Troubleshooting OpenOTP Plugin for RDWeb Gateway
345 views
Skip to first unread message
phamhuynh...@gmail.com
Aug 27, 2020, 3:45:39 AM8/27/20
to RCDevs Security Solutions - Technical
Hi all,
My environment :
WebADM : Centos 7 , RCDevs WebADM Server v2.0.0RC5 for Linux 64bit
internal domain : localdomain.local
external domain : mydomain.com
RDS server : Windows server 2016 Standard , joined domain , RD Web Access , RD Gateway , RD Session Host , RD Connection Broker , RD Licensing installed on same server.
It works ok , from internet I can access :
https://rds.mydomain.com:8443/RDWEB/ (GeoTrust valid wildcard certificate *.mydomain.com , to avoid self signed certificate problems, I use port 8443 for HTTP Transport Setting on RDS)
login with : localdomain\myuser
https://rds.mydomain.com:8443/RDWEB/ (GeoTrust valid wildcard certificate *.mydomain.com , to avoid self signed certificate problems, I use port 8443 for HTTP Transport Setting on RDS)
login with : localdomain\myuser
I can remote to other internal server through my rds.mydomain.com from internet.
I follow "Microsoft Remote Desktop Services & OpenOTP" documentation . I do "3. OpenOTP Plugin for RDWeb Installation" , install OpenOTP-RDWeb (64 bit) 1.0.0.3 on RDS server .
I haven't done "4. How to configure RDGateway with NPS and OpenOTP over RADIUS", configured NPS, or installed "radiusd" or yet because they are for
"Push Login" only, right ?
When I access to
https://rds.mydomain.com:8443/RDWEB/ and try to login with
localdomain\myuser or localdomain.local\myuser , I get error : "Authentication failed. Please contact your administrator for assistance" , this is webadm.log
localdomain\myuser or localdomain.local\myuser , I get error : "Authentication failed. Please contact your administrator for assistance" , this is webadm.log
[Thu Aug 27 14:13:37.015651 2020] [192.168.7.33] [OpenOTP:PW2MHM78] New openotpNormalLogin SOAP request
[Thu Aug 27 14:13:37.015732 2020] [192.168.7.33] [OpenOTP:PW2MHM78] > Username: myuser@localdomain
[Thu Aug 27 14:13:37.015745 2020] [192.168.7.33] [OpenOTP:PW2MHM78] > Domain: localdomain
[Thu Aug 27 14:13:37.015754 2020] [192.168.7.33] [OpenOTP:PW2MHM78] > Retry ID: 90c2975ba52945d38c1fc3482e60ce05
[Thu Aug 27 14:13:37.015763 2020] [192.168.7.33] [OpenOTP:PW2MHM78] > Settings: LockTimer=0
[Thu Aug 27 14:13:37.015770 2020] [192.168.7.33] [OpenOTP:PW2MHM78] > Options: -LDAP
[Thu Aug 27 14:13:37.015804 2020] [192.168.7.33] [OpenOTP:PW2MHM78] Registered openotpNormalLogin request
[Thu Aug 27 14:13:37.039811 2020] [192.168.7.33] [OpenOTP:PW2MHM78] User invalid or not found
[Thu Aug 27 14:13:37.039936 2020] [192.168.7.33] [OpenOTP:PW2MHM78] Sent failure response
[Thu Aug 27 14:14:05.101874 2020] [192.168.7.33] [OpenOTP:F0CENMD6] New openotpNormalLogin SOAP request
[Thu Aug 27 14:14:05.101924 2020] [192.168.7.33] [OpenOTP:F0CENMD6] > Username: myu...@localdomain.local
[Thu Aug 27 14:14:05.101934 2020] [192.168.7.33] [OpenOTP:F0CENMD6] > Domain: localdomain.local
[Thu Aug 27 14:14:05.101942 2020] [192.168.7.33] [OpenOTP:F0CENMD6] > Retry ID: 6c7431ad823d4b32a94ff1eb982ec33c
[Thu Aug 27 14:14:05.101948 2020] [192.168.7.33] [OpenOTP:F0CENMD6] > Settings: LockTimer=0
[Thu Aug 27 14:14:05.101964 2020] [192.168.7.33] [OpenOTP:F0CENMD6] > Options: -LDAP
[Thu Aug 27 14:14:05.101990 2020] [192.168.7.33] [OpenOTP:F0CENMD6] Registered openotpNormalLogin request
[Thu Aug 27 14:14:05.102588 2020] [192.168.7.33] [OpenOTP:F0CENMD6] Domain 'localdomain.local' not existing
[Thu Aug 27 14:14:05.102618 2020] [192.168.7.33] [OpenOTP:F0CENMD6] User invalid or not found
[Thu Aug 27 14:14:05.102665 2020] [192.168.7.33] [OpenOTP:F0CENMD6] Sent failure response
[Thu Aug 27 14:13:37.015732 2020] [192.168.7.33] [OpenOTP:PW2MHM78] > Username: myuser@localdomain
[Thu Aug 27 14:13:37.015745 2020] [192.168.7.33] [OpenOTP:PW2MHM78] > Domain: localdomain
[Thu Aug 27 14:13:37.015754 2020] [192.168.7.33] [OpenOTP:PW2MHM78] > Retry ID: 90c2975ba52945d38c1fc3482e60ce05
[Thu Aug 27 14:13:37.015763 2020] [192.168.7.33] [OpenOTP:PW2MHM78] > Settings: LockTimer=0
[Thu Aug 27 14:13:37.015770 2020] [192.168.7.33] [OpenOTP:PW2MHM78] > Options: -LDAP
[Thu Aug 27 14:13:37.015804 2020] [192.168.7.33] [OpenOTP:PW2MHM78] Registered openotpNormalLogin request
[Thu Aug 27 14:13:37.039811 2020] [192.168.7.33] [OpenOTP:PW2MHM78] User invalid or not found
[Thu Aug 27 14:13:37.039936 2020] [192.168.7.33] [OpenOTP:PW2MHM78] Sent failure response
[Thu Aug 27 14:14:05.101874 2020] [192.168.7.33] [OpenOTP:F0CENMD6] New openotpNormalLogin SOAP request
[Thu Aug 27 14:14:05.101924 2020] [192.168.7.33] [OpenOTP:F0CENMD6] > Username: myu...@localdomain.local
[Thu Aug 27 14:14:05.101934 2020] [192.168.7.33] [OpenOTP:F0CENMD6] > Domain: localdomain.local
[Thu Aug 27 14:14:05.101942 2020] [192.168.7.33] [OpenOTP:F0CENMD6] > Retry ID: 6c7431ad823d4b32a94ff1eb982ec33c
[Thu Aug 27 14:14:05.101948 2020] [192.168.7.33] [OpenOTP:F0CENMD6] > Settings: LockTimer=0
[Thu Aug 27 14:14:05.101964 2020] [192.168.7.33] [OpenOTP:F0CENMD6] > Options: -LDAP
[Thu Aug 27 14:14:05.101990 2020] [192.168.7.33] [OpenOTP:F0CENMD6] Registered openotpNormalLogin request
[Thu Aug 27 14:14:05.102588 2020] [192.168.7.33] [OpenOTP:F0CENMD6] Domain 'localdomain.local' not existing
[Thu Aug 27 14:14:05.102618 2020] [192.168.7.33] [OpenOTP:F0CENMD6] User invalid or not found
[Thu Aug 27 14:14:05.102665 2020] [192.168.7.33] [OpenOTP:F0CENMD6] Sent failure response
mar...@rcdevs.com
Aug 27, 2020, 3:58:24 AM8/27/20
to RCDevs Security Solutions - Technical
Hello,
In case the user "myuser" appears
in your webadm LDAP (in other words, he exists in webadm), you have to
create an alias for domain "localdomain.local". So that webadm could
find him.
In order to do that, go to 'Admin', then edit 'User domains'. There, add localdomain.local as 'domain alias':
Regards,
Marcus Duarte
phamhuynh...@gmail.com
Aug 27, 2020, 6:26:46 AM8/27/20
to RCDevs Security Solutions - Technical
Thanks for you reply,
it works now I will try configure RDGateway with NPS and OpenOTP over RADIUS later.
phamhuynh...@gmail.com
Aug 28, 2020, 4:24:58 AM8/28/20
to RCDevs Security Solutions - Technical
Today I try "4. How to configure RDGateway with NPS and OpenOTP over RADIUS". (
I ignore step "4.2 RDGateway Configuration" because I had my own RD CAP
& RAP when I setup RDGateway before and they work fine.
)
radiusd is installed, configured and started on WebADM server.
When I try to test remote desktop through rdgateway from internet , OpenOTP app asks for "approve/deny"
after choose approve, it asks again, and again
remote desktop get error:
Remote Desktop can’t connect to the computer “192.168.7.34” for one of these reasons:
- Your user account is not authorized to access the RD Gateway “rds.mydomain.com:8443”
- Your computer is not authorized to access the RD Gateway “rds.mydomain.com:8443”
- You are using an incompatible authentication method (for example, the RD Gateway might be expecting a smart card but you provided a password
This is
my Radius Bridge component in debug mode log :
(0) Received Access-Request Id 1 from 192.168.7.33:53649 (my rds server) to 192.168.0.36:1812 (my webadm radiusd server) length 127
(0) Service-Type = Voice
(0) User-Name = "localdomain\\myuser"
(0) Called-Station-Id = "UserAuthType:PW"
(0) MS-Machine-Name = "xxxxxxxxxx"
(0) MS-Network-Access-Server-Type = Terminal-Server-Gateway
(0) NAS-Port-Type = Virtual
(0) Proxy-State = 0xfe80000000000000d40232e693a535ee00000019
(0) # Executing section authorize from file /opt/radiusd/lib/radiusd.ini
(0) authorize {
(0) eap: No EAP-Message, not doing EAP
(0) [eap] = noop
(0) pap: WARNING: No "known good" password found for the user. Not setting Auth-Type
(0) pap: WARNING: Authentication will fail unless a "known good" password is available
(0) [pap] = noop
(0) [openotp] = ok
(0) } # authorize = ok
(0) Found Auth-Type = OTP
(0) # Executing group from file /opt/radiusd/lib/radiusd.ini
(0) Auth-Type OTP {
rlm_openotp: Found NPS Terminal-Server-Gateway request (password not requested)
rlm_openotp: Found client ID attribute with value ""
rlm_openotp: Found source IP attribute with value ""
rlm_openotp: Found device ID attribute with value ""
rlm_openotp: Found client IP attribute with value ""
rlm_openotp: Sending openotpNormalLogin request
(0) Service-Type = Voice
(0) User-Name = "localdomain\\myuser"
(0) Called-Station-Id = "UserAuthType:PW"
(0) MS-Machine-Name = "xxxxxxxxxx"
(0) MS-Network-Access-Server-Type = Terminal-Server-Gateway
(0) NAS-Port-Type = Virtual
(0) Proxy-State = 0xfe80000000000000d40232e693a535ee00000019
(0) # Executing section authorize from file /opt/radiusd/lib/radiusd.ini
(0) authorize {
(0) eap: No EAP-Message, not doing EAP
(0) [eap] = noop
(0) pap: WARNING: No "known good" password found for the user. Not setting Auth-Type
(0) pap: WARNING: Authentication will fail unless a "known good" password is available
(0) [pap] = noop
(0) [openotp] = ok
(0) } # authorize = ok
(0) Found Auth-Type = OTP
(0) # Executing group from file /opt/radiusd/lib/radiusd.ini
(0) Auth-Type OTP {
rlm_openotp: Found NPS Terminal-Server-Gateway request (password not requested)
rlm_openotp: Found client ID attribute with value ""
rlm_openotp: Found source IP attribute with value ""
rlm_openotp: Found device ID attribute with value ""
rlm_openotp: Found client IP attribute with value ""
rlm_openotp: Sending openotpNormalLogin request
--> I choose approve here
rlm_openotp: OpenOTP authentication succeeded
rlm_openotp: Reply message: Authentication success
rlm_openotp: Sending Access-Accept
(0) [openotp] = ok
(0) } # Auth-Type OTP = ok
(0) Login OK: [localdomain] (from client NPS port 0)
(0) Sent Access-Accept Id 1 from 192.168.0.36:1812 to 192.168.7.33:53649 length 0
(0) Reply-Message := "Authentication success"
(0) Proxy-State = 0xfe80000000000000d40232e693a535ee00000019
(0) Finished request
Waking up in 9.9 seconds.
rlm_openotp: Reply message: Authentication success
rlm_openotp: Sending Access-Accept
(0) [openotp] = ok
(0) } # Auth-Type OTP = ok
(0) Login OK: [localdomain] (from client NPS port 0)
(0) Sent Access-Accept Id 1 from 192.168.0.36:1812 to 192.168.7.33:53649 length 0
(0) Reply-Message := "Authentication success"
(0) Proxy-State = 0xfe80000000000000d40232e693a535ee00000019
(0) Finished request
Waking up in 9.9 seconds.
--> here OpenOTP app asks for "approve/deny" again and again , I keep choosing approve
(1) Received Access-Request Id 2 from 192.168.7.33:53649 to 192.168.0.36:1812 length 127
(1) Service-Type = Voice
(1) User-Name = "localdomain\\myuser"
(1) Called-Station-Id = "UserAuthType:PW"
(1) MS-Machine-Name = "xxxxxxxxxx"
(1) MS-Network-Access-Server-Type = Terminal-Server-Gateway
(1) NAS-Port-Type = Virtual
(1) Proxy-State = 0xfe80000000000000d40232e693a535ee0000001a
(1) # Executing section authorize from file /opt/radiusd/lib/radiusd.ini
(1) authorize {
(1) eap: No EAP-Message, not doing EAP
(1) [eap] = noop
(1) pap: WARNING: No "known good" password found for the user. Not setting Auth-Type
(1) pap: WARNING: Authentication will fail unless a "known good" password is available
(1) [pap] = noop
(1) [openotp] = ok
(1) } # authorize = ok
(1) Found Auth-Type = OTP
(1) # Executing group from file /opt/radiusd/lib/radiusd.ini
(1) Auth-Type OTP {
rlm_openotp: Found NPS Terminal-Server-Gateway request (password not requested)
rlm_openotp: Found client ID attribute with value ""
rlm_openotp: Found source IP attribute with value ""
rlm_openotp: Found device ID attribute with value ""
rlm_openotp: Found client IP attribute with value ""
rlm_openotp: Sending openotpNormalLogin request
rlm_openotp: OpenOTP authentication succeeded
rlm_openotp: Reply message: Authentication success
rlm_openotp: Sending Access-Accept
(1) [openotp] = ok
(1) } # Auth-Type OTP = ok
(1) Login OK: [localdomain] (from client NPS port 0)
(1) Sent Access-Accept Id 2 from 192.168.0.36:1812 to 192.168.7.33:53649 length 0
(1) Reply-Message := "Authentication success"
(1) Proxy-State = 0xfe80000000000000d40232e693a535ee0000001a
(1) Finished request
Waking up in 5.0 seconds.
(2) Received Access-Request Id 3 from 192.168.7.33:53649 to 192.168.0.36:1812 length 127
(2) Service-Type = Voice
(2) User-Name = "localdomain\\myuser"
(2) Called-Station-Id = "UserAuthType:PW"
(2) MS-Machine-Name = "xxxxxxxxxxx"
(2) MS-Network-Access-Server-Type = Terminal-Server-Gateway
(2) NAS-Port-Type = Virtual
(2) Proxy-State = 0xfe80000000000000d40232e693a535ee0000001b
(2) # Executing section authorize from file /opt/radiusd/lib/radiusd.ini
(2) authorize {
(2) eap: No EAP-Message, not doing EAP
(2) [eap] = noop
(2) pap: WARNING: No "known good" password found for the user. Not setting Auth-Type
(2) pap: WARNING: Authentication will fail unless a "known good" password is available
(2) [pap] = noop
(2) [openotp] = ok
(2) } # authorize = ok
(2) Found Auth-Type = OTP
(2) # Executing group from file /opt/radiusd/lib/radiusd.ini
(2) Auth-Type OTP {
rlm_openotp: Found NPS Terminal-Server-Gateway request (password not requested)
rlm_openotp: Found client ID attribute with value ""
rlm_openotp: Found source IP attribute with value ""
rlm_openotp: Found device ID attribute with value ""
rlm_openotp: Found client IP attribute with value ""
rlm_openotp: Sending openotpNormalLogin request
(1) Service-Type = Voice
(1) User-Name = "localdomain\\myuser"
(1) Called-Station-Id = "UserAuthType:PW"
(1) MS-Machine-Name = "xxxxxxxxxx"
(1) MS-Network-Access-Server-Type = Terminal-Server-Gateway
(1) NAS-Port-Type = Virtual
(1) Proxy-State = 0xfe80000000000000d40232e693a535ee0000001a
(1) # Executing section authorize from file /opt/radiusd/lib/radiusd.ini
(1) authorize {
(1) eap: No EAP-Message, not doing EAP
(1) [eap] = noop
(1) pap: WARNING: No "known good" password found for the user. Not setting Auth-Type
(1) pap: WARNING: Authentication will fail unless a "known good" password is available
(1) [pap] = noop
(1) [openotp] = ok
(1) } # authorize = ok
(1) Found Auth-Type = OTP
(1) # Executing group from file /opt/radiusd/lib/radiusd.ini
(1) Auth-Type OTP {
rlm_openotp: Found NPS Terminal-Server-Gateway request (password not requested)
rlm_openotp: Found client ID attribute with value ""
rlm_openotp: Found source IP attribute with value ""
rlm_openotp: Found device ID attribute with value ""
rlm_openotp: Found client IP attribute with value ""
rlm_openotp: Sending openotpNormalLogin request
rlm_openotp: OpenOTP authentication succeeded
rlm_openotp: Reply message: Authentication success
rlm_openotp: Sending Access-Accept
(1) [openotp] = ok
(1) } # Auth-Type OTP = ok
(1) Login OK: [localdomain] (from client NPS port 0)
(1) Sent Access-Accept Id 2 from 192.168.0.36:1812 to 192.168.7.33:53649 length 0
(1) Reply-Message := "Authentication success"
(1) Proxy-State = 0xfe80000000000000d40232e693a535ee0000001a
(1) Finished request
Waking up in 5.0 seconds.
(2) Received Access-Request Id 3 from 192.168.7.33:53649 to 192.168.0.36:1812 length 127
(2) Service-Type = Voice
(2) User-Name = "localdomain\\myuser"
(2) Called-Station-Id = "UserAuthType:PW"
(2) MS-Machine-Name = "xxxxxxxxxxx"
(2) MS-Network-Access-Server-Type = Terminal-Server-Gateway
(2) NAS-Port-Type = Virtual
(2) Proxy-State = 0xfe80000000000000d40232e693a535ee0000001b
(2) # Executing section authorize from file /opt/radiusd/lib/radiusd.ini
(2) authorize {
(2) eap: No EAP-Message, not doing EAP
(2) [eap] = noop
(2) pap: WARNING: No "known good" password found for the user. Not setting Auth-Type
(2) pap: WARNING: Authentication will fail unless a "known good" password is available
(2) [pap] = noop
(2) [openotp] = ok
(2) } # authorize = ok
(2) Found Auth-Type = OTP
(2) # Executing group from file /opt/radiusd/lib/radiusd.ini
(2) Auth-Type OTP {
rlm_openotp: Found NPS Terminal-Server-Gateway request (password not requested)
rlm_openotp: Found client ID attribute with value ""
rlm_openotp: Found source IP attribute with value ""
rlm_openotp: Found device ID attribute with value ""
rlm_openotp: Found client IP attribute with value ""
rlm_openotp: Sending openotpNormalLogin request
mar...@rcdevs.com
Aug 31, 2020, 4:59:50 AM8/31/20
to RCDevs Security Solutions - Technical
Hello,
Could you please tell us what you see in webadm logs for that transaction?
Best regards,
Marcus Duarte
phamhuynh...@gmail.com
Aug 31, 2020, 5:32:47 AM8/31/20
to RCDevs Security Solutions - Technical
Yes, thank you
[Fri Aug 28 15:15:36.160073 2020] [127.0.0.1] [WebSrv] Using LDAP server 'LDAP Server top'
[Fri Aug 28 15:15:36.183873 2020] [127.0.0.1] [OpenOTP:RW1U1ANX] New openotpNormalLogin SOAP request
[Fri Aug 28 15:15:36.183901 2020] [127.0.0.1] [OpenOTP:RW1U1ANX] > Username: myuser
[Fri Aug 28 15:15:36.183910 2020] [127.0.0.1] [OpenOTP:RW1U1ANX] > Domain: localdomain
[Fri Aug 28 15:15:36.183918 2020] [127.0.0.1] [OpenOTP:RW1U1ANX] > Options: RADIUS,NOVOICE,-LDAP,-U2F
[Fri Aug 28 15:15:36.183948 2020] [127.0.0.1] [OpenOTP:RW1U1ANX] Registered openotpNormalLogin request
[Fri Aug 28 15:15:36.359187 2020] [127.0.0.1] [OpenOTP:RW1U1ANX] Resolved LDAP user: CN=Pham Huynh Minh Chuong,OU=Users,OU=ICT,OU=SGN,OU=Central Management,DC=localdomain,DC=local
[Fri Aug 28 15:15:36.359520 2020] [127.0.0.1] [OpenOTP:RW1U1ANX] Resolved LDAP groups: rdallowusers
[Fri Aug 28 15:15:36.362050 2020] [127.0.0.1] [OpenOTP:RW1U1ANX] Using SQL server 'SQL Server'
[Fri Aug 28 15:15:36.363151 2020] [127.0.0.1] [OpenOTP:RW1U1ANX] Using Session server 'Session Server'
[Fri Aug 28 15:15:36.363346 2020] [127.0.0.1] [OpenOTP:RW1U1ANX] Started transaction lock for user
[Fri Aug 28 15:15:36.363466 2020] [127.0.0.1] [OpenOTP:RW1U1ANX] Found user fullname: myuser
[Fri Aug 28 15:15:36.363484 2020] [127.0.0.1] [OpenOTP:RW1U1ANX] Found 1 user mobiles: xxxxxxxxx
[Fri Aug 28 15:15:36.363493 2020] [127.0.0.1] [OpenOTP:RW1U1ANX] Found 1 user emails: myu...@mydomain.com
[Fri Aug 28 15:15:36.381067 2020] [127.0.0.1] [OpenOTP:RW1U1ANX] Found 48 user settings: LoginMode=LDAPOTP,OTPType=TOKEN,PushLogin=Yes,ChallengeMode=Yes,ChallengeTimeout=90,OTPLength=6,MobileTimeout=30,EnableLogin=Yes,HOTPLookAheadWindow=25,TOTPTimeStep=30,TOTPTimeOffsetWindow=120,OCRASuite=OCRA-1:HOTP-SHA1-6:QN06-T1M,DeviceType=FIDO2,SMSType=Normal,SMSMode=Ondemand,MailMode=Ondemand,PrefetchExpire=10,LastOTPTime=300,ListChallengeMode=ShowID
[Fri Aug 28 15:15:36.381760 2020] [127.0.0.1] [OpenOTP:RW1U1ANX] Found 5 user data: TokenType,TokenKey,TokenState,TokenID,TokenSerial
[Fri Aug 28 15:15:36.381872 2020] [127.0.0.1] [OpenOTP:RW1U1ANX] Found 1 registered OTP token (TOTP)
[Fri Aug 28 15:15:36.381908 2020] [127.0.0.1] [OpenOTP:RW1U1ANX] Requested login factors: OTP
[Fri Aug 28 15:15:36.382090 2020] [127.0.0.1] [OpenOTP:RW1U1ANX] Authentication challenge required
[Fri Aug 28 15:15:38.020041 2020] [127.0.0.1] [OpenOTP:RW1U1ANX] Cloud authentication success on cloud.rcdevs.com
[Fri Aug 28 15:15:38.401748 2020] [127.0.0.1] [OpenOTP:RW1U1ANX] Sent push notification for token #1
[Fri Aug 28 15:15:38.401802 2020] [127.0.0.1] [OpenOTP:RW1U1ANX] Waiting 26 seconds for mobile response
[Fri Aug 28 15:15:52.388751 2020] [192.168.0.24] [OpenOTP:RW1U1ANX] Received mobile authentication response from 192.168.0.24
[Fri Aug 28 15:15:52.388814 2020] [192.168.0.24] [OpenOTP:RW1U1ANX] > Session: f1lFw3XydvR5FXS2
[Fri Aug 28 15:15:52.388829 2020] [192.168.0.24] [OpenOTP:RW1U1ANX] > Password: 16 Bytes
[Fri Aug 28 15:15:52.388842 2020] [192.168.0.24] [OpenOTP:RW1U1ANX] Found authentication session started 2020-08-28 15:15:36
[Fri Aug 28 15:15:52.389012 2020] [192.168.0.24] [OpenOTP:RW1U1ANX] PUSH password Ok (token #1)
[Fri Aug 28 15:15:52.406358 2020] [127.0.0.1] [OpenOTP:RW1U1ANX] Updated user data
[Fri Aug 28 15:15:52.407364 2020] [127.0.0.1] [OpenOTP:RW1U1ANX] Sent login success response
[Fri Aug 28 15:15:52.461189 2020] [127.0.0.1] [OpenOTP:LKPTPVXX] New openotpNormalLogin SOAP request
[Fri Aug 28 15:15:52.461225 2020] [127.0.0.1] [OpenOTP:LKPTPVXX] > Username: myuser
[Fri Aug 28 15:15:52.461232 2020] [127.0.0.1] [OpenOTP:LKPTPVXX] > Domain: localdomain
[Fri Aug 28 15:15:52.461239 2020] [127.0.0.1] [OpenOTP:LKPTPVXX] > Options: RADIUS,NOVOICE,-LDAP,-U2F
[Fri Aug 28 15:15:52.461258 2020] [127.0.0.1] [OpenOTP:LKPTPVXX] Registered openotpNormalLogin request
[Fri Aug 28 15:15:52.461557 2020] [127.0.0.1] [OpenOTP:LKPTPVXX] Resolved LDAP user: CN=Pham Huynh Minh Chuong,OU=Users,OU=ICT,OU=SGN,OU=Central Management,DC=localdomain,DC=local (cached)
[Fri Aug 28 15:15:52.461863 2020] [127.0.0.1] [OpenOTP:LKPTPVXX] Resolved LDAP groups: rdallowusers
[Fri Aug 28 15:15:52.465875 2020] [127.0.0.1] [OpenOTP:LKPTPVXX] Started transaction lock for user
[Fri Aug 28 15:15:52.474370 2020] [127.0.0.1] [OpenOTP:LKPTPVXX] Found user fullname: myuser
[Fri Aug 28 15:15:52.474415 2020] [127.0.0.1] [OpenOTP:LKPTPVXX] Found 1 user mobiles: xxxxxxxxxx
[Fri Aug 28 15:15:52.474433 2020] [127.0.0.1] [OpenOTP:LKPTPVXX] Found 1 user emails: myu...@mydomain.com
[Fri Aug 28 15:15:52.475475 2020] [127.0.0.1] [OpenOTP:LKPTPVXX] Found 48 user settings: LoginMode=LDAPOTP,OTPType=TOKEN,PushLogin=Yes,ChallengeMode=Yes,ChallengeTimeout=90,OTPLength=6,MobileTimeout=30,EnableLogin=Yes,HOTPLookAheadWindow=25,TOTPTimeStep=30,TOTPTimeOffsetWindow=120,OCRASuite=OCRA-1:HOTP-SHA1-6:QN06-T1M,DeviceType=FIDO2,SMSType=Normal,SMSMode=Ondemand,MailMode=Ondemand,PrefetchExpire=10,LastOTPTime=300,ListChallengeMode=ShowID
[Fri Aug 28 15:15:52.476673 2020] [127.0.0.1] [OpenOTP:LKPTPVXX] Found 5 user data: TokenType,TokenKey,TokenState,TokenID,TokenSerial
[Fri Aug 28 15:15:52.476833 2020] [127.0.0.1] [OpenOTP:LKPTPVXX] Found 1 registered OTP token (TOTP)
[Fri Aug 28 15:15:52.476897 2020] [127.0.0.1] [OpenOTP:LKPTPVXX] Requested login factors: OTP
[Fri Aug 28 15:15:52.477126 2020] [127.0.0.1] [OpenOTP:LKPTPVXX] Authentication challenge required
[Fri Aug 28 15:15:52.887981 2020] [127.0.0.1] [OpenOTP:LKPTPVXX] Sent push notification for token #1
[Fri Aug 28 15:15:52.888029 2020] [127.0.0.1] [OpenOTP:LKPTPVXX] Waiting 28 seconds for mobile response
[Fri Aug 28 15:15:57.346487 2020] [192.168.0.24] [OpenOTP:LKPTPVXX] Received mobile authentication response from 192.168.0.24
[Fri Aug 28 15:15:57.346560 2020] [192.168.0.24] [OpenOTP:LKPTPVXX] > Session: KcSTsXhMKig1v6au
[Fri Aug 28 15:15:57.346576 2020] [192.168.0.24] [OpenOTP:LKPTPVXX] > Password: 16 Bytes
[Fri Aug 28 15:15:57.346590 2020] [192.168.0.24] [OpenOTP:LKPTPVXX] Found authentication session started 2020-08-28 15:15:52
[Fri Aug 28 15:15:57.346755 2020] [192.168.0.24] [OpenOTP:LKPTPVXX] PUSH password Ok (token #1)
[Fri Aug 28 15:15:57.365421 2020] [127.0.0.1] [OpenOTP:LKPTPVXX] Updated user data
[Fri Aug 28 15:15:57.371903 2020] [127.0.0.1] [OpenOTP:LKPTPVXX] Sent login success response
[Fri Aug 28 15:15:57.429703 2020] [127.0.0.1] [OpenOTP:2IEQGMLP] New openotpNormalLogin SOAP request
[Fri Aug 28 15:15:57.429752 2020] [127.0.0.1] [OpenOTP:2IEQGMLP] > Username: myuser
[Fri Aug 28 15:15:57.429768 2020] [127.0.0.1] [OpenOTP:2IEQGMLP] > Domain: localdomain
[Fri Aug 28 15:15:57.429784 2020] [127.0.0.1] [OpenOTP:2IEQGMLP] > Options: RADIUS,NOVOICE,-LDAP,-U2F
[Fri Aug 28 15:15:57.429823 2020] [127.0.0.1] [OpenOTP:2IEQGMLP] Registered openotpNormalLogin request
[Fri Aug 28 15:15:57.430357 2020] [127.0.0.1] [OpenOTP:2IEQGMLP] Resolved LDAP user: CN=Pham Huynh Minh Chuong,OU=Users,OU=ICT,OU=SGN,OU=Central Management,DC=localdomain,DC=local (cached)
[Fri Aug 28 15:15:57.431006 2020] [127.0.0.1] [OpenOTP:2IEQGMLP] Resolved LDAP groups: rdallowusers
[Fri Aug 28 15:15:57.436008 2020] [127.0.0.1] [OpenOTP:2IEQGMLP] Started transaction lock for user
[Fri Aug 28 15:15:57.446013 2020] [127.0.0.1] [OpenOTP:2IEQGMLP] Found user fullname: myuser
[Fri Aug 28 15:15:57.446057 2020] [127.0.0.1] [OpenOTP:2IEQGMLP] Found 1 user mobiles: xxxxxxxxxx
[Fri Aug 28 15:15:57.446077 2020] [127.0.0.1] [OpenOTP:2IEQGMLP] Found 1 user emails: myu...@mydomain.com
[Fri Aug 28 15:15:57.447118 2020] [127.0.0.1] [OpenOTP:2IEQGMLP] Found 48 user settings: LoginMode=LDAPOTP,OTPType=TOKEN,PushLogin=Yes,ChallengeMode=Yes,ChallengeTimeout=90,OTPLength=6,MobileTimeout=30,EnableLogin=Yes,HOTPLookAheadWindow=25,TOTPTimeStep=30,TOTPTimeOffsetWindow=120,OCRASuite=OCRA-1:HOTP-SHA1-6:QN06-T1M,DeviceType=FIDO2,SMSType=Normal,SMSMode=Ondemand,MailMode=Ondemand,PrefetchExpire=10,LastOTPTime=300,ListChallengeMode=ShowID
[Fri Aug 28 15:15:57.448331 2020] [127.0.0.1] [OpenOTP:2IEQGMLP] Found 5 user data: TokenType,TokenKey,TokenState,TokenID,TokenSerial
[Fri Aug 28 15:15:57.448471 2020] [127.0.0.1] [OpenOTP:2IEQGMLP] Found 1 registered OTP token (TOTP)
[Fri Aug 28 15:15:57.448511 2020] [127.0.0.1] [OpenOTP:2IEQGMLP] Requested login factors: OTP
[Fri Aug 28 15:15:57.448732 2020] [127.0.0.1] [OpenOTP:2IEQGMLP] Authentication challenge required
[Fri Aug 28 15:15:57.932412 2020] [127.0.0.1] [OpenOTP:2IEQGMLP] Sent push notification for token #1
[Fri Aug 28 15:15:57.932468 2020] [127.0.0.1] [OpenOTP:2IEQGMLP] Waiting 28 seconds for mobile response
[Fri Aug 28 15:16:25.979609 2020] [127.0.0.1] [OpenOTP:2IEQGMLP] Started OTP authentication session of ID k27X8ibpRtRnE788 valid for 90 seconds
[Fri Aug 28 15:15:36.183873 2020] [127.0.0.1] [OpenOTP:RW1U1ANX] New openotpNormalLogin SOAP request
[Fri Aug 28 15:15:36.183901 2020] [127.0.0.1] [OpenOTP:RW1U1ANX] > Username: myuser
[Fri Aug 28 15:15:36.183910 2020] [127.0.0.1] [OpenOTP:RW1U1ANX] > Domain: localdomain
[Fri Aug 28 15:15:36.183918 2020] [127.0.0.1] [OpenOTP:RW1U1ANX] > Options: RADIUS,NOVOICE,-LDAP,-U2F
[Fri Aug 28 15:15:36.183948 2020] [127.0.0.1] [OpenOTP:RW1U1ANX] Registered openotpNormalLogin request
[Fri Aug 28 15:15:36.359187 2020] [127.0.0.1] [OpenOTP:RW1U1ANX] Resolved LDAP user: CN=Pham Huynh Minh Chuong,OU=Users,OU=ICT,OU=SGN,OU=Central Management,DC=localdomain,DC=local
[Fri Aug 28 15:15:36.359520 2020] [127.0.0.1] [OpenOTP:RW1U1ANX] Resolved LDAP groups: rdallowusers
[Fri Aug 28 15:15:36.362050 2020] [127.0.0.1] [OpenOTP:RW1U1ANX] Using SQL server 'SQL Server'
[Fri Aug 28 15:15:36.363151 2020] [127.0.0.1] [OpenOTP:RW1U1ANX] Using Session server 'Session Server'
[Fri Aug 28 15:15:36.363346 2020] [127.0.0.1] [OpenOTP:RW1U1ANX] Started transaction lock for user
[Fri Aug 28 15:15:36.363466 2020] [127.0.0.1] [OpenOTP:RW1U1ANX] Found user fullname: myuser
[Fri Aug 28 15:15:36.363484 2020] [127.0.0.1] [OpenOTP:RW1U1ANX] Found 1 user mobiles: xxxxxxxxx
[Fri Aug 28 15:15:36.363493 2020] [127.0.0.1] [OpenOTP:RW1U1ANX] Found 1 user emails: myu...@mydomain.com
[Fri Aug 28 15:15:36.381067 2020] [127.0.0.1] [OpenOTP:RW1U1ANX] Found 48 user settings: LoginMode=LDAPOTP,OTPType=TOKEN,PushLogin=Yes,ChallengeMode=Yes,ChallengeTimeout=90,OTPLength=6,MobileTimeout=30,EnableLogin=Yes,HOTPLookAheadWindow=25,TOTPTimeStep=30,TOTPTimeOffsetWindow=120,OCRASuite=OCRA-1:HOTP-SHA1-6:QN06-T1M,DeviceType=FIDO2,SMSType=Normal,SMSMode=Ondemand,MailMode=Ondemand,PrefetchExpire=10,LastOTPTime=300,ListChallengeMode=ShowID
[Fri Aug 28 15:15:36.381760 2020] [127.0.0.1] [OpenOTP:RW1U1ANX] Found 5 user data: TokenType,TokenKey,TokenState,TokenID,TokenSerial
[Fri Aug 28 15:15:36.381872 2020] [127.0.0.1] [OpenOTP:RW1U1ANX] Found 1 registered OTP token (TOTP)
[Fri Aug 28 15:15:36.381908 2020] [127.0.0.1] [OpenOTP:RW1U1ANX] Requested login factors: OTP
[Fri Aug 28 15:15:36.382090 2020] [127.0.0.1] [OpenOTP:RW1U1ANX] Authentication challenge required
[Fri Aug 28 15:15:38.020041 2020] [127.0.0.1] [OpenOTP:RW1U1ANX] Cloud authentication success on cloud.rcdevs.com
[Fri Aug 28 15:15:38.401748 2020] [127.0.0.1] [OpenOTP:RW1U1ANX] Sent push notification for token #1
[Fri Aug 28 15:15:38.401802 2020] [127.0.0.1] [OpenOTP:RW1U1ANX] Waiting 26 seconds for mobile response
[Fri Aug 28 15:15:52.388751 2020] [192.168.0.24] [OpenOTP:RW1U1ANX] Received mobile authentication response from 192.168.0.24
[Fri Aug 28 15:15:52.388814 2020] [192.168.0.24] [OpenOTP:RW1U1ANX] > Session: f1lFw3XydvR5FXS2
[Fri Aug 28 15:15:52.388829 2020] [192.168.0.24] [OpenOTP:RW1U1ANX] > Password: 16 Bytes
[Fri Aug 28 15:15:52.388842 2020] [192.168.0.24] [OpenOTP:RW1U1ANX] Found authentication session started 2020-08-28 15:15:36
[Fri Aug 28 15:15:52.389012 2020] [192.168.0.24] [OpenOTP:RW1U1ANX] PUSH password Ok (token #1)
[Fri Aug 28 15:15:52.406358 2020] [127.0.0.1] [OpenOTP:RW1U1ANX] Updated user data
[Fri Aug 28 15:15:52.407364 2020] [127.0.0.1] [OpenOTP:RW1U1ANX] Sent login success response
[Fri Aug 28 15:15:52.461189 2020] [127.0.0.1] [OpenOTP:LKPTPVXX] New openotpNormalLogin SOAP request
[Fri Aug 28 15:15:52.461225 2020] [127.0.0.1] [OpenOTP:LKPTPVXX] > Username: myuser
[Fri Aug 28 15:15:52.461232 2020] [127.0.0.1] [OpenOTP:LKPTPVXX] > Domain: localdomain
[Fri Aug 28 15:15:52.461239 2020] [127.0.0.1] [OpenOTP:LKPTPVXX] > Options: RADIUS,NOVOICE,-LDAP,-U2F
[Fri Aug 28 15:15:52.461258 2020] [127.0.0.1] [OpenOTP:LKPTPVXX] Registered openotpNormalLogin request
[Fri Aug 28 15:15:52.461557 2020] [127.0.0.1] [OpenOTP:LKPTPVXX] Resolved LDAP user: CN=Pham Huynh Minh Chuong,OU=Users,OU=ICT,OU=SGN,OU=Central Management,DC=localdomain,DC=local (cached)
[Fri Aug 28 15:15:52.461863 2020] [127.0.0.1] [OpenOTP:LKPTPVXX] Resolved LDAP groups: rdallowusers
[Fri Aug 28 15:15:52.465875 2020] [127.0.0.1] [OpenOTP:LKPTPVXX] Started transaction lock for user
[Fri Aug 28 15:15:52.474370 2020] [127.0.0.1] [OpenOTP:LKPTPVXX] Found user fullname: myuser
[Fri Aug 28 15:15:52.474415 2020] [127.0.0.1] [OpenOTP:LKPTPVXX] Found 1 user mobiles: xxxxxxxxxx
[Fri Aug 28 15:15:52.474433 2020] [127.0.0.1] [OpenOTP:LKPTPVXX] Found 1 user emails: myu...@mydomain.com
[Fri Aug 28 15:15:52.475475 2020] [127.0.0.1] [OpenOTP:LKPTPVXX] Found 48 user settings: LoginMode=LDAPOTP,OTPType=TOKEN,PushLogin=Yes,ChallengeMode=Yes,ChallengeTimeout=90,OTPLength=6,MobileTimeout=30,EnableLogin=Yes,HOTPLookAheadWindow=25,TOTPTimeStep=30,TOTPTimeOffsetWindow=120,OCRASuite=OCRA-1:HOTP-SHA1-6:QN06-T1M,DeviceType=FIDO2,SMSType=Normal,SMSMode=Ondemand,MailMode=Ondemand,PrefetchExpire=10,LastOTPTime=300,ListChallengeMode=ShowID
[Fri Aug 28 15:15:52.476673 2020] [127.0.0.1] [OpenOTP:LKPTPVXX] Found 5 user data: TokenType,TokenKey,TokenState,TokenID,TokenSerial
[Fri Aug 28 15:15:52.476833 2020] [127.0.0.1] [OpenOTP:LKPTPVXX] Found 1 registered OTP token (TOTP)
[Fri Aug 28 15:15:52.476897 2020] [127.0.0.1] [OpenOTP:LKPTPVXX] Requested login factors: OTP
[Fri Aug 28 15:15:52.477126 2020] [127.0.0.1] [OpenOTP:LKPTPVXX] Authentication challenge required
[Fri Aug 28 15:15:52.887981 2020] [127.0.0.1] [OpenOTP:LKPTPVXX] Sent push notification for token #1
[Fri Aug 28 15:15:52.888029 2020] [127.0.0.1] [OpenOTP:LKPTPVXX] Waiting 28 seconds for mobile response
[Fri Aug 28 15:15:57.346487 2020] [192.168.0.24] [OpenOTP:LKPTPVXX] Received mobile authentication response from 192.168.0.24
[Fri Aug 28 15:15:57.346560 2020] [192.168.0.24] [OpenOTP:LKPTPVXX] > Session: KcSTsXhMKig1v6au
[Fri Aug 28 15:15:57.346576 2020] [192.168.0.24] [OpenOTP:LKPTPVXX] > Password: 16 Bytes
[Fri Aug 28 15:15:57.346590 2020] [192.168.0.24] [OpenOTP:LKPTPVXX] Found authentication session started 2020-08-28 15:15:52
[Fri Aug 28 15:15:57.346755 2020] [192.168.0.24] [OpenOTP:LKPTPVXX] PUSH password Ok (token #1)
[Fri Aug 28 15:15:57.365421 2020] [127.0.0.1] [OpenOTP:LKPTPVXX] Updated user data
[Fri Aug 28 15:15:57.371903 2020] [127.0.0.1] [OpenOTP:LKPTPVXX] Sent login success response
[Fri Aug 28 15:15:57.429703 2020] [127.0.0.1] [OpenOTP:2IEQGMLP] New openotpNormalLogin SOAP request
[Fri Aug 28 15:15:57.429752 2020] [127.0.0.1] [OpenOTP:2IEQGMLP] > Username: myuser
[Fri Aug 28 15:15:57.429768 2020] [127.0.0.1] [OpenOTP:2IEQGMLP] > Domain: localdomain
[Fri Aug 28 15:15:57.429784 2020] [127.0.0.1] [OpenOTP:2IEQGMLP] > Options: RADIUS,NOVOICE,-LDAP,-U2F
[Fri Aug 28 15:15:57.429823 2020] [127.0.0.1] [OpenOTP:2IEQGMLP] Registered openotpNormalLogin request
[Fri Aug 28 15:15:57.430357 2020] [127.0.0.1] [OpenOTP:2IEQGMLP] Resolved LDAP user: CN=Pham Huynh Minh Chuong,OU=Users,OU=ICT,OU=SGN,OU=Central Management,DC=localdomain,DC=local (cached)
[Fri Aug 28 15:15:57.431006 2020] [127.0.0.1] [OpenOTP:2IEQGMLP] Resolved LDAP groups: rdallowusers
[Fri Aug 28 15:15:57.436008 2020] [127.0.0.1] [OpenOTP:2IEQGMLP] Started transaction lock for user
[Fri Aug 28 15:15:57.446013 2020] [127.0.0.1] [OpenOTP:2IEQGMLP] Found user fullname: myuser
[Fri Aug 28 15:15:57.446057 2020] [127.0.0.1] [OpenOTP:2IEQGMLP] Found 1 user mobiles: xxxxxxxxxx
[Fri Aug 28 15:15:57.446077 2020] [127.0.0.1] [OpenOTP:2IEQGMLP] Found 1 user emails: myu...@mydomain.com
[Fri Aug 28 15:15:57.447118 2020] [127.0.0.1] [OpenOTP:2IEQGMLP] Found 48 user settings: LoginMode=LDAPOTP,OTPType=TOKEN,PushLogin=Yes,ChallengeMode=Yes,ChallengeTimeout=90,OTPLength=6,MobileTimeout=30,EnableLogin=Yes,HOTPLookAheadWindow=25,TOTPTimeStep=30,TOTPTimeOffsetWindow=120,OCRASuite=OCRA-1:HOTP-SHA1-6:QN06-T1M,DeviceType=FIDO2,SMSType=Normal,SMSMode=Ondemand,MailMode=Ondemand,PrefetchExpire=10,LastOTPTime=300,ListChallengeMode=ShowID
[Fri Aug 28 15:15:57.448331 2020] [127.0.0.1] [OpenOTP:2IEQGMLP] Found 5 user data: TokenType,TokenKey,TokenState,TokenID,TokenSerial
[Fri Aug 28 15:15:57.448471 2020] [127.0.0.1] [OpenOTP:2IEQGMLP] Found 1 registered OTP token (TOTP)
[Fri Aug 28 15:15:57.448511 2020] [127.0.0.1] [OpenOTP:2IEQGMLP] Requested login factors: OTP
[Fri Aug 28 15:15:57.448732 2020] [127.0.0.1] [OpenOTP:2IEQGMLP] Authentication challenge required
[Fri Aug 28 15:15:57.932412 2020] [127.0.0.1] [OpenOTP:2IEQGMLP] Sent push notification for token #1
[Fri Aug 28 15:15:57.932468 2020] [127.0.0.1] [OpenOTP:2IEQGMLP] Waiting 28 seconds for mobile response
[Fri Aug 28 15:16:25.979609 2020] [127.0.0.1] [OpenOTP:2IEQGMLP] Started OTP authentication session of ID k27X8ibpRtRnE788 valid for 90 seconds
mar...@rcdevs.com
Sep 4, 2020, 11:39:08 AM9/4/20
to RCDevs Security Solutions - Technical
At this part, it seems the push notification was sent to your mobile but there wasn't any reply. Did you get the push notification?
[Fri Aug 28 15:15:57.932412 2020] [127.0.0.1] [OpenOTP:2IEQGMLP] Sent push notification for token #1
[Fri Aug 28 15:15:57.932468 2020] [127.0.0.1] [OpenOTP:2IEQGMLP] Waiting 28 seconds for mobile response
[Fri Aug 28 15:15:57.932468 2020] [127.0.0.1] [OpenOTP:2IEQGMLP] Waiting 28 seconds for mobile response
Regards,
Marcus Duarte
phamhuynh...@gmail.com
Sep 5, 2020, 11:58:13 AM9/5/20
to RCDevs Security Solutions - Technical
Yes, I got the push notification on my mobile app, I chose "approve" but it keep asking again and again.
mar...@rcdevs.com
Sep 7, 2020, 6:27:12 AM9/7/20
to RCDevs Security Solutions - Technical
Hello,
It could be the case your user does not have access to RDGW or the timeout is too short.
By default, the timeout is 5 seconds in the NPS server. Please, change that to 30 seconds or higher.
After the change, restart the NPS server to make sure it works.
Best regards,
Marcus Duarte
phamhuynh...@gmail.com
Sep 7, 2020, 9:48:50 PM9/7/20
to RCDevs Security Solutions - Technical
Yes ! It works now , I left the these settings as default so they are too short , thank you very much.
Reply all
Reply to author
Forward
0 new messages