Cannot get user/group downloading working from AD - how can I enable more logging?
sorry for the lack of formatting. I can't work out how to post anything than a block of text.
I'm playing around with MultiOTP on a windows server attempting to set up a 2FA system.
Everything went smoothly up to the point of actually downloading the group/users when the system always indicates no updates:
```
C:\MultiOTP\Windows>multiotp -debug -display-log -ldap-users-sync
LOG 2024-06-06 09:31:54 debug LDAP Debug: *AD/LDAP synchronization started at 09:31:54 / Memory used: 14.5MB / Peak: 27.1MB
LOG 2024-06-06 09:31:54 info LDAP Info: AD/LDAP synchronization started
LOG 2024-06-06 09:31:54 debug System Debug: *LDAP cache folder value: C:\Users\ADMIN-~1\AppData\Local\Temp\.ldap_cache/
LOG 2024-06-06 09:31:54 info LDAP Info: No update for the 0 LDAP synced users, based on 1 LDAP entries (processed in 00:00:00)
19 *INFO: Requested operation successfully done
```
As far as I can tell my LDAP connection is correctly configured. I have a single group with a single test user in the group. I've tried adding a new user to the group to see if that provoked any changed but it always indicates 0 ldap synced users
If I connect to ldap using an ldap client tool, it works and allows me to see the contents of the group and can browse around the AD objects without any problems. So the account I'm using works fine - its a specially created account.
Is there a way to enable verbose logging which will log the tcp open, each message, etc.?
I've been over the documentation but can't find anything which will enable detailed debug logging.
If I execute
multiotp -ldap-check -debug
it reports nothing at all, no errors, no warnings.
This discussion has been closed.
Comments
Have you checked : https://github.com/multiOTP/multiotp#how-to-configure-multiotp-to-synchronized-the-users-from-an-active-directory- ?
Best regards