OTP Credentials not working on RDP Sessions but does at normal login
SITC
I have installed OTPCredential provider for windows on our RDS server. It correctly requires the OTP at the desktop login screen, however, it is not requiring the OTP during RDS server remote logins.
What step did I miss here?
Thanks in advance!
Yoann Traut (RCDevs)
Sean Pennington
So in order for OTP Auth to work using RDS I must have the OTPCP installed on my local PC?
If that’s the case then that will essentially make it so that an RDS connection using the Microsoft remote desktop connection app on my cell phone would not work. Is that correct?
Best Regards,
--
You received this message because you are subscribed to a topic in the Google Groups "RCDevs Security Solutions - Technical" group.
To unsubscribe from this topic, visit
https://groups.google.com/d/topic/rcdevs-technical/m3cu5AvvDQc/unsubscribe.
To unsubscribe from this group and all its topics, send an email to
rcdevs-technic...@googlegroups.com.
To post to this group, send email to
rcdevs-t...@googlegroups.com.
Visit this group at https://groups.google.com/group/rcdevs-technical.
For more options, visit https://groups.google.com/d/optout.
|
||||||||||||||
|
||||||||||||||
|
Sean Pennington
Yoann,
Disregard my last post, it appears that as the default provider it does require the login regardless, however, when logging in it only allows login, and then it seems to go to an endless please wait, until it finally kicks me back to the Ctrl-Alt-Delete screen for login again.
What’s going on here?
|
||||||
|
|
|
--
Yoann Traut (RCDevs)
Yoann Traut (RCDevs)
Sean Pennington
Yes, I hit ctrl-alt-del and it shows the rcdev logo, and asks for username\password, after entering both it says please wait….
After a time it goes back to the ctrl-alt-del screen and the process then must start again, but it does not take me to the otp request screen or the desktop.
I did change the installation so the it was the default CP. That is when I stopped being able to login.
Best Regards,
From: rcdevs-t...@googlegroups.com [mailto:rcdevs-t...@googlegroups.com] On Behalf Of Yoann Traut (RCDevs)
Sent: Friday, October 13, 2017 9:11 AM
To: RCDevs Security Solutions - Technical <rcdevs-t...@googlegroups.com>
--
You received this message because you are subscribed to a topic in the Google Groups "RCDevs Security Solutions - Technical" group.
To unsubscribe from this topic, visit
https://groups.google.com/d/topic/rcdevs-technical/m3cu5AvvDQc/unsubscribe.
To unsubscribe from this group and all its topics, send an email to
rcdevs-technic...@googlegroups.com.
To post to this group, send email to
rcdevs-t...@googlegroups.com.
Visit this group at https://groups.google.com/group/rcdevs-technical.
For more options, visit https://groups.google.com/d/optout.
Yoann Traut (RCDevs)
Sean Pennington
Okay, well I had changed it to use OTPCP as the default credential provider.
I login with my user name, and the OTP password, NOT my LDAP password. It says please wait and eventually times out. What could I be missing at this point?
Best Regards,
From: rcdevs-t...@googlegroups.com [mailto:rcdevs-t...@googlegroups.com]
On Behalf Of Yoann Traut (RCDevs)
Sent: Friday, October 13, 2017 9:24 AM
To: RCDevs Security Solutions - Technical <rcdevs-t...@googlegroups.com>
Subject: Re: [RCDevs Technical] Re: OTP Credentials not working on RDP Sessions but does at normal login
Sorry, CP installation is not mandatory on your local machine... You can use the default Credential provider through rdp tool and LDAP credential will be play on the remote server, and normally you just have to enter the OTP when the remote session start.
Regards
--
You received this message because you are subscribed to a topic in the Google Groups "RCDevs Security Solutions - Technical" group.
To unsubscribe from this topic, visit
https://groups.google.com/d/topic/rcdevs-technical/m3cu5AvvDQc/unsubscribe.
To unsubscribe from this group and all its topics, send an email to
rcdevs-technic...@googlegroups.com.
To post to this group, send email to
rcdevs-t...@googlegroups.com.
Visit this group at https://groups.google.com/group/rcdevs-technical.
For more options, visit https://groups.google.com/d/optout.
Yoann Traut (RCDevs)
Hello,
Sean Pennington
Lol, okay, that may have created a problem. I have the OTPCP setup only for only the otp (simple), so what do I have to do to fix this as otpcp is the default CP currently?
Once I can get into the install I think I understand to select normal mode next time through, but I have to get to that point, one more pointer in the right direction would be great! Thank you for your assistance and patience, this has been a very unique and fun experience thus far for me.
Best Regards,
From: rcdevs-t...@googlegroups.com [mailto:rcdevs-t...@googlegroups.com]
On Behalf Of Yoann Traut (RCDevs)
Sent: Friday, October 13, 2017 11:28 AM
To: RCDevs Security Solutions - Technical <rcdevs-t...@googlegroups.com>
Subject: Re: [RCDevs Technical] Re: OTP Credentials not working on RDP Sessions but does at normal login
Hello,
You can not use the login mode OTP only on Windows... Windows have to check your LDAP password
Regards
--
You received this message because you are subscribed to a topic in the Google Groups "RCDevs Security Solutions - Technical" group.
To unsubscribe from this topic, visit
https://groups.google.com/d/topic/rcdevs-technical/m3cu5AvvDQc/unsubscribe.
To unsubscribe from this group and all its topics, send an email to
rcdevs-technic...@googlegroups.com.
To post to this group, send email to
rcdevs-t...@googlegroups.com.
Visit this group at https://groups.google.com/group/rcdevs-technical.
For more options, visit https://groups.google.com/d/optout.
|
||||||
|
|
Yoann Traut (RCDevs)
Sean Pennington
Okay, then we’re back to the same problem where the server says please wait, and then eventually returns to the ctrl-alt-del screen and never gets to the 2nd page for OTP.
I have the gateway serverworking properly, but not the RDS server. Unfortunately the RDS I need working more than the gateway. But this doe slead me to believe that the RDS may have had something go goofy during the OTPCP install. So the next question is how do I remove OTPCP off of the RDS server so that I can try re-installing it since I can’t login during normal bootup, and safe mode doesn’t allow uninstall?
Best Regards,
From: rcdevs-t...@googlegroups.com [mailto:rcdevs-t...@googlegroups.com]
On Behalf Of Yoann Traut (RCDevs)
Sent: Friday, October 13, 2017 11:44 AM
To: RCDevs Security Solutions - Technical <rcdevs-t...@googlegroups.com>
Subject: Re: [RCDevs Technical] Re: OTP Credentials not working on RDP Sessions but does at normal login
Simple Mode & Normal Mode in the CP installation are not the settings for authentication policy OTP only or LDAP OTP.
--
You received this message because you are subscribed to a topic in the Google Groups "RCDevs Security Solutions - Technical" group.
To unsubscribe from this topic, visit
https://groups.google.com/d/topic/rcdevs-technical/m3cu5AvvDQc/unsubscribe.
To unsubscribe from this group and all its topics, send an email to
rcdevs-technic...@googlegroups.com.
To post to this group, send email to
rcdevs-t...@googlegroups.com.
Visit this group at https://groups.google.com/group/rcdevs-technical.
For more options, visit https://groups.google.com/d/optout.
Yoann Traut (RCDevs)
Sean Pennington
That’s great, and will help someone else I’m sure as it answers my question very well.
I searched a little in the forums and found this:
Essentially I just fixed the issue with opening safe mode and editing the register entry located under: HKLM\Software\RCDEVS\OpenOTP-CP\
Ca_file: C:\Program Files\RCDevs\OpenOTP Credential Provider\ca.crt
Server_url: https://192.168.x.x:8443/openotp
When I looked in the registry it had the ca and server keys blank. Once I set them to the above and rebooted into normal mode everything works as intended. Even have the company logo showing rather than RCdev logo.
It’s a beautiful thing!
Thank you very much for all your help, this has me right where I want us to be!
Best Regards,
From: rcdevs-t...@googlegroups.com [mailto:rcdevs-t...@googlegroups.com]
On Behalf Of Yoann Traut (RCDevs)
Sent: Friday, October 13, 2017 12:17 PM
To: RCDevs Security Solutions - Technical <rcdevs-t...@googlegroups.com>
Subject: Re: [RCDevs Technical] Re: OTP Credentials not working on RDP Sessions but does at normal login
boot in safe mode and in system32 you will find OpenOTPCredentialProvider.dll.
Rename the dll, reboot and your are able to logon on with the default windows CP.
Regards
--
You received this message because you are subscribed to a topic in the Google Groups "RCDevs Security Solutions - Technical" group.
To unsubscribe from this topic, visit
https://groups.google.com/d/topic/rcdevs-technical/m3cu5AvvDQc/unsubscribe.
To unsubscribe from this group and all its topics, send an email to
rcdevs-technic...@googlegroups.com.
To post to this group, send email to
rcdevs-t...@googlegroups.com.
Visit this group at https://groups.google.com/group/rcdevs-technical.
For more options, visit https://groups.google.com/d/optout.