offline login QR code

[Petrakis Andreas]

Hello, offline login doesn't work on windows10 on workgroup. The message is "You could not be authenticated. Offline login is not available for thiw user"

Any suggestions ?

 

[mar...@rcdevs.com]

Hello,

To make offline login works, you have to successfully execute one "Simple Push Online Login" with that user, at least.
Also, offline login should be enabled in RCDevs Windows Credential Provider configuration.
So, in order to get a bit more of understanding of Windows CP, I would recommend you to carefully read the doc below (if you haven't done it yet).

Link:

https://www.rcdevs.com/docs/howtos/openotp_cp/openotp_cp/

Best regards,

Marcus Duarte

[Petrakis Andreas]

Yes, it's working now. Its not very clear on documentation. You must register the otp token from user selfservice-desk not locally from webadm. 

Regards

[Yoann Traut]

Hello,

You right we would precise but tokens can be registered on a user account in many different ways with our solutions (through webadm admin, selfdesk, selfreg, helpdesk, Manager APIs...) We just show up one registration example in that doc but the most Important here is the online login before executing offline logins. 

When CP pass offline setting to OpenOTP during the first online login, OpenOTP sends back to CP an offline state (visible through the windows registry) which is required for offline otp validation by the CP. Each user account must have an entry in the registry to be able to login offline.

Regards

On 24 Aug 2020, at 20:09, Petrakis Andreas <petrak...@gmail.com> wrote:



--
You received this message because you are subscribed to the Google Groups "RCDevs Security Solutions - Technical" group.
To unsubscribe from this group and stop receiving emails from it, send an email to rcdevs-technic...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/rcdevs-technical/943cd1f0-1a0d-49f3-822c-2d6943b769bdo%40googlegroups.com.

<rcd_offline_2.PNG>

[Petr Prochazka]

2 months back everything works fine. But I am not able allow for a new user offline login. Something change. 

New user logs online successfully with Push OTP then logoff. But when he try login offline a error appeared. "You could not be authenticated. Offline loging is not available for this user".

I double check registry if  OFFLINE_MODE=1. 

Maybe the issue could be with registry where OpenOTP is creating record during online login. But I do now know where to check it. We are using CredentialProvider v 1.2.010-x64.

Thank you very much for any idea how to make it working again.

Petr

Dne úterý 25. srpna 2020 v 4:53:27 UTC+2 uživatel Yoann Traut (RCDevs) napsal:

[Petr Prochazka]

I upgrade Windows Credential Provider to version 1.2.14 (x64) - doesn't help.

I added user into Administrator group - doesn't help.

No new user at computer is authorized to log in offline.

All existing users at computer can log in offline.

Dne pátek 8. října 2021 v 9:24:25 UTC+2 uživatel Petr Prochazka napsal:

[Yoann Traut (RCDevs)]

Hello, 

There is a new setting under OpenOTP server configuration which allow you to configure the validity of the offline state. 

That setting is the following  (screenshot attached) 

Please check you have that setting enable, otherwise the offline is not working anymore. 

I will ask to the dev team to enable it by default on the server side. 

Regards 

[Petr Prochazka]

You was right. The parametr "Windows Offline Login" was setup by default to "0". So I changed it to "360" and Offline login is available for users again. 

Thank you very much for your help.

Petr

Dne pondělí 11. října 2021 v 18:30:02 UTC+2 uživatel Yoann Traut (RCDevs) napsal:

[Petr Prochazka]

Could you please help me with another issue which is relatedy to change of "Windows Offiline Login"  parametr? Since the value is setup to "360" a  Push OTP is not working. No messages are deliver to phone. If I setup the parametr back to "0" notification works again. 

I am confused what to setup because or offline login does not work or Push OTP does not work.

Thank you 

Dne úterý 12. října 2021 v 10:05:35 UTC+2 uživatel Petr Prochazka napsal:

[Yoann Traut (RCDevs)]

Hello, 

Push login was interrupted 2 days ago because of an issue with our cloud provider (OVH).

Offline setting and the fact that a push notification is sent are not related.

Check now if it works, else provide us the WebADM logs for that OpenOTP authentication session (online login) 

Regards   

[Petr Prochazka]

I can confirm it is working again. So I must have been unlucky because when I tried it with value "360" it doesn't work and when I switched it back to "0" or disable it started works. 

Thank you very much for your help.

Petr

Dne pátek 15. října 2021 v 12:14:05 UTC+2 uživatel Yoann Traut (RCDevs) napsal: