MaksaUniver
commented
1 year ago Log information:
Hosting environment: Production
Content root path: C:\inetpub\wwwroot\PassCore
Now listening on: http://reset.server.local:80/
Now listening on: https://reset.server.local:443/
Application started. Press Ctrl+C to shut down.
info: Microsoft.AspNetCore.Hosting.Diagnostics[1]
Request starting HTTP/2.0 GET https://reset.server.local/ info: Microsoft.AspNetCore.StaticFiles.StaticFileMiddleware[6]
The file /index.html was not modifiedinfo: Microsoft.AspNetCore.Hosting.Diagnostics[2]
Request finished in 24.3604ms 304 text/htmlinfo: Microsoft.AspNetCore.Hosting.Diagnostics[1]
Request starting HTTP/2.0 GET https://reset.server.local/api/password info: Microsoft.AspNetCore.Routing.EndpointMiddleware[0]
Executing endpoint 'Unosquare.PassCore.Web.Controllers.PasswordController.Get (Unosquare.PassCore.Web)'info: Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker[3]
Route matched with {action = "Get", controller = "Password"}. Executing controller action with signature Microsoft.AspNetCore.Mvc.IActionResult Get() on controller Unosquare.PassCore.Web.Controllers.PasswordController (Unosquare.PassCore.Web).info: Microsoft.AspNetCore.Mvc.Infrastructure.SystemTextJsonResultExecutor[1]
Executing JsonResult, writing value of type 'Unosquare.PassCore.Web.Models.ClientSettings'.info: Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker[2]
Executed action Unosquare.PassCore.Web.Controllers.PasswordController.Get (Unosquare.PassCore.Web) in 21.8165msinfo: Microsoft.AspNetCore.Routing.EndpointMiddleware[1]
Executed endpoint 'Unosquare.PassCore.Web.Controllers.PasswordController.Get (Unosquare.PassCore.Web)'info: Microsoft.AspNetCore.Hosting.Diagnostics[2]
Request finished in 67.9911ms 200 application/json; charset=utf-8info: Microsoft.AspNetCore.Hosting.Diagnostics[1]
Request starting HTTP/2.0 POST https://reset.server.local/api/password application/json 132info: Microsoft.AspNetCore.Routing.EndpointMiddleware[0]
Executing endpoint 'Unosquare.PassCore.Web.Controllers.PasswordController.Post (Unosquare.PassCore.Web)'info: Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker[3]
Route matched with {action = "Post", controller = "Password"}. Executing controller action with signature System.Threading.Tasks.Task`1[Microsoft.AspNetCore.Mvc.IActionResult] Post(Unosquare.PassCore.Web.Models.ChangePasswordModel) on controller Unosquare.PassCore.Web.Controllers.PasswordController (Unosquare.PassCore.Web).warn: Unosquare.PassCore.PasswordProvider.PasswordChangeProvider[0]
Using AutomaticContextinfo: Unosquare.PassCore.PasswordProvider.PasswordChangeProvider[0]
PerformPasswordChange for user user.name@server.localfail: Unosquare.PassCore.PasswordProvider.PasswordChangeProvider[888]
ValidateGroupsSystem.NullReferenceException: Object reference not set to an instance of an object.
at Unosquare.PassCore.PasswordProvider.PasswordChangeProvider.
at System.Linq.Enumerable.Any[TSource](IEnumerable1 source, Func2 predicate)
at Unosquare.PassCore.PasswordProvider.PasswordChangeProvider.ValidateGroups(UserPrincipal userPrincipal) in C:\Unosquare\passcore\src\Unosquare.PassCore.PasswordProvider\PasswordChangeProvider.cs:line 167
dbug: Unosquare.PassCore.PasswordProvider.PasswordChangeProvider[0]
ValidateUserCredentials GetLastWin32Error 1326warn: Unosquare.PassCore.PasswordProvider.PasswordChangeProvider[0]
The User principal password is not validinfo: Microsoft.AspNetCore.Mvc.Infrastructure.ObjectResultExecutor[1]
Executing ObjectResult, writing value of type 'Unosquare.PassCore.Web.Models.ApiResult'.info: Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker[2]
Executed action Unosquare.PassCore.Web.Controllers.PasswordController.Post (Unosquare.PassCore.Web) in 613.7161msinf
PassCore Server
OS: Windows
PassCore version: 4.2.3 (We had some issues with 4.2.4 version)
Provider: Active Directory
Settings file (without sensitive information): "Logging": { "IncludeScopes": false, "LogLevel": { "Default": "Debug", "System": "Information", "Microsoft": "Information" } }, "WebSettings": { "EnableHttpsRedirect": true }, "AppSettings": { // The following options for AD Provider (remove if you don't use this Provider) "UseAutomaticContext": true "RestrictedADGroups": [] "AllowedADGroups": [] "IdTypeForUser": "UPN" "UpdateLastPassword": true // The following options are for LDAP Provider (remove if you don't use this Provider) //"LdapSearchBase": "", //"LdapSecureSocketLayer": false //"LdapStartTls": true //"LdapChangePasswordWithDelAdd": true, //"LdapSearchFilter": "(sAMAccountName={Username})" // General options (valid for both providers) "LdapHostnames": [ "my.domain" ] "LdapPort": 389 "LdapUsername": "" "LdapPassword": "" "DefaultDomain": "my.domain" // Set your default AD domain here, or non "@" logins will not work! Use empty value to allow user to set the domain. This option is ONLY available with UPN. }, "ClientSettings": { "ValidationRegex": { "EmailRegex": "^[a-zA-Z0-9.!#$%&’+/=?^_`{|}~-]+@[a-zA-Z0-9-]+(?:\.[a-zA-Z0-9-]+)$", "UsernameRegex": "^[a-zA-Z0-9._-]{3,20}$" }, "UsePasswordGeneration": false "MinimumDistance": 0 "PasswordEntropy": 16 "ShowPasswordMeter": true, "MinimumScore": 0 "Recaptcha": { "SiteKey": "" "PrivateKey": "" "LanguageCode": "en" },
Log file (without sensitive information):
Describe the bug When I intentionally enter wrong password in order to test PassCore since it's new installation, badPwdCount attribute value increments by 2, 3, or even 4 on every attempt. Problem is that it also automatically locks account.
To Reproduce Steps to reproduce the behavior:
Expected behavior badPwdCount attribute value should increment by 1.
Desktop (please complete the following information):