search

multiOTP / multiOTPCredentialProvider

multiOTP Credential Provider is a V2 Credential Provider for Windows 7/8/8.1/10/2012(R2)/2016 with options like RDP only and UPN name support
Apache License 2.0
228 stars 75 forks source link

TOTP authentication on workstation not working #98

Closed iron-comet closed 8 months ago

iron-comet commented 8 months ago

I have built a test environment for installing multiotp to see how it works, at the moment I have a proxmox hypervisor running the servers and workstations. I have verified all machines have networking to connect, as well as the time is syncing throughout. I installed multiOTP on a docker container inside of a Ubuntu VM on this proxmox which is bound to a domain controller VM on the same Proxmox machine. There is no issue between these two machines and I can test the TOTP for the only user I have for testing on the multiotp web service and confirm it works. The problem is when I install the multiotp credential provider on my workstation that is a part of the domain controllers domain I cannot authenticate the TOTP on that workstation. It locks me out of the PC each time I test it and I have to completely restore the VM workstation and try again to see where I went wrong. I have tried multiple ways to get this to work with no luck at all.

multiOTP commented 8 months ago

Hello, When installing the credential provider, did you use the secret "ClientServerSecret" ?

Best regards

iron-comet commented 8 months ago

Hi,

I installed it with the secret I set.

On the docker container I ran - multiotp -config server-secret=1234

On the credential provider I used the same secret.

thanks,

multiOTP commented 8 months ago

Can you please activate the logs with the two commands :

run multiotp -config debug=1

run multiotp -config log=1

Then run multiotp -clearlog

Then try to login. Then display logs with the command : multiotp -showlog

What information do you have in the logs ?

iron-comet commented 8 months ago

Here is the log root@e254cd63abe6:/# multiotp -showlog 2024-01-03 23:09:11 debug Debug Debug: 19 INFO: Requested operation successfully done 0 e254cd63abe6 2024-01-03 23:09:19 debug System Debug: ReadConfigData, stat value for anonymous_stat_last_update was 1702667688 0 e254cd63abe6 2024-01-03 23:09:19 debug System Debug: ReadConfigData, stat value for create_host was e254cd63abe6 0e254cd63abe6 2024-01-03 23:09:19 debug System Debug: ReadConfigData, stat value for create_time was 1702667263 0e254cd63abe6 2024-01-03 23:09:19 debug System Debug: ReadConfigData, stat value for last_update was 1702667688 0e254cd63abe6 2024-01-03 23:09:19 debug System Debug: ReadConfigData, stat value for last_update_host was e254cd63abe6 0 e254cd63abe6 2024-01-03 23:09:19 debug System Debug: ReadConfigData, stat value for encryption_hash was 99CCFC0D033729754B6BB4832FE786A1 0 e254cd63abe6 2024-01-03 23:09:19 debug System Debug: ReadConfigData, stat value for anonymous_stat_last_update was 1702667688 0 e254cd63abe6 2024-01-03 23:09:19 debug System Debug: ReadConfigData, stat value for create_host was e254cd63abe6 0e254cd63abe6 2024-01-03 23:09:19 debug System Debug: ReadConfigData, stat value for create_time was 1702667263 0e254cd63abe6 2024-01-03 23:09:19 debug System Debug: ReadConfigData, stat value for last_update was 1702667688 0e254cd63abe6 2024-01-03 23:09:19 debug System Debug: ReadConfigData, stat value for last_update_host was e254cd63abe6 0 e254cd63abe6 2024-01-03 23:09:19 debug System Debug: ReadConfigData, stat value for encryption_hash was 99CCFC0D033729754B6BB4832FE786A1 0 e254cd63abe6 2024-01-03 23:09:19 debug Debug Debug: 19 INFO: Requested operation successfully done 0 e254cd63abe6 2024-01-03 23:14:32 debug System Debug: ReadConfigData, stat value for anonymous_stat_last_update was 1702667688 0 e254cd63abe6 2024-01-03 23:14:32 debug System Debug: ReadConfigData, stat value for create_host was e254cd63abe6 0e254cd63abe6 2024-01-03 23:14:32 debug System Debug: ReadConfigData, stat value for create_time was 1702667263 0e254cd63abe6 2024-01-03 23:14:32 debug System Debug: ReadConfigData, stat value for last_update was 1702667688 0e254cd63abe6 2024-01-03 23:14:32 debug System Debug: ReadConfigData, stat value for last_update_host was e254cd63abe6 0 e254cd63abe6 2024-01-03 23:14:32 debug System Debug: ReadConfigData, stat value for encryption_hash was 99CCFC0D033729754B6BB4832FE786A1 0 e254cd63abe6 2024-01-03 23:14:32 debug System Debug: ReadConfigData, stat value for anonymous_stat_last_update was 1702667688 0 e254cd63abe6 2024-01-03 23:14:32 debug System Debug: ReadConfigData, stat value for create_host was e254cd63abe6 0e254cd63abe6 2024-01-03 23:14:32 debug System Debug: ReadConfigData, stat value for create_time was 1702667263 0e254cd63abe6 2024-01-03 23:14:32 debug System Debug: ReadConfigData, stat value for last_update was 1702667688 0e254cd63abe6 2024-01-03 23:14:32 debug System Debug: ReadConfigData, stat value for last_update_host was e254cd63abe6 0 e254cd63abe6 2024-01-03 23:14:32 debug System Debug: ReadConfigData, stat value for encryption_hash was 99CCFC0D033729754B6BB4832FE786A1 0 e254cd63abe6 2024-01-03 23:14:32 debug Debug Debug: 19 INFO: Requested operation successfully done 0 e254cd63abe6 2024-01-03 23:25:57 debug System Debug: ReadConfigData, stat value for anonymous_stat_last_update was 1702667688 0 e254cd63abe6 2024-01-03 23:25:57 debug System Debug: ReadConfigData, stat value for create_host was e254cd63abe6 0e254cd63abe6 2024-01-03 23:25:57 debug System Debug: ReadConfigData, stat value for create_time was 1702667263 0e254cd63abe6 2024-01-03 23:25:57 debug System Debug: ReadConfigData, stat value for last_update was 1702667688 0e254cd63abe6 2024-01-03 23:25:57 debug System Debug: ReadConfigData, stat value for last_update_host was e254cd63abe6 0 e254cd63abe6 2024-01-03 23:25:57 debug System Debug: ReadConfigData, stat value for encryption_hash was 99CCFC0D033729754B6BB4832FE786A1 0 e254cd63abe6 2024-01-03 23:25:57 debug System Debug: ReadConfigData, stat value for anonymous_stat_last_update was 1702667688 0 e254cd63abe6 2024-01-03 23:25:57 debug System Debug: ReadConfigData, stat value for create_host was e254cd63abe6 0e254cd63abe6 2024-01-03 23:25:57 debug System Debug: ReadConfigData, stat value for create_time was 1702667263 0e254cd63abe6 2024-01-03 23:25:57 debug System Debug: ReadConfigData, stat value for last_update was 1702667688 0e254cd63abe6 2024-01-03 23:25:57 debug System Debug: ReadConfigData, stat value for last_update_host was e254cd63abe6 0 e254cd63abe6 2024-01-03 23:25:57 debug System Debug: ReadConfigData, stat value for encryption_hash was 99CCFC0D033729754B6BB4832FE786A1 0 e254cd63abe6 2024-01-03 23:25:57 debug Debug Debug: 19 INFO: Requested operation successfully done 0 e254cd63abe6 2

multiOTP commented 8 months ago

Hello, I cannot see in the log a line with an authentication request.

Is it possible to remotely connect to you system to check what is going on ? Please contact us directly on support@multiotp.net and we will fix an appointment.

Best regards.

multiOTP commented 8 months ago

Installing the latest version of the credential provider and re-setting the secret did the trick