OpenOTP deployment in Docker on WSL with Active Directory integration

14 views
Skip to first unread message

Любомир Фальфушинський

unread,
Sep 26, 2025, 4:28:39 AM (9 days ago) Sep 26
to RCDevs Security

Good day!

I have a problem. I installed OpenOTP in Docker WSL over Windows Server host. During the setup, I followed a video tutorial, although it already differs significantly from the installation process for the current version of the product.

I tried specifying the correct domain user credentials during installation, edited the servers configuration file, and also tested the connection to Active Directory through the LDAP container (the connection works). However, in the end, when it comes to logging in to the WebADM portal, with installation option 3 I can log in using a domain admin group account, but I cannot perform any action despite the fact that I can see the AD tree . With installation option 4 I cannot log in at all, and the portal shows that the user is not authorized.

I cannot figure out whether I am misconfiguring the system, or if the system is incorrectly interpreting the user’s CN and DN values when installing, or if there is some other issue. Maybe, just maybe there is a superuser that not depends on installed options. I kindly ask for your help in resolving this problem, as i'm in situation where my manager wants either results or my blood, and I’ve been working with this topic for a  month, and still trying to break through without a result.

For reference, my credentials are: domain lc.utel.local, users from the Administrators and Domain Admins groups — Administrator and webadm_proxy (both are in both groups). Windows server host IP address is 10.20.20.15, with ports forwarded as 8445:443, 8443:8443, 389:389, 3306:3306, 4000:4000, 5000:5000.

I was lucky to come across a product that enables MFA for Winlogon in an offline environment, but I am terribly short on time and afraid I won’t manage to meet the deadlines.

Yoann Traut (RCDevs)

unread,
Sep 26, 2025, 4:48:17 AM (9 days ago) Sep 26
to RCDevs Security

Hello,

The video tutorials were created a few years ago and are no longer up to date.
Based on the information you provided, it’s a bit difficult to move forward and assist you with your issue.

Please note that WebADM/OpenOTP in an air-gapped environment requires an enterprise license. Our sales team contacted you in mid-September to provide information, but it seems you did not reply. Kindly respond to our sales team, and we can then arrange a technical call to help move your setup forward.

Regards,

Reply all
Reply to author
Forward
0 new messages