Win7Pro - Login failed

[wigbo]

Hi,

i can't login using multiOTP-CP.

My Environment:

• Windows 7 Pro
• Windows Server 2008
• ActiveDirectory (Domain functional levels 2008)
• AD User (and for testing also a local user)
• multiOTP 4.3.1.1 & multiOTP-CP 2.2.1

multiOTP is working on both sides. When i check multiOTP in command line everything is working.

multiotp 4.3.1.1
Your script is running from C:\multiOTP\
2015-04-01 17:36:54     warning         System  Error: database file C:\multiOTP\users\otptest.db for user otptest does not exist
2015-04-01 17:36:55     warning         System  Error: database file C:\multiOTP\users\otptest.db for user otptest does not exist
2015-04-01 17:36:57     notice  otptest   User    Info: User otptest successfully logged in using an external server
2015-04-01 17:36:57     debug           Debug   Debug: 0 OK: Token accepted

But when i tried to login with multiOTP-CP i get the error:

You could not be authorized using the specified one-time-password.

In the debug log on client side:

========================================
multiotp 4.3.1.1
Your script is running from C:\multiOTP\
2015-04-01 17:36:54     warning         System  Error: database file C:\multiOTP\users\otptest.db for user otptest does not exist
2015-04-01 17:36:55     warning         System  Error: database file C:\multiOTP\users\otptest.db for user otptest does not exist
2015-04-01 17:36:57     notice  otptest   User    Info: User otptest successfully logged in using an external server
2015-04-01 17:36:57     debug           Debug   Debug: 0 OK: Token accepted
2015-04-01 17:37:25     warning         System  Error: database file C:\multiOTP\users\otptest.db for user otptest does not exist
2015-04-01 17:37:26     warning         System  Error: database file C:\multiOTP\users\otptest.db for user otptest does not exist
2015-04-01 17:37:28     notice  otptest   User    Info: User otptest successfully logged in using an external server
2015-04-01 17:43:04     warning         System  Error: database file C:\multiOTP\users\otptest.db for user otptest does not exist
2015-04-01 17:43:05     warning         System  Error: database file C:\multiOTP\users\otptest.db for user otptest does not exist
2015-04-01 17:43:07     notice  otptest   User    Info: User otptest successfully logged in using an external server

On the server side:

multiotp 4.3.1.1
Your script is running from C:\multiOTP\
2015-04-01 17:36:54     debug           Server-Client   Info: *CheckUserExists server request.
========================================
multiotp 4.3.1.1
Your script is running from C:\multiOTP\
2015-04-01 17:36:54     debug           Server-Client   Info: *ReadUserData server request.
========================================
multiotp 4.3.1.1
Your script is running from C:\multiOTP\
2015-04-01 17:36:55     debug           Server-Client   Info: *ReadUserData server request.
========================================
multiotp 4.3.1.1
Your script is running from C:\multiOTP\
2015-04-01 17:36:56     debug           Server-Client   Info: *ReadUserData server request.
========================================
multiotp 4.3.1.1
Your script is running from C:\multiOTP\
2015-04-01 17:36:57     debug           Server-Client   Info: *CheckUserToken server request.
2015-04-01 17:36:57     notice  otptest   User    OK: User otptest successfully logged in

There is no difference for a local or AD user. Or if i set a default domain for multiOTP-CP.

Thanks!

[DominikPretzsch]

Hi,

thank you for your request.

Have you tried using an earlier version of multiOTP.exe? I'll discuss this
problem with the developers there at SysCo.

Cheers

Dominik Pretzsch

2015-04-15 17:17 GMT+02:00 wigbo [email protected]:

Hi,

i can't login using multiOTP-CP.

My Environment:

• Windows 7 Pro
• Windows Server 2008
• ActiveDirectory (Domain functional levels 2008)
• AD User (and for testing also a local user)
• multiOTP 4.3.1.1 & multiOTP-CP 2.2.1

multiOTP is working on both sides. When i check multiOTP in command line
everything is working.

multiotp 4.3.1.1
Your script is running from C:\multiOTP
2015-04-01 17:36:54 warning System Error: database file C:\multiOTP\users\otptest.db for user otptest does not exist
2015-04-01 17:36:55 warning System Error: database file C:\multiOTP\users\otptest.db for user otptest does not exist
2015-04-01 17:36:57 notice otptest User Info: User otptest successfully logged in using an external server
2015-04-01 17:36:57 debug Debug Debug: 0 OK: Token accepted

But when i tried to login with multiOTP-CP i get the error:

You could not be authorized using the specified one-time-password.

In the debug log on client side:

multiotp 4.3.1.1
Your script is running from C:\multiOTP
2015-04-01 17:36:54 warning System Error: database file C:\multiOTP\users\otptest.db for user otptest does not exist
2015-04-01 17:36:55 warning System Error: database file C:\multiOTP\users\otptest.db for user otptest does not exist
2015-04-01 17:36:57 notice otptest User Info: User otptest successfully logged in using an external server
2015-04-01 17:36:57 debug Debug Debug: 0 OK: Token accepted
2015-04-01 17:37:25 warning System Error: database file C:\multiOTP\users\otptest.db for user otptest does not exist
2015-04-01 17:37:26 warning System Error: database file C:\multiOTP\users\otptest.db for user otptest does not exist
2015-04-01 17:37:28 notice otptest User Info: User otptest successfully logged in using an external server
2015-04-01 17:43:04 warning System Error: database file C:\multiOTP\users\otptest.db for user otptest does not exist
2015-04-01 17:43:05 warning System Error: database file C:\multiOTP\users\otptest.db for user otptest does not exist
2015-04-01 17:43:07 notice otptest User Info: User otptest successfully logged in using an external server

On the server side:

multiotp 4.3.1.1
Your script is running from C:\multiOTP\

2015-04-01 17:36:54 debug Server-Client Info: *CheckUserExists server request.

multiotp 4.3.1.1
Your script is running from C:\multiOTP\

2015-04-01 17:36:54 debug Server-Client Info: *ReadUserData server request.

multiotp 4.3.1.1
Your script is running from C:\multiOTP\

2015-04-01 17:36:55 debug Server-Client Info: *ReadUserData server request.

multiotp 4.3.1.1
Your script is running from C:\multiOTP\

2015-04-01 17:36:56 debug Server-Client Info: *ReadUserData server request.

multiotp 4.3.1.1
Your script is running from C:\multiOTP
2015-04-01 17:36:57 debug Server-Client Info: *CheckUserToken server request.
2015-04-01 17:36:57 notice otptest User OK: User otptest successfully logged in

There is no difference for a local or AD user. Or if i set a default
domain for multiOTP-CP.

Thanks!

—
Reply to this email directly or view it on GitHub
#7
.

Last Squirrel IT
Dominik Pretzsch

Humboldtstr. 2
09130 Chemnitz, Germany

USt-IdNr.: DE290444313

---

Diese E-Mail enthaelt vertrauliche und/oder rechtlich geschuetzte
Informationen.
Wenn Sie nicht der richtige Adressat sind oder diese E-Mail irrtuemlich
erhalten
haben, informieren Sie bitte sofort den Absender und vernichten Sie diese
Mail.
Das unerlaubte Kopieren sowie die unbefugte Weitergabe dieser E-Mail ist
nicht
gestattet.

This email may contain confidential and/or privileged information.
If you are not the intended recipient (or have received this email
in error) please notify the sender immediately and destroy this email.
Any unauthorized copying, disclosure or distribution of the material
in this email is strictly forbidden.

---

[wigbo]

Hi,

I've just checked that with version 4.2.4.2.
But still the same problem. Error message is also the same.

And then i tried an older version of multiOTP-CP 2.1.2-RC2. No change!

Thanks!

[DominikPretzsch]

Hi,

this is very strange. I already contacted my friends over there at SysCo,
but got no answer, yet.
I'll let you know as soon as we discussed the problem. Please be patient
and sorry, that you need to wait.

Best regards

Last Squirrel IT
Dominik Pretzsch

Humboldtstr. 2
09130 Chemnitz, Germany

USt-IdNr.: DE290444313

---

Diese E-Mail enthaelt vertrauliche und/oder rechtlich geschuetzte
Informationen.
Wenn Sie nicht der richtige Adressat sind oder diese E-Mail irrtuemlich
erhalten
haben, informieren Sie bitte sofort den Absender und vernichten Sie diese
Mail.
Das unerlaubte Kopieren sowie die unbefugte Weitergabe dieser E-Mail ist
nicht
gestattet.

This email may contain confidential and/or privileged information.
If you are not the intended recipient (or have received this email
in error) please notify the sender immediately and destroy this email.
Any unauthorized copying, disclosure or distribution of the material
in this email is strictly forbidden.

---

[wigbo]

Any news?

[jeffmcjunkin]

I'm having the same issue. I'm using local authentication on Windows 7 (the modern.ie VM - IE11 on Win7).

multiotp.exe works perfectly from the command line, but not via the CredentialProvider. So, no GUI login to Windows.

[DominikPretzsch]

Hey guys,

we are currently searching for the reason for this issues to happen with
our friends from SysCo. Thank you for your patience.

Dominik Pretzsch

2015-05-21 21:03 GMT+02:00 Jeff McJunkin [email protected]:

I'm having the same issue. I'm using local authentication on Windows 7
(the modern.ie VM - IE11 on Win7).

multiotp.exe works perfectly from the command line, but not via the
CredentialProvider. So, no GUI login to Windows.

—
Reply to this email directly or view it on GitHub
#7 (comment)
.

Last Squirrel IT
Dominik Pretzsch

Humboldtstr. 2
09130 Chemnitz, Germany

USt-IdNr.: DE290444313

---

Diese E-Mail enthaelt vertrauliche und/oder rechtlich geschuetzte
Informationen.
Wenn Sie nicht der richtige Adressat sind oder diese E-Mail irrtuemlich
erhalten
haben, informieren Sie bitte sofort den Absender und vernichten Sie diese
Mail.
Das unerlaubte Kopieren sowie die unbefugte Weitergabe dieser E-Mail ist
nicht
gestattet.

This email may contain confidential and/or privileged information.
If you are not the intended recipient (or have received this email
in error) please notify the sender immediately and destroy this email.
Any unauthorized copying, disclosure or distribution of the material
in this email is strictly forbidden.

---

[jeffmcjunkin]

I think the issue is with the Credential Provider. I was able to authenticate using my OTP using the prior release (mOTP-CP-2.1.2-RC2-x86-eng [1]). Google Authenticator works great.

[1] https://code.google.com/p/multi-one-time-password--credential-provider/downloads/detail?name=mOTP-CP-2.1.2-RC2-x86-eng.zip&can=2&q=

[DominikPretzsch]

Hi Jeff,

thank you for that hint. We'll have a look at this.

So in the meantime, please use 2.1.2-RC2.
Am 22.05.2015 00:10 schrieb "Jeff McJunkin" [email protected]:

I think the issue is with the Credential Provider. I was able to
authenticate using my OTP using the prior release
(mOTP-CP-2.1.2-RC2-x86-eng [1]). Google Authenticator works great.

[1]
https://code.google.com/p/multi-one-time-password--credential-provider/downloads/detail?name=mOTP-CP-2.1.2-RC2-x86-eng.zip&can=2&q=

—
Reply to this email directly or view it on GitHub
#7 (comment)
.

Last Squirrel IT
Dominik Pretzsch

Humboldtstr. 2
09130 Chemnitz, Germany

USt-IdNr.: DE290444313

---

Diese E-Mail enthaelt vertrauliche und/oder rechtlich geschuetzte
Informationen.
Wenn Sie nicht der richtige Adressat sind oder diese E-Mail irrtuemlich
erhalten
haben, informieren Sie bitte sofort den Absender und vernichten Sie diese
Mail.
Das unerlaubte Kopieren sowie die unbefugte Weitergabe dieser E-Mail ist
nicht
gestattet.

This email may contain confidential and/or privileged information.
If you are not the intended recipient (or have received this email
in error) please notify the sender immediately and destroy this email.
Any unauthorized copying, disclosure or distribution of the material
in this email is strictly forbidden.

---

[DominikPretzsch]

Still searching for the source of the fails on some PCs.
Maybe it depends on the behaviour of the installed antivirus software, when using "unknown" software - what the provider may be.

[afond]

Hi,

I had sames issues with all versions and well configured users.
I finally found what was going wrong.

Context:
-You could not be authorized using the specified one-time-password
or

• 80004005 error which is unexpected errors (some are expected ?)

Solution:
At multiOTP CP installation we must give multiotp path. I use to give the root path but you have to give the multiotp.exe path which is in windows subfolder of multiotp.

So a path like c:\multiotp\ is incorrect but c:\multiotp\windows\ is.

Hope this answer will help you.

Should be improved :

• a file exists check at installation
• a more versatile label
• a log entry in either windows log or multiotp log with no multiotp.exe found error
• add attempt in windows subfolder of user given path

I find this solution with question mark present on some versions, which refers to .exe file.

Best regards
Afond

PS: works on WIN10 too

[multiOTP]

Hello,

Please note that we have enhanced this MultiOneTimePassword-CredentialProvider thanks to various contributors, and it's now available in the multiOTP project (https://github.com/multiOTP/multiOTPCredentialProvider). We will do enhancements in this fork.

Regards,