OpenOTP changes user login name

[Ilia Nastenko]

When logging in via RDP, OpenOTP adds the FQDN name of the Windows domain to the user name and reports that the password and login are incorrect. I have to manually enter the correct name.

For example:
NETBIOS domain name: DOMAIN
FQDN: ad.domain.com
Username: user

When logging in, I get a message that the password and login are incorrect. I enter them manually and see that the login input field has the wrong name - ad.domain.com\user instead of DOMAIN\user.

Where is this behavior configured?

[Yoann Traut (RCDevs)]

Hello, 

In your WebADM Domain object, just configure ad.domain.com as a Domain Name Alias.

WebADM GUI > Admin > User Domain > DOMAIN_NAME > CONFIGURE > Domain Name Alias.
It should solve your issue. 

Regards

[Ilia Nastenko]

I did this and it didn't work. That would be too easy. Maybe I need to restart the server services or configure the credential provider in a special way?

понедельник, 3 марта 2025 г. в 14:08:22 UTC+3, Yoann Traut (RCDevs):

[Spyridon Gouliarmis (RCDevs)]

Normally there is no need to restart the webadm service when changing any LDAP-stored config (such as user domains or client policies), and the CP loads its configuration from the registry every time it is run.

Does the webadm.log lines that correspond to your login attempt report that WebADM refuses the login, (in which case you continue added config to the WebADM/OpenOTP side), or does it report a success? If the later, Windows itself was not happy with the credentials it got, and you might need the CP log to figure out what happened: https://docs.rcdevs.com/howtos/openotp_cp/openotp_cp/#871-enable-debug-logs .

[Ilia Nastenko]

I was careless and specified the NETBIOS domain name as an alias. And I needed to specify the FQDN. And although I can't explain it logically (why the real name is specified as an alias) - it seems to work.

понедельник, 3 марта 2025 г. в 19:33:45 UTC+3, Spyridon Gouliarmis (RCDevs):