Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
20.1 Legacy Series
»
[Solved] LDAP + TOTP authentication failure
« previous
next »
Print
Pages:
1
2
[
3
]
Author
Topic: [Solved] LDAP + TOTP authentication failure (Read 18311 times)
CraigS
Newbie
Posts: 25
Karma: 2
Re: LDAP + TOTP authentication failure
«
Reply #30 on:
August 12, 2020, 08:54:41 pm »
Hi mimugmail,
So I set both the local user and the ldap user's otp seed to be the same.
Google authenticator shows the same otp for both users.
local+totp works 100%
ldap+totp fails.
Just ldap works 100%
I would think the totp token is not the problem.
ntpd.log shows this but local+totp still works:
Aug 12 21:09:10 pta-vpn1-2fa ntpd[27650]: ntpd exiting on signal 15 (Terminated)
Aug 12 21:09:10 pta-vpn1-2fa ntpd[27650]: 146.64.x.x local addr 146.64.x.x -> <null>
Aug 12 21:09:10 pta-vpn1-2fa ntpd[27650]: 146.64.x.x local addr 146.64.x.x -> <null>
Aug 12 21:09:10 pta-vpn1-2fa ntpd[57512]: ntpd 4.2.8p15@1.3728-o Tue Jul 28 02:25:36 UTC 2020 (1): Starting
Aug 12 21:09:10 pta-vpn1-2fa ntpd[57512]: Command line: /usr/local/sbin/ntpd -g -c /var/etc/ntpd.conf -p /var/run/ntpd.pid
Aug 12 21:09:10 pta-vpn1-2fa ntpd[57512]: ----------------------------------------------------
Aug 12 21:09:10 pta-vpn1-2fa ntpd[57512]: ntp-4 is maintained by Network Time Foundation,
Aug 12 21:09:10 pta-vpn1-2fa ntpd[57512]: Inc. (NTF), a non-profit 501(c)(3) public-benefit
Aug 12 21:09:10 pta-vpn1-2fa ntpd[57512]: corporation. Support and training for ntp-4 are
Aug 12 21:09:10 pta-vpn1-2fa ntpd[57512]: available at
https://www.nwtime.org/support
Aug 12 21:09:10 pta-vpn1-2fa ntpd[57512]: ----------------------------------------------------
Aug 12 21:09:10 pta-vpn1-2fa ntpd[19912]: proto: precision = 0.978 usec (-20)
Aug 12 21:09:10 pta-vpn1-2fa ntpd[19912]: basedate set to 2020-07-16
Aug 12 21:09:10 pta-vpn1-2fa ntpd[19912]: gps base set to 2020-07-19 (week 2115)
Aug 12 21:09:10 pta-vpn1-2fa ntpd[19912]: restrict: 'monitor' cannot be disabled while 'limited' is enabled
Aug 12 21:09:10 pta-vpn1-2fa ntpd[19912]: Listen and drop on 0 v6wildcard [::]:123
Aug 12 21:09:10 pta-vpn1-2fa ntpd[19912]: Listen and drop on 1 v4wildcard 0.0.0.0:123
Aug 12 21:09:10 pta-vpn1-2fa ntpd[19912]: Listen normally on 2 vmx0 146.64.x.x:123
Aug 12 21:09:10 pta-vpn1-2fa ntpd[19912]: Listen normally on 3 vmx0 [fe80::250:56ff:fe9a:d3b8%1]:123
Aug 12 21:09:10 pta-vpn1-2fa ntpd[19912]: Listen normally on 4 lo0 [::1]:123
Aug 12 21:09:10 pta-vpn1-2fa ntpd[19912]: Listen normally on 5 lo0 127.0.0.1:123
Aug 12 21:09:10 pta-vpn1-2fa ntpd[19912]: Listening on routing socket on fd #26 for interface updates
Aug 12 21:09:10 pta-vpn1-2fa ntpd[19912]: kernel reports TIME_ERROR: 0x2041: Clock Unsynchronized
Aug 12 21:09:10 pta-vpn1-2fa ntpd[19912]: kernel reports TIME_ERROR: 0x2041: Clock Unsynchronized
«
Last Edit: August 12, 2020, 09:11:57 pm by CraigS
»
Logged
mimugmail
Hero Member
Posts: 6766
Karma: 494
Re: LDAP + TOTP authentication failure
«
Reply #31 on:
August 12, 2020, 09:55:45 pm »
The only thing I can offer is that you came to IRC in late August and I have a quick view via Teamviewer
Logged
WWW:
www.routerperformance.net
Support plans:
https://www.max-it.de/en/it-services/opnsense/
Commercial Plugins (German):
https://opnsense.max-it.de/
CraigS
Newbie
Posts: 25
Karma: 2
Re: LDAP + TOTP authentication failure
«
Reply #32 on:
August 31, 2020, 04:07:28 pm »
Hi mimugmail,
Apologies for the late reply.
I am busy purchasing a business subscription and support hours for this and a few more issues.
Will give feedback when I know what the heck is going on, even if I was flatheaded.
Thank you very much for trying to help.
Regards,
Craig.
Logged
mimugmail
Hero Member
Posts: 6766
Karma: 494
Re: LDAP + TOTP authentication failure
«
Reply #33 on:
August 31, 2020, 04:25:07 pm »
I'm quite sure the guys will find it
Logged
WWW:
www.routerperformance.net
Support plans:
https://www.max-it.de/en/it-services/opnsense/
Commercial Plugins (German):
https://opnsense.max-it.de/
CraigS
Newbie
Posts: 25
Karma: 2
Re: LDAP + TOTP authentication failure
«
Reply #34 on:
October 22, 2020, 10:47:34 am »
Hi Mimugmail,
So the entire issue was because our LDAP is case sensitive.
I was using cstrydom instead of CStrydom to login.
Ad look and tested for a while and came up with that brilliant deduction.
I would never have thought about it.
Regards,
Craig.
Logged
mimugmail
Hero Member
Posts: 6766
Karma: 494
Re: [Solved] LDAP + TOTP authentication failure
«
Reply #35 on:
October 22, 2020, 12:13:19 pm »
Really? Wasn't it the case that OPN didn't even tried an initial LDAP connection?
Logged
WWW:
www.routerperformance.net
Support plans:
https://www.max-it.de/en/it-services/opnsense/
Commercial Plugins (German):
https://opnsense.max-it.de/
Print
Pages:
1
2
[
3
]
« previous
next »
OPNsense Forum
»
Archive
»
20.1 Legacy Series
»
[Solved] LDAP + TOTP authentication failure