Windows Credential Provider - lose registery settings if change settings
182 views
Skip to first unread message
Ashley Nichols
Feb 14, 2018, 7:37:55 PM2/14/18
to RCDevs Security Solutions - Technical
I am testing WebADM and Windows Credential Provider on Windows 10 x64 for MFA. When I install the credential provider the first time without being the default provider, everything is working well. I can login using the windows standard login or the WebADM plugin.
Once this is tested and working, I go to windows --> settings --> apps & features --> OpenOTP
Then Modify Settings
Install "Default Provider"
Keep all the same settings
Log out, log back in and get the error "Can not Initialize Endpoint".
The webadm.log on the server does not show any connection attempt.
Rebooting in windows safemode, you cannot use the Windows Installer so I go to REGEDIT and go to "HKEY_LOCAL_MACHINE/SOFTWARE/RCDevs/OpenOTP-CP"
The settings are lost.
The CA file and server_url are both blank.
Editing the CA file location and adding the server_url back, then rebooting into normal mode re-enables the credential provider and everything works.
Is there another way to modify the settings, or can that only be done via REGEDIT? I am concerned about installing the credential provider as the default provider without validating that it works on a few machines and ran into this problem.
Is Windows 10 fully supported?
Once this is tested and working, I go to windows --> settings --> apps & features --> OpenOTP
Then Modify Settings
Install "Default Provider"
Keep all the same settings
Log out, log back in and get the error "Can not Initialize Endpoint".
The webadm.log on the server does not show any connection attempt.
Rebooting in windows safemode, you cannot use the Windows Installer so I go to REGEDIT and go to "HKEY_LOCAL_MACHINE/SOFTWARE/RCDevs/OpenOTP-CP"
The settings are lost.
The CA file and server_url are both blank.
Editing the CA file location and adding the server_url back, then rebooting into normal mode re-enables the credential provider and everything works.
Is there another way to modify the settings, or can that only be done via REGEDIT? I am concerned about installing the credential provider as the default provider without validating that it works on a few machines and ran into this problem.
Is Windows 10 fully supported?
francois...@rcdevs.com
Feb 19, 2018, 2:15:44 AM2/19/18
to RCDevs Security Solutions - Technical
Hi Ashley,
What is the version of the credential provider and what is the user who launch the credential provider setup?
You can also define it as default credential provider with these powershell commands:
New-Item -Path "HKLM:/SOFTWARE/Microsoft/Windows/CurrentVersion/Authentication/Credential Provider Filters/{5AE8C610-7541-4FF8-9845-C363410D574C}" -Force
Set-ItemProperty -Path "HKLM:/SOFTWARE/Microsoft/Windows/CurrentVersion/Authentication/Credential Provider Filters/{5AE8C610-7541-4FF8-9845-C363410D574C}" -name '(Default)' -Value OpenOTPCredentialProviderFilter
Ashley Nichols
Feb 25, 2018, 7:53:25 AM2/25/18
to RCDevs Security Solutions - Technical
We are using WebADM version 1.6.1-1 and Credential Provider 1.2.0-2-x64 on Windows 10 Enterprise fully updated. Credential Provider was installed using a Domain Admin account.
Yoann Traut (RCDevs)
Mar 26, 2018, 10:18:31 AM3/26/18
to RCDevs Security Solutions - Technical
Did you install the CP with the exe file or msi file ?
Regards
Reply all
Reply to author
Forward
0 new messages