertaining to my environment.
Cheers!
from multiotp.
@Storck1, are you sure you're not getting the issue mentioned by Kaushik with respect to the 2FA login not being visible?
Also, if it's working perfectly fine, can you please mention the steps you've taken? It'd be a checklist for us.
i had this problem but after litle research it was an update who was missing (when i tried on W7 i had a missing DLL dll-msvcp140.dll) and after cheaking on internet it was a Microsoft Visual C++ runtime who was missing.
After few test, i can say that it work but not with 100%.
i explain myself, i can make it work but for that i must connect first with the CMD on the client, if i don't do that i have the message user doesn't exist (in Credential Provider) and after that if i try to connect with a user i didn't try with CMD i cannot connect.
(if in the CMD i have connect with User1 but not User2. on the login Windows i cannot connect to User2, i must connect him with the command in the CMD)
I think when we install the programm it doesn't really syncronize the user so actually you have to do it by hand (with the CMD commande : multiotp -display-log -log -debug "user" "otp"
i don't know if it's clear what i said, don't be afraid to ask more details (btw my mother tongue is french sorry for the bad english)
but anyway i can continue my project and i'm realy thankful of your work !
from multiotp.
Hello,
exactly it doesn't synchronise the users. It only keep a cache locally on the computer once the user has loged-in on the pc with access to the multiOTP server then the credentials are cached.
Hope this helps.
Have a great day.
from multiotp.
Please note that VC++ redistributable libraries are now included in the installer.
from multiotp.
Dear developers.
I have the same problem with your product - when I'm trying to authentificate on my windows server 2019 I revice an error: "TOTP password is wrong". The version of the multiotp is
root@f9d7ff3a4d91:/# cat /etc/multiotp/config/multiotp.ini | grep version
actual_version=5.9.5.5
The verion of credentialProvider is 5.9.6.1
I'm using AD authentification. On my TOTP web interface I can see all users in group which was set in container.
"DeletePrintScratchlistResync yrpogosyan [AD/LDAP]"
Both tests, one from web interface (check a user), another from container succeed:
root@f9d7ff3a4d91:/# multiotp -display-log yrpogosyan 569647
LOG 2024-04-14 19:47:50 notice (user yrpogosyan) User OK: User yrpogosyan successfully logged in with TOTP token
But in cmd-line from windows server (where this cred provider is installed) I'm receiving exectly the same answer as was posted by Mr. Storck1 on Sep 11, 2018 on the top of this issue. When I'm checking the directory users in Program files\multiotp it appears to be empty. The firewall on the windows server is turned off, the server is in domain.
The Linux server where container is deployed and windows server are in the same network.
Can you help me with this ptoblem? Thank you in advance.
from multiotp.
Related Issues (20)
- cant login in docker image HOT 1
- Wrong One-Time Passcode (OTP) Issue During Login HOT 4
- Migration to organization HOT 5
- Imported HW token (SafeNet OTP 110) authentication fails (internal clock has probably drifted) HOT 4
- Authentication Issue with MultiOTP, RADIUS, and AD Password Prefix for CHAP Protocol HOT 2
- Rest API HOT 1
- fail when password is expired HOT 4
- RDP (mstsc.exe) keeps crashing with Windows Server 2012 R2 HOT 1
- Slow Response HOT 4
- RDweb + multiOTP problem Windows 2022 HOT 11
- 502 Bad Gateway HOT 5
- TOTP Token timestep is 0 when a without2fa ldap synced user is moved to the TOTP active ldap group HOT 7
- OTP code length change HOT 5
- Backup needs _temp folder - included in zip file? HOT 1
- Feature request : Hide default Username / Password after changed #146 isn't working HOT 1
- Problem Syntax Username from RDWeb - MultiOTP HOT 6
- LDAP sync not working with low privilege account? HOT 4
- Few questions about multiOTP HOT 1
- Wrong one-time Password HOT 6
- multiOTP send sms HOT 11
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from multiotp.