mOTP credential provider stops to communicate with server

[Viach47]

Hi everyone. I have a strange bug of mOTP credential provider. I’ve setup a test environment. mOTP dedicated Win server 2019 at VM (version 5.9.3.1) 10 standard user PC (win10 b 22H2 created from image by WDS) with CredentialProvider-5.9.3.1 setup by GPO For nearly a month, everything works fine but one day 2 User PC start to refuse mOTP login with error: wrong one-time password. (Win update happen that day, but it was installed to all test group, but fail only 2 of them). Settings in registry is identical to all user PC (setup by GPO and ORCA modified mst). The only thing I managed to debug – when I’m trying to login to this 2 PC – nothing appears in mOTP server log. Is there any way to log or debug what exactly CredentialProvider doing? Force it to create a log ? Why could it stop working ?

[multiOTP]

Hello, multiOTP Credential Provider can work with a cache feature, that means even if the multiOTP server is not reachable, the authentication can still be done on multiOTP Credential Provider. Now, the cache is valid only for a few days, so if the 2 users PC don't have access to the multiOTP server, the login is refused. Be sure that for these two PCs, the multiOTP server is available. Thanks to keep us in touch. Regards,

[Viach47]

Hello, Tcping from buged PC to motp server shows that everything is OK C:\Windows\system32>c:\temp\tcping.exe -4 -n 20 172.16.100.60 8112 Probing 172.16.100.60:8112/tcp - Port is open - time=1.611ms Admin console is avalible. Is it posible to check connectivity any other way ? CredentialProvider log, or comand to connect server ?

[multiOTP]

Hello,

On the buged PC, into the multiOTP/config folder, you should be able to enable debug and log in multiotp.ini file. Search and change the following entries:

• debug=1
• log=1

You should now have a log available on this computer (in the multiOTP/log folder)

Be sure also to check the history of your antivirus solution (who knows...)

Regards,

[Viach47]

Curiouser and curiouser! On a bad PC, after .ini changes no log folder and no log file, but provider start itself after reboot and shows on log in. On a good PC, after .ini changes log folder and file creates. It looks like provider is somehow damaged.

[multiOTP]

Hello again, The Credential Provider needs last x86 AND x64 MSVC++ redistribuable installed (Microsoft Visual C++ Redistributable for Visual Studio 2015, 2017, 2019 and 2022) https://aka.ms/vs/17/release/vc_redist.x86.exe and https://aka.ms/vs/17/release/vc_redist.x64.exe It could be possible that for whatever reason, the Windows update damaged the installation of one or two of the redistributable. Try to reinstall them, and see if it works better. Regards,

[Viach47]

Hello, Unfortunately, reinstallation VC++ do not solve the problem. I’v tried repair option, and uninstallation, reboot and install from 0. Noting changed at all. Same error at login attempt. No log at local PC, no log on server.

[multiOTP]

Hello, on the bad computer, can you please run this commands (from path c:\Program Files (x86)\multiOTP) and send us your results ?

multiotp.exe -v

multiotp.exe -php-version

multiotp.exe [USERNAME] [OTP] -server-timeout=10 -server-cache-level=0 -server-url=[SERVER_URL:PORT] -server-secret=ClientServerSecret for example : multiotp.exe john 123456 -server-timeout=10 -server-cache-level=0 -server-url=http://192.168.1.1:8112 -server-secret=ClientServerSecret

Please not that you can also add these extra parameters: multiotp.exe -debug -display-log john 123456 -server-timeout=10 -server-cache-level=0 -server-url=http://192.168.1.1:8112 -server-secret=ClientServerSecret

Best regards

[multiOTP]

No feedback received