If you want to subscribe to this forum, use your Facebook account, or send us an email to forum - at - multiotp - dot - net and we will send you back an invitation.
AD-LDAP user not working until CLI login
I have everything set up to sync AD users with MultiOTP. I have an AD group VPNUsers that I put users in, and when I run the MultiOTP sync, it creates the user accounts that exist in that group. So far, so good.
However, I'm trying to authenticate the user using the check user function on the web console at on port 58112, and the authentication fails. Once I go to the (Windows) MultiOTP server and run 'multiotp username passwordprefixand6digitcode', I get back 'Filter-ID += "VPNUsers"'. Then, and only then, does the web console work.
Looking at the user.db, other than things like last_login field, I'm just seeing the ldap_hash_cache field go from blank to a long string, and ldap_hash_validity go from 0 to 1504016776.
What is going on that needs the CLI login to happen before the web login works?