2FA i.e. OTP + LDAP (Win AD) issue

Hi,
I am trying to test PI on Ubuntu 14.04. TOTP and Psssthru works fine
individually. but in policy {“otppin”: “userstore”}, its not working.
following are the logs of the said operation.

username=user98
domainname=zaxis

[2016-04-20
22:28:43,775][7593][140706888959744][INFO][privacyidea.lib.user:188] user
u’user98’ found in resolver u’zaxis’
[2016-04-20
22:28:43,776][7593][140706888959744][INFO][privacyidea.lib.user:189] userid
resolved to ‘ac7997d2-5271-4e6e-aba1-39874ad601a3’
[2016-04-20
22:28:43,845][7593][140706888959744][INFO][privacyidea.lib.user:188] user
u’user98’ found in resolver u’zaxis’
[2016-04-20
22:28:43,845][7593][140706888959744][INFO][privacyidea.lib.user:189] userid
resolved to ‘ac7997d2-5271-4e6e-aba1-39874ad601a3’
[2016-04-20
22:28:43,889][7593][140706888959744][INFO][privacyidea.lib.user:188] user
u’user98’ found in resolver u’zaxis’
[2016-04-20
22:28:43,890][7593][140706888959744][INFO][privacyidea.lib.user:189] userid
resolved to ‘ac7997d2-5271-4e6e-aba1-39874ad601a3’
[2016-04-20
22:28:43,949][7593][140706888959744][INFO][privacyidea.lib.user:188] user
u’user98’ found in resolver u’zaxis’
[2016-04-20
22:28:43,949][7593][140706888959744][INFO][privacyidea.lib.user:189] userid
resolved to ‘ac7997d2-5271-4e6e-aba1-39874ad601a3’
[2016-04-20
22:28:44,147][7593][140706888959744][INFO][privacyidea.lib.user:328] User
’’ from realm u’zaxis’ tries to authenticate
[2016-04-20
22:28:44,174][7593][140706888959744][ERROR][privacyidea.lib.user:344] The
user User(login=u’’, realm=u’zaxis’, resolver=’’) exists in NO resolver.
[2016-04-20
22:28:44,279][7593][140706888959744][INFO][privacyidea.lib.user:328] User
’’ from realm u’zaxis’ tries to authenticate
[2016-04-20
22:28:44,312][7593][140706888959744][ERROR][privacyidea.lib.user:344] The
user User(login=u’’, realm=u’zaxis’, resolver=’’) exists in NO resolver.
[2016-04-20
22:28:44,448][7593][140706888959744][INFO][privacyidea.lib.user:188] user
u’user98’ found in resolver u’zaxis’
[2016-04-20
22:28:44,448][7593][140706888959744][INFO][privacyidea.lib.user:189] userid
resolved to ‘ac7997d2-5271-4e6e-aba1-39874ad601a3’
[2016-04-20
22:48:37,158][7593][140707006514944][INFO][privacyidea.lib.user:188] user
u’user98’ found in resolver u’zaxis’
[2016-04-20
22:48:37,159][7593][140707006514944][INFO][privacyidea.lib.user:189] userid
resolved to ‘ac7997d2-5271-4e6e-aba1-39874ad601a3’
[2016-04-20
22:48:37,210][7593][140707006514944][INFO][privacyidea.lib.user:188] user
u’user98’ found in resolver u’zaxis’
[2016-04-20
22:48:37,211][7593][140707006514944][INFO][privacyidea.lib.user:189] userid
resolved to ‘ac7997d2-5271-4e6e-aba1-39874ad601a3’
[2016-04-20
22:48:37,260][7593][140707006514944][INFO][privacyidea.lib.user:188] user
u’user98’ found in resolver u’zaxis’
[2016-04-20
22:48:37,260][7593][140707006514944][INFO][privacyidea.lib.user:189] userid
resolved to ‘ac7997d2-5271-4e6e-aba1-39874ad601a3’
[2016-04-20
22:48:37,299][7593][140707006514944][INFO][privacyidea.lib.user:188] user
u’user98’ found in resolver u’zaxis’
[2016-04-20
22:48:37,299][7593][140707006514944][INFO][privacyidea.lib.user:189] userid
resolved to ‘ac7997d2-5271-4e6e-aba1-39874ad601a3’
[2016-04-20
22:48:37,556][7593][140707006514944][INFO][privacyidea.lib.user:328] User
’’ from realm u’zaxis’ tries to authenticate
[2016-04-20
22:48:37,605][7593][140707006514944][ERROR][privacyidea.lib.user:344] The
user User(login=u’’, realm=u’zaxis’, resolver=’’) exists in NO resolver.
[2016-04-20
22:48:37,725][7593][140707006514944][INFO][privacyidea.lib.user:188] user
u’user98’ found in resolver u’zaxis’
[2016-04-20
22:48:37,726][7593][140707006514944][INFO][privacyidea.lib.user:189] userid
resolved to ‘ac7997d2-5271-4e6e-aba1-39874ad601a3’

Pleeeeez help me with this… Thanx
zia

Debug logs are as followed

01’, u’LDAPSEARCHFILTER’: u’(sAMAccountName=)(objectClass=person)‘,
u’UIDTYPE’: u’objectGUID’, u’BINDPW’: ‘P@kistan1’, u’USERINFO’: u’{
“username”: “sAMAccountName”, “phone” : “telephoneNumber”, “mobile” :
“mobile”, “email” : “mail”, “surname” : “sn”, “givenname” : “givenName” }‘,
u’TIMEOUT’: u’5’, u’SIZELIMIT’: u’500’, u’SCOPE’: u’SUBTREE’,
u’NOREFERRALS’: u’1’, u’LOGINNAMEATTRIBUTE’: u’sAMAccountName’}, ‘type’:
u’ldapresolver’, ‘resolvername’: u’zaxis’}}
[2016-04-20
23:15:32,008][8697][140242422363904][DEBUG][privacyidea.lib.config:118]
Entering get_resolver_list with arguments () and keywords {}
[2016-04-20
23:15:32,008][8697][140242422363904][DEBUG][privacyidea.lib.config:421] None
[2016-04-20
23:15:32,008][8697][140242422363904][DEBUG][privacyidea.lib.config:129]
Exiting get_resolver_list with result
set([‘privacyidea.lib.resolvers.PasswdIdResolver’,
‘privacyidea.lib.resolvers.SCIMIdResolver’,
‘privacyidea.lib.resolvers.SQLIdResolver’,
‘privacyidea.lib.resolvers.LDAPIdResolver’])
[2016-04-20
23:15:32,008][8697][140242422363904][DEBUG][privacyidea.lib.config:553]
using the module list: set([‘privacyidea.lib.resolvers.PasswdIdResolver’,
‘privacyidea.lib.resolvers.SCIMIdResolver’,
‘privacyidea.lib.resolvers.SQLIdResolver’,
‘privacyidea.lib.resolvers.LDAPIdResolver’])
[2016-04-20
23:15:32,008][8697][140242422363904][DEBUG][privacyidea.lib.config:561]
import module: privacyidea.lib.resolvers.PasswdIdResolver
[2016-04-20
23:15:32,008][8697][140242422363904][DEBUG][privacyidea.lib.config:561]
import module: privacyidea.lib.resolvers.SCIMIdResolver
[2016-04-20
23:15:32,009][8697][140242422363904][DEBUG][privacyidea.lib.config:561]
import module: privacyidea.lib.resolvers.SQLIdResolver
[2016-04-20
23:15:32,009][8697][140242422363904][DEBUG][privacyidea.lib.config:561]
import module: privacyidea.lib.resolvers.LDAPIdResolver
[2016-04-20
23:15:32,009][8697][140242422363904][DEBUG][privacyidea.lib.config:374]
module: <module ‘privacyidea.lib.resolvers.PasswdIdResolver’ from
‘/usr/lib/python2.7/dist-packages/privacyidea/lib/resolvers/PasswdIdResolver.pyc’>
[2016-04-20
23:15:32,009][8697][140242422363904][DEBUG][privacyidea.lib.config:374]
module: <module ‘privacyidea.lib.resolvers.SCIMIdResolver’ from
‘/usr/lib/python2.7/dist-packages/privacyidea/lib/resolvers/SCIMIdResolver.pyc’>
[2016-04-20
23:15:32,009][8697][140242422363904][DEBUG][privacyidea.lib.config:374]
module: <module ‘privacyidea.lib.resolvers.SQLIdResolver’ from
‘/usr/lib/python2.7/dist-packages/privacyidea/lib/resolvers/SQLIdResolver.pyc’>
[2016-04-20
23:15:32,009][8697][140242422363904][DEBUG][privacyidea.lib.config:374]
module: <module ‘privacyidea.lib.resolvers.LDAPIdResolver’ from
‘/usr/lib/python2.7/dist-packages/privacyidea/lib/resolvers/LDAPIdResolver.pyc’>
[2016-04-20
23:15:32,010][8697][140242422363904][DEBUG][privacyidea.lib.resolver:118]
Entering get_resolver_config with arguments (u’zaxis’,) and keywords {}
[2016-04-20
23:15:32,010][8697][140242422363904][DEBUG][privacyidea.lib.resolver:118]
Entering get_resolver_list with arguments () and keywords
{‘filter_resolver_name’: u’zaxis’}
[2016-04-20
23:15:32,019][8697][140242422363904][DEBUG][privacyidea.lib.crypto:118]
Entering decryptPassword with arguments
(u’36fd2ba4d66c46ec3cf27f6d4a6150f9:f6bb0a6c5790e63e252bf7077b4df7cce85b70f14b1d814b3b22a3aaf5fad07e’,)
and keywords {}
[2016-04-20
23:15:32,020][8697][140242422363904][DEBUG][privacyidea.lib.crypto:131]
Exiting decryptPassword with result HIDDEN
[2016-04-20
23:15:32,021][8697][140242422363904][DEBUG][privacyidea.lib.resolver:129]
Exiting get_resolver_list with result {u’zaxis’: {‘data’: {u’BINDDN’:
u’zaxis\administrator’, u’AUTHTYPE’: u’Simple’, u’LDAPFILTER’:
u’(&(sAMAccountName=%s)(objectClass=person))‘, u’LDAPBASE’:
u’cn=users,dc=zaxis,dc=local’, u’LDAPURI’: u’ldap://192.168.56.101’,
u’LDAPSEARCHFILTER’: u’(sAMAccountName=
)(objectClass=person)‘, u’UIDTYPE’:
u’objectGUID’, u’BINDPW’: ‘P@kistan1’, u’USERINFO’: u’{ “username”:
“sAMAccountName”, “phone” : “telephoneNumber”, “mobile” : “mobile”, “email”
: “mail”, “surname” : “sn”, “givenname” : “givenName” }‘, u’TIMEOUT’: u’5’,
u’SIZELIMIT’: u’500’, u’SCOPE’: u’SUBTREE’, u’NOREFERRALS’: u’1’,
u’LOGINNAMEATTRIBUTE’: u’sAMAccountName’}, ‘type’: u’ldapresolver’,
‘resolvername’: u’zaxis’}}
[2016-04-20
23:15:32,021][8697][140242422363904][DEBUG][privacyidea.lib.resolver:129]
Exiting get_resolver_config with result {u’BINDDN’:
u’zaxis\administrator’, u’AUTHTYPE’: u’Simple’, u’LDAPFILTER’:
u’(&(sAMAccountName=%s)(objectClass=person))‘, u’LDAPBASE’:
u’cn=users,dc=zaxis,dc=local’, u’LDAPURI’: u’ldap://192.168.56.101’,
u’LDAPSEARCHFILTER’: u’(sAMAccountName=)(objectClass=person)‘, u’UIDTYPE’:
u’objectGUID’, u’BINDPW’: ‘P@kistan1’, u’USERINFO’: u’{ “username”:
“sAMAccountName”, “phone” : “telephoneNumber”, “mobile” : “mobile”, “email”
: “mail”, “surname” : “sn”, “givenname” : “givenName” }‘, u’TIMEOUT’: u’5’,
u’SIZELIMIT’: u’500’, u’SCOPE’: u’SUBTREE’, u’NOREFERRALS’: u’1’,
u’LOGINNAMEATTRIBUTE’: u’sAMAccountName’}
[2016-04-20
23:15:32,023][8697][140242422363904][DEBUG][privacyidea.lib.resolver:129]
Exiting get_resolver_object with result
<privacyidea.lib.resolvers.LDAPIdResolver.IdResolver object at
0x7f8c9eac5d50>
[2016-04-20
23:15:32,025][8697][140242422363904][DEBUG][privacyidea.lib.resolvers.LDAPIdResolver:535]
Added 192.168.56.101, None, False to server pool.
[2016-04-20
23:15:32,042][8697][140242422363904][DEBUG][privacyidea.lib.token:118]
Entering create_tokenclass_object with arguments (<<class
‘privacyidea.models.Token’> {“‘active’”: ‘True’, “‘count_window’”: ‘10L’,
“‘key_enc’”:
“u’08ee66d0b10a87d34bbfc7e364bac25ce7f5b15dad85b0a6e4bd4c62569ba6bc5630c5f5a9498a6323a6fb9d25f97463268f74925d3771d150bf49855ad11e45bc7258287d605bb9f98135c467e97ee5a6e5f47120f9b01cc7db3c9117579864’”,
“‘pin_hash’”: “u’'”, “‘so_pin’”: “u’'”, “‘user_id’”:
“u’ac7997d2-5271-4e6e-aba1-39874ad601a3’”, “‘otplen’”: ‘6L’, “‘so_pin_iv’”:
“u’'”, “‘serial’”: “u’TOTP00019183’”, “‘revoked’”: ‘False’, “‘locked’”:
‘False’, “‘maxfail’”: ‘1000L’, “‘count’”: ‘48705449L’, “‘pin_seed’”: “u’'”,
“‘sync_window’”: ‘1000L’, “‘description’”: “u’'”, “‘resolver_type’”:
“u’ldapresolver’”, “‘user_pin_iv’”: “u’'”, “‘user_pin’”: “u’'”,
“‘rollout_state’”: “u’'”, “‘failcount’”: ‘3L’, “‘_sa_instance_state’”:
‘<sqlalchemy.orm.state.InstanceState object at 0x7f8c9eab3610>’, “‘id’”:
‘3L’, “‘resolver’”: “u’zaxis’”, “‘key_iv’”:
“u’f8dc64d884c32d8309f27a0f302ce7f4’”, “‘tokentype’”: “u’totp’”}>,) and
keywords {}
[2016-04-20
23:15:32,045][8697][140242422363904][DEBUG][privacyidea.lib.config:118]
Entering get_token_module_list with arguments () and keywords {}
[2016-04-20
23:15:32,045][8697][140242422363904][DEBUG][privacyidea.lib.config:118]
Entering get_token_list with arguments () and keywords {}
[2016-04-20
23:15:32,045][8697][140242422363904][DEBUG][privacyidea.lib.config:492] None
[2016-04-20
23:15:32,046][8697][140242422363904][DEBUG][privacyidea.lib.config:129]
Exiting get_token_list with result set([‘privacyidea.lib.tokens.tiqrtoken’,
‘privacyidea.lib.tokens.smstoken’, ‘privacyidea.lib.tokens.hotptoken’,
‘privacyidea.lib.tokens.remotetoken’, ‘privacyidea.lib.tokens.yubicotoken’,
‘privacyidea.lib.tokens.registrationtoken’,
‘privacyidea.lib.tokens.passwordtoken’, ‘privacyidea.lib.tokens.motptoken’,
‘privacyidea.lib.tokens.emailtoken’, ‘privacyidea.lib.tokens.papertoken’,
‘privacyidea.lib.tokens.daplugtoken’, ‘privacyidea.lib.tokens.spasstoken’,
‘privacyidea.lib.tokens.certificatetoken’,
‘privacyidea.lib.tokens.foureyestoken’,
‘privacyidea.lib.tokens.questionnairetoken’,
‘privacyidea.lib.tokens.yubikeytoken’, ‘privacyidea.lib.tokens.u2ftoken’,
‘privacyidea.lib.tokens.sshkeytoken’, ‘privacyidea.lib.tokens.totptoken’,
‘privacyidea.lib.tokens.radiustoken’])
[2016-04-20
23:15:32,046][8697][140242422363904][DEBUG][privacyidea.lib.config:517]
using the module list: set([‘privacyidea.lib.tokens.tiqrtoken’,
‘privacyidea.lib.tokens.smstoken’, ‘privacyidea.lib.tokens.hotptoken’,
‘privacyidea.lib.tokens.remotetoken’, ‘privacyidea.lib.tokens.yubicotoken’,
‘privacyidea.lib.tokens.registrationtoken’,
‘privacyidea.lib.tokens.passwordtoken’, ‘privacyidea.lib.tokens.motptoken’,
‘privacyidea.lib.tokens.emailtoken’, ‘privacyidea.lib.tokens.papertoken’,
‘privacyidea.lib.tokens.daplugtoken’, ‘privacyidea.lib.tokens.spasstoken’,
‘privacyidea.lib.tokens.certificatetoken’,
‘privacyidea.lib.tokens.foureyestoken’,
‘privacyidea.lib.tokens.questionnairetoken’,
‘privacyidea.lib.tokens.yubikeytoken’, ‘privacyidea.lib.tokens.u2ftoken’,
‘privacyidea.lib.tokens.sshkeytoken’, ‘privacyidea.lib.tokens.totptoken’,
‘privacyidea.lib.tokens.radiustoken’])
[2016-04-20
23:15:32,046][8697][140242422363904][DEBUG][privacyidea.lib.config:531]
import module: privacyidea.lib.tokens.tiqrtoken
[2016-04-20
23:15:32,046][8697][140242422363904][DEBUG][privacyidea.lib.config:531]
import module: privacyidea.lib.tokens.smstoken
[2016-04-20
23:15:32,046][8697][140242422363904][DEBUG][privacyidea.lib.config:531]
import module: privacyidea.lib.tokens.hotptoken
[2016-04-20
23:15:32,047][8697][140242422363904][DEBUG][privacyidea.lib.config:531]
import module: privacyidea.lib.tokens.remotetoken
[2016-04-20
23:15:32,047][8697][140242422363904][DEBUG][privacyidea.lib.config:531]
import module: privacyidea.lib.tokens.yubicotoken
[2016-04-20
23:15:32,047][8697][140242422363904][DEBUG][privacyidea.lib.config:531]
import module: privacyidea.lib.tokens.registrationtoken
[2016-04-20
23:15:32,047][8697][140242422363904][DEBUG][privacyidea.lib.config:531]
import module: privacyidea.lib.tokens.passwordtoken
[2016-04-20
23:15:32,047][8697][140242422363904][DEBUG][privacyidea.lib.config:531]
import module: privacyidea.lib.tokens.motptoken
[2016-04-20
23:15:32,047][8697][140242422363904][DEBUG][privacyidea.lib.config:531]
import module: privacyidea.lib.tokens.emailtoken
[2016-04-20
23:15:32,047][8697][140242422363904][DEBUG][privacyidea.lib.config:531]
import module: privacyidea.lib.tokens.papertoken
[2016-04-20
23:15:32,048][8697][140242422363904][DEBUG][privacyidea.lib.config:531]
import module: privacyidea.lib.tokens.daplugtoken
[2016-04-20
23:15:32,048][8697][140242422363904][DEBUG][privacyidea.lib.config:531]
import module: privacyidea.lib.tokens.spasstoken
[2016-04-20
23:15:32,048][8697][140242422363904][DEBUG][privacyidea.lib.config:531]
import module: privacyidea.lib.tokens.certificatetoken
[2016-04-20
23:15:32,048][8697][140242422363904][DEBUG][privacyidea.lib.config:531]
import module: privacyidea.lib.tokens.foureyestoken
[2016-04-20
23:15:32,048][8697][140242422363904][DEBUG][privacyidea.lib.config:531]
import module: privacyidea.lib.tokens.questionnairetoken
[2016-04-20
23:15:32,048][8697][140242422363904][DEBUG][privacyidea.lib.config:531]
import module: privacyidea.lib.tokens.yubikeytoken
[2016-04-20
23:15:32,048][8697][140242422363904][DEBUG][privacyidea.lib.config:531]
import module: privacyidea.lib.tokens.u2ftoken
[2016-04-20
23:15:32,048][8697][140242422363904][DEBUG][privacyidea.lib.config:531]
import module: privacyidea.lib.tokens.sshkeytoken
[2016-04-20
23:15:32,049][8697][140242422363904][DEBUG][privacyidea.lib.config:531]
import module: privacyidea.lib.tokens.totptoken
[2016-04-20
23:15:32,049][8697][140242422363904][DEBUG][privacyidea.lib.config:531]
import module: privacyidea.lib.tokens.radiustoken
[2016-04-20
23:15:32,049][8697][140242422363904][DEBUG][privacyidea.lib.config:129]
Exiting get_token_module_list with result [<module
‘privacyidea.lib.tokens.tiqrtoken’ from
‘/usr/lib/python2.7/dist-packages/privacyidea/lib/tokens/tiqrtoken.pyc’>,
<module ‘privacyidea.lib.tokens.smstoken’ from
‘/usr/lib/python2.7/dist-packages/privacyidea/lib/tokens/smstoken.pyc’>,
<module ‘privacyidea.lib.tokens.hotptoken’ from
‘/usr/lib/python2.7/dist-packages/privacyidea/lib/tokens/hotptoken.pyc’>,
<module ‘privacyidea.lib.tokens.remotetoken’ from
‘/usr/lib/python2.7/dist-packages/privacyidea/lib/tokens/remotetoken.pyc’>,
<module ‘privacyidea.lib.tokens.yubicotoken’ from
‘/usr/lib/python2.7/dist-packages/privacyidea/lib/tokens/yubicotoken.pyc’>,
<module ‘privacyidea.lib.tokens.registrationtoken’ from
‘/usr/lib/python2.7/dist-packages/privacyidea/lib/tokens/registrationtoken.pyc’>,
<module ‘privacyidea.lib.tokens.passwordtoken’ from
‘/usr/lib/python2.7/dist-packages/privacyidea/lib/tokens/passwordtoken.pyc’>,
<module ‘privacyidea.lib.tokens.motptoken’ from
‘/usr/lib/python2.7/dist-packages/privacyidea/lib/tokens/motptoken.pyc’>,
<module ‘privacyidea.lib.tokens.emailtoken’ from
‘/usr/lib/python2.7/dist-packages/privacyidea/lib/tokens/emailtoken.pyc’>,
<module ‘privacyidea.lib.tokens.papertoken’ from
‘/usr/lib/python2.7/dist-packages/privacyidea/lib/tokens/papertoken.pyc’>,
<module ‘privacyidea.lib.tokens.daplugtoken’ from
‘/usr/lib/python2.7/dist-packages/privacyidea/lib/tokens/daplugtoken.pyc’>,
<module ‘privacyidea.lib.tokens.spasstoken’ from
‘/usr/lib/python2.7/dist-packages/privacyidea/lib/tokens/spasstoken.pyc’>,
<module ‘privacyidea.lib.tokens.certificatetoken’ from
‘/usr/lib/python2.7/dist-packages/privacyidea/lib/tokens/certificatetoken.pyc’>,
<module ‘privacyidea.lib.tokens.foureyestoken’ from
‘/usr/lib/python2.7/dist-packages/privacyidea/lib/tokens/foureyestoken.pyc’>,
<module ‘privacyidea.lib.tokens.questionnairetoken’ from
‘/usr/lib/python2.7/dist-packages/privacyidea/lib/tokens/questionnairetoken.pyc’>,
<module ‘privacyidea.lib.tokens.yubikeytoken’ from
‘/usr/lib/python2.7/dist-packages/privacyidea/lib/tokens/yubikeytoken.pyc’>,
<module ‘privacyidea.lib.tokens.u2ftoken’ from
‘/usr/lib/python2.7/dist-packages/privacyidea/lib/tokens/u2ftoken.pyc’>,
<module ‘privacyidea.lib.tokens.sshkeytoken’ from
‘/usr/lib/python2.7/dist-packages/privacyidea/lib/tokens/sshkeytoken.pyc’>,
<module ‘privacyidea.lib.tokens.totptoken’ from
‘/usr/lib/python2.7/dist-packages/privacyidea/lib/tokens/totptoken.pyc’>,
<module ‘privacyidea.lib.tokens.radiustoken’ from
‘/usr/lib/python2.7/dist-packages/privacyidea/lib/tokens/radiustoken.pyc’>]
[2016-04-20
23:15:32,050][8697][140242422363904][DEBUG][privacyidea.lib.tokens.totptoken:118]
Entering init with arguments (<<class
‘privacyidea.lib.tokens.totptoken.TotpTokenClass’> {}>, <<class
‘privacyidea.models.Token’> {“‘active’”: ‘True’, “‘count_window’”: ‘10L’,
“‘key_enc’”:
“u’08ee66d0b10a87d34bbfc7e364bac25ce7f5b15dad85b0a6e4bd4c62569ba6bc5630c5f5a9498a6323a6fb9d25f97463268f74925d3771d150bf49855ad11e45bc7258287d605bb9f98135c467e97ee5a6e5f47120f9b01cc7db3c9117579864’”,
“‘pin_hash’”: “u’'”, “‘so_pin’”: “u’'”, “‘user_id’”:
“u’ac7997d2-5271-4e6e-aba1-39874ad601a3’”, “‘otplen’”: ‘6L’, “‘so_pin_iv’”:
“u’'”, “‘serial’”: “u’TOTP00019183’”, “‘revoked’”: ‘False’, “‘locked’”:
‘False’, “‘maxfail’”: ‘1000L’, “‘count’”: ‘48705449L’, “‘pin_seed’”: “u’'”,
“‘sync_window’”: ‘1000L’, “‘description’”: “u’'”, “‘resolver_type’”:
“u’ldapresolver’”, “‘user_pin_iv’”: “u’'”, “‘user_pin’”: “u’'”,
“‘rollout_state’”: “u’'”, “‘failcount’”: ‘3L’, “‘_sa_instance_state’”:
‘<sqlalchemy.orm.state.InstanceState object at 0x7f8c9eab3610>’, “‘id’”:
‘3L’, “‘resolver’”: “u’zaxis’”, “‘key_iv’”:
“u’f8dc64d884c32d8309f27a0f302ce7f4’”, “‘tokentype’”: “u’totp’”}>) and
keywords {}
[2016-04-20
23:15:32,050][8697][140242422363904][DEBUG][privacyidea.lib.tokenclass:118]
Entering init with arguments (<<class
‘privacyidea.lib.tokens.totptoken.TotpTokenClass’> {}>, <<class
‘privacyidea.models.Token’> {“‘active’”: ‘True’, “‘count_window’”: ‘10L’,
“‘key_enc’”:
“u’08ee66d0b10a87d34bbfc7e364bac25ce7f5b15dad85b0a6e4bd4c62569ba6bc5630c5f5a9498a6323a6fb9d25f97463268f74925d3771d150bf49855ad11e45bc7258287d605bb9f98135c467e97ee5a6e5f47120f9b01cc7db3c9117579864’”,
“‘pin_hash’”: “u’'”, “‘so_pin’”: “u’'”, “‘user_id’”:
“u’ac7997d2-5271-4e6e-aba1-39874ad601a3’”, “‘otplen’”: ‘6L’, “‘so_pin_iv’”:
“u’'”, “‘serial’”: “u’TOTP00019183’”, “‘revoked’”: ‘False’, “‘locked’”:
‘False’, “‘maxfail’”: ‘1000L’, “‘count’”: ‘48705449L’, “‘pin_seed’”: “u’'”,
“‘sync_window’”: ‘1000L’, “‘description’”: “u’'”, “‘resolver_type’”:
“u’ldapresolver’”, “‘user_pin_iv’”: “u’'”, “‘user_pin’”: “u’'”,
“‘rollout_state’”: “u’'”, “‘failcount’”: ‘3L’, “‘_sa_instance_state’”:
‘<sqlalchemy.orm.state.InstanceState object at 0x7f8c9eab3610>’, “‘id’”:
‘3L’, “‘resolver’”: “u’zaxis’”, “‘key_iv’”:
“u’f8dc64d884c32d8309f27a0f302ce7f4’”, “‘tokentype’”: “u’totp’”}>) and
keywords {}
[2016-04-20
23:15:32,050][8697][140242422363904][DEBUG][privacyidea.lib.tokenclass:129]
Exiting init with result None
[2016-04-20
23:15:32,050][8697][140242422363904][DEBUG][privacyidea.lib.tokens.totptoken:129]
Exiting init with result None
[2016-04-20
23:15:32,055][8697][140242422363904][DEBUG][privacyidea.lib.token:129]
Exiting create_tokenclass_object with result <<class
‘privacyidea.lib.tokens.totptoken.TotpTokenClass’> {“‘token’”: ‘<<class
'privacyidea.models.Token'> {“'active'”: 'True', “'count_window'”:
'10L', “'key_enc'”:
“u'08ee66d0b10a87d34bbfc7e364bac25ce7f5b15dad85b0a6e4bd4c62569ba6bc5630c5f5a9498a6323a6fb9d25f97463268f74925d3771d150bf49855ad11e45bc7258287d605bb9f98135c467e97ee5a6e5f47120f9b01cc7db3c9117579864'”,
“'pin_hash'”: “u''”, “'so_pin'”: “u''”, “'user_id'”:
“u'ac7997d2-5271-4e6e-aba1-39874ad601a3'”, “'otplen'”: '6L',
“'so_pin_iv'”: “u''”, “'serial'”: “u'TOTP00019183'”, “'revoked'”:
'False', “'locked'”: 'False', “'maxfail'”: '1000L', “'count'”:
'48705449L', “'pin_seed'”: “u''”, “'sync_window'”: '1000L',
“'description'”: “u''”, “'resolver_type'”: “u'ldapresolver'”,
“'user_pin_iv'”: “u''”, “'user_pin'”: “u''”, “'rollout_state'”:
“u''”, “'failcount'”: '3L', “'_sa_instance_state'”:
'<sqlalchemy.orm.state.InstanceState object at 0x7f8c9eab3610>',
“'id'”: '3L', “'resolver'”: “u'zaxis'”, “'key_iv'”:
“u'f8dc64d884c32d8309f27a0f302ce7f4'”, “'tokentype'”: “u'totp'”}>’,
“‘init_details’”: ‘{}’, “‘type’”: “u’totp’”, “‘hKeyRequired’”: ‘True’,
“‘auth_details’”: ‘{}’}>
[2016-04-20
23:15:32,055][8697][140242422363904][DEBUG][privacyidea.lib.token:129]
Exiting get_tokens with result [<<class
‘privacyidea.lib.tokens.totptoken.TotpTokenClass’> {“‘token’”: ‘<<class
'privacyidea.models.Token'> {“'active'”: 'True', “'count_window'”:
'10L', “'key_enc'”:
“u'08ee66d0b10a87d34bbfc7e364bac25ce7f5b15dad85b0a6e4bd4c62569ba6bc5630c5f5a9498a6323a6fb9d25f97463268f74925d3771d150bf49855ad11e45bc7258287d605bb9f98135c467e97ee5a6e5f47120f9b01cc7db3c9117579864'”,
“'pin_hash'”: “u''”, “'so_pin'”: “u''”, “'user_id'”:
“u'ac7997d2-5271-4e6e-aba1-39874ad601a3'”, “'otplen'”: '6L',
“'so_pin_iv'”: “u''”, “'serial'”: “u'TOTP00019183'”, “'revoked'”:
'False', “'locked'”: 'False', “'maxfail'”: '1000L', “'count'”:
'48705449L', “'pin_seed'”: “u''”, “'sync_window'”: '1000L',
“'description'”: “u''”, “'resolver_type'”: “u'ldapresolver'”,
“'user_pin_iv'”: “u''”, “'user_pin'”: “u''”, “'rollout_state'”:
“u''”, “'failcount'”: '3L', “'_sa_instance_state'”:
'<sqlalchemy.orm.state.InstanceState object at 0x7f8c9eab3610>',
“'id'”: '3L', “'resolver'”: “u'zaxis'”, “'key_iv'”:
“u'f8dc64d884c32d8309f27a0f302ce7f4'”, “'tokentype'”: “u'totp'”}>’,
“‘init_details’”: ‘{}’, “‘type’”: “u’totp’”, “‘hKeyRequired’”: ‘True’,
“‘auth_details’”: ‘{}’}>]
[2016-04-20
23:15:32,055][8697][140242422363904][DEBUG][privacyidea.lib.user:118]
Entering get_username with arguments
(u’ac7997d2-5271-4e6e-aba1-39874ad601a3’, u’zaxis’) and keywords {}
[2016-04-20
23:15:32,055][8697][140242422363904][DEBUG][privacyidea.lib.resolver:118]
Entering get_resolver_object with arguments (u’zaxis’,) and keywords {}
[2016-04-20
23:15:32,055][8697][140242422363904][DEBUG][privacyidea.lib.resolver:118]
Entering get_resolver_list with arguments () and keywords
{‘filter_resolver_name’: u’zaxis’}
[2016-04-20
23:15:32,064][8697][140242422363904][DEBUG][privacyidea.lib.crypto:118]
Entering decryptPassword with arguments
(u’36fd2ba4d66c46ec3cf27f6d4a6150f9:f6bb0a6c5790e63e252bf7077b4df7cce85b70f14b1d814b3b22a3aaf5fad07e’,)
and keywords {}
[2016-04-20
23:15:32,070][8697][140242422363904][DEBUG][privacyidea.lib.crypto:131]
Exiting decryptPassword with result HIDDEN
[2016-04-20
23:15:32,071][8697][140242422363904][DEBUG][privacyidea.lib.resolver:129]
Exiting get_resolver_list with result {u’zaxis’: {‘data’: {u’BINDDN’:
u’zaxis\administrator’, u’AUTHTYPE’: u’Simple’, u’LDAPFILTER’:
u’(&(sAMAccountName=%s)(objectClass=person))‘, u’LDAPBASE’:
u’cn=users,dc=zaxis,dc=local’, u’LDAPURI’: u’ldap://192.168.56.101’,
u’LDAPSEARCHFILTER’: u’(sAMAccountName=
)(objectClass=person)‘, u’UIDTYPE’:
u’objectGUID’, u’BINDPW’: ‘P@kistan1’, u’USERINFO’: u’{ “username”:
“sAMAccountName”, “phone” : “telephoneNumber”, “mobile” : “mobile”, “email”
: “mail”, “surname” : “sn”, “givenname” : “givenName” }‘, u’TIMEOUT’: u’5’,
u’SIZELIMIT’: u’500’, u’SCOPE’: u’SUBTREE’, u’NOREFERRALS’: u’1’,
u’LOGINNAMEATTRIBUTE’: u’sAMAccountName’}, ‘type’: u’ldapresolver’,
‘resolvername’: u’zaxis’}}
[2016-04-20
23:15:32,071][8697][140242422363904][DEBUG][privacyidea.lib.config:118]
Entering get_resolver_list with arguments () and keywords {}
[2016-04-20
23:15:32,071][8697][140242422363904][DEBUG][privacyidea.lib.config:421] None
[2016-04-20
23:15:32,072][8697][140242422363904][DEBUG][privacyidea.lib.config:129]
Exiting get_resolver_list with result
set([‘privacyidea.lib.resolvers.PasswdIdResolver’,
‘privacyidea.lib.resolvers.SCIMIdResolver’,
‘privacyidea.lib.resolvers.SQLIdResolver’,
‘privacyidea.lib.resolvers.LDAPIdResolver’])
[2016-04-20
23:15:32,072][8697][140242422363904][DEBUG][privacyidea.lib.config:553]
using the module list: set([‘privacyidea.lib.resolvers.PasswdIdResolver’,
‘privacyidea.lib.resolvers.SCIMIdResolver’,
‘privacyidea.lib.resolvers.SQLIdResolver’,
‘privacyidea.lib.resolvers.LDAPIdResolver’])
[2016-04-20
23:15:32,072][8697][140242422363904][DEBUG][privacyidea.lib.config:561]
import module: privacyidea.lib.resolvers.PasswdIdResolver
[2016-04-20
23:15:32,072][8697][140242422363904][DEBUG][privacyidea.lib.config:561]
import module: privacyidea.lib.resolvers.SCIMIdResolver
[2016-04-20
23:15:32,072][8697][140242422363904][DEBUG][privacyidea.lib.config:561]
import module: privacyidea.lib.resolvers.SQLIdResolver
[2016-04-20
23:15:32,072][8697][140242422363904][DEBUG][privacyidea.lib.config:561]
import module: privacyidea.lib.resolvers.LDAPIdResolver
[2016-04-20
23:15:32,073][8697][140242422363904][DEBUG][privacyidea.lib.config:374]
module: <module ‘privacyidea.lib.resolvers.PasswdIdResolver’ from
‘/usr/lib/python2.7/dist-packages/privacyidea/lib/resolvers/PasswdIdResolver.pyc’>
[2016-04-20
23:15:32,073][8697][140242422363904][DEBUG][privacyidea.lib.config:374]
module: <module ‘privacyidea.lib.resolvers.SCIMIdResolver’ from
‘/usr/lib/python2.7/dist-packages/privacyidea/lib/resolvers/SCIMIdResolver.pyc’>
[2016-04-20
23:15:32,073][8697][140242422363904][DEBUG][privacyidea.lib.config:374]
module: <module ‘privacyidea.lib.resolvers.SQLIdResolver’ from
‘/usr/lib/python2.7/dist-packages/privacyidea/lib/resolvers/SQLIdResolver.pyc’>
[2016-04-20
23:15:32,073][8697][140242422363904][DEBUG][privacyidea.lib.config:374]
module: <module ‘privacyidea.lib.resolvers.LDAPIdResolver’ from
‘/usr/lib/python2.7/dist-packages/privacyidea/lib/resolvers/LDAPIdResolver.pyc’>
[2016-04-20
23:15:32,074][8697][140242422363904][DEBUG][privacyidea.lib.resolver:118]
Entering get_resolver_config with arguments (u’zaxis’,) and keywords {}
[2016-04-20
23:15:32,074][8697][140242422363904][DEBUG][privacyidea.lib.resolver:118]
Entering get_resolver_list with arguments () and keywords
{‘filter_resolver_name’: u’zaxis’}
[2016-04-20
23:15:32,080][8697][140242422363904][DEBUG][privacyidea.lib.crypto:118]
Entering decryptPassword with arguments
(u’36fd2ba4d66c46ec3cf27f6d4a6150f9:f6bb0a6c5790e63e252bf7077b4df7cce85b70f14b1d814b3b22a3aaf5fad07e’,)
and keywords {}
[2016-04-20
23:15:32,087][8697][140242422363904][DEBUG][privacyidea.lib.crypto:131]
Exiting decryptPassword with result HIDDEN
[2016-04-20
23:15:32,088][8697][140242422363904][DEBUG][privacyidea.lib.resolver:129]
Exiting get_resolver_list with result {u’zaxis’: {‘data’: {u’BINDDN’:
u’zaxis\administrator’, u’AUTHTYPE’: u’Simple’, u’LDAPFILTER’:
u’(&(sAMAccountName=%s)(objectClass=person))‘, u’LDAPBASE’:
u’cn=users,dc=zaxis,dc=local’, u’LDAPURI’: u’ldap://192.168.56.101’,
u’LDAPSEARCHFILTER’: u’(sAMAccountName=)(objectClass=person)‘, u’UIDTYPE’:
u’objectGUID’, u’BINDPW’: ‘P@kistan1’, u’USERINFO’: u’{ “username”:
“sAMAccountName”, “phone” : “telephoneNumber”, “mobile” : “mobile”, “email”
: “mail”, “surname” : “sn”, “givenname” : “givenName” }‘, u’TIMEOUT’: u’5’,
u’SIZELIMIT’: u’500’, u’SCOPE’: u’SUBTREE’, u’NOREFERRALS’: u’1’,
u’LOGINNAMEATTRIBUTE’: u’sAMAccountName’}, ‘type’: u’ldapresolver’,
‘resolvername’: u’zaxis’}}
[2016-04-20
23:15:32,088][8697][140242422363904][DEBUG][privacyidea.lib.resolver:129]
Exiting get_resolver_config with result {u’BINDDN’:
u’zaxis\administrator’, u’AUTHTYPE’: u’Simple’, u’LDAPFILTER’:
u’(&(sAMAccountName=%s)(objectClass=person))‘, u’LDAPBASE’:
u’cn=users,dc=zaxis,dc=local’, u’LDAPURI’: u’ldap://192.168.56.101’,
u’LDAPSEARCHFILTER’: u’(sAMAccountName=
)(objectClass=person)‘, u’UIDTYPE’:
u’objectGUID’, u’BINDPW’: ‘P@kistan1’, u’USERINFO’: u’{ “username”:
“sAMAccountName”, “phone” : “telephoneNumber”, “mobile” : “mobile”, “email”
: “mail”, “surname” : “sn”, “givenname” : “givenName” }‘, u’TIMEOUT’: u’5’,
u’SIZELIMIT’: u’500’, u’SCOPE’: u’SUBTREE’, u’NOREFERRALS’: u’1’,
u’LOGINNAMEATTRIBUTE’: u’sAMAccountName’}
[2016-04-20
23:15:32,090][8697][140242422363904][DEBUG][privacyidea.lib.resolver:129]
Exiting get_resolver_object with result
<privacyidea.lib.resolvers.LDAPIdResolver.IdResolver object at
0x7f8c9eac5050>
[2016-04-20
23:15:32,091][8697][140242422363904][DEBUG][privacyidea.lib.resolvers.LDAPIdResolver:535]
Added 192.168.56.101, None, False to server pool.
[2016-04-20
23:15:32,099][8697][140242422363904][DEBUG][privacyidea.lib.user:129]
Exiting get_username with result
[2016-04-20
23:15:32,102][8697][140242422363904][DEBUG][privacyidea.lib.token:118]
Entering check_token_list with arguments ([<<class
‘privacyidea.lib.tokens.totptoken.TotpTokenClass’> {“‘token’”: ‘<<class
'privacyidea.models.Token'> {“'active'”: 'True', “'count_window'”:
'10L', “'key_enc'”:
“u'08ee66d0b10a87d34bbfc7e364bac25ce7f5b15dad85b0a6e4bd4c62569ba6bc5630c5f5a9498a6323a6fb9d25f97463268f74925d3771d150bf49855ad11e45bc7258287d605bb9f98135c467e97ee5a6e5f47120f9b01cc7db3c9117579864'”,
“'pin_hash'”: “u''”, “'so_pin'”: “u''”, “'user_id'”:
“u'ac7997d2-5271-4e6e-aba1-39874ad601a3'”, “'otplen'”: '6L',
“'so_pin_iv'”: “u''”, “'serial'”: “u'TOTP00019183'”, “'revoked'”:
'False', “'locked'”: 'False', “'maxfail'”: '1000L',
“'realm_list'”: '[<privacyidea.models.TokenRealm object at
0x7f8c9eacd890>]', “'count'”: '48705449L', “'pin_seed'”: “u''”,
“'sync_window'”: '1000L', “'description'”: “u''”,
“'resolver_type'”: “u'ldapresolver'”, “'user_pin_iv'”: “u''”,
“'user_pin'”: “u''”, “'rollout_state'”: “u''”, “'failcount'”:
'3L', “'_sa_instance_state'”: '<sqlalchemy.orm.state.InstanceState
object at 0x7f8c9eab3610>', “'id'”: '3L', “'resolver'”:
“u'zaxis'”, “'key_iv'”: “u'f8dc64d884c32d8309f27a0f302ce7f4'”,
“'tokentype'”: “u'totp'”}>’, “‘init_details’”: ‘{}’, “‘type’”:
“u’totp’”, “‘hKeyRequired’”: ‘True’, “‘auth_details’”: ‘{}’}>],
u’511357P@kistan123628408’) and keywords {‘user’: None, ‘options’:
{‘clientip’: ‘127.0.0.1’, ‘client’: u’127.0.0.1’, ‘user’: u’user98@zaxis’,
‘g’: <flask.g of ‘privacyidea.app’>, ‘pass’: u’511357P@kistan123628408’}}
[2016-04-20
23:15:32,103][8697][140242422363904][DEBUG][privacyidea.lib.user:118]
Entering get_username with arguments
(u’ac7997d2-5271-4e6e-aba1-39874ad601a3’, u’zaxis’) and keywords {}
[2016-04-20
23:15:32,103][8697][140242422363904][DEBUG][privacyidea.lib.resolver:118]
Entering get_resolver_object with arguments (u’zaxis’,) and keywords {}
[2016-04-20
23:15:32,103][8697][140242422363904][DEBUG][privacyidea.lib.resolver:118]
Entering get_resolver_list with arguments () and keywords
{‘filter_resolver_name’: u’zaxis’}
[2016-04-20
23:15:32,114][8697][140242422363904][DEBUG][privacyidea.lib.crypto:118]
Entering decryptPassword with arguments
(u’36fd2ba4d66c46ec3cf27f6d4a6150f9:f6bb0a6c5790e63e252bf7077b4df7cce85b70f14b1d814b3b22a3aaf5fad07e’,)
and keywords {}
[2016-04-20
23:15:32,114][8697][140242422363904][DEBUG][privacyidea.lib.crypto:131]
Exiting decryptPassword with result HIDDEN
[2016-04-20
23:15:32,115][8697][140242422363904][DEBUG][privacyidea.lib.resolver:129]
Exiting get_resolver_list with result {u’zaxis’: {‘data’: {u’BINDDN’:
u’zaxis\administrator’, u’AUTHTYPE’: u’Simple’, u’LDAPFILTER’:
u’(&(sAMAccountName=%s)(objectClass=person))‘, u’LDAPBASE’:
u’cn=users,dc=zaxis,dc=local’, u’LDAPURI’: u’ldap://192.168.56.101’,
u’LDAPSEARCHFILTER’: u’(sAMAccountName=)(objectClass=person)‘, u’UIDTYPE’:
u’objectGUID’, u’BINDPW’: ‘P@kistan1’, u’USERINFO’: u’{ “username”:
“sAMAccountName”, “phone” : “telephoneNumber”, “mobile” : “mobile”, “email”
: “mail”, “surname” : “sn”, “givenname” : “givenName” }‘, u’TIMEOUT’: u’5’,
u’SIZELIMIT’: u’500’, u’SCOPE’: u’SUBTREE’, u’NOREFERRALS’: u’1’,
u’LOGINNAMEATTRIBUTE’: u’sAMAccountName’}, ‘type’: u’ldapresolver’,
‘resolvername’: u’zaxis’}}
[2016-04-20
23:15:32,115][8697][140242422363904][DEBUG][privacyidea.lib.config:118]
Entering get_resolver_list with arguments () and keywords {}
[2016-04-20
23:15:32,115][8697][140242422363904][DEBUG][privacyidea.lib.config:421] None
[2016-04-20
23:15:32,115][8697][140242422363904][DEBUG][privacyidea.lib.config:129]
Exiting get_resolver_list with result
set([‘privacyidea.lib.resolvers.PasswdIdResolver’,
‘privacyidea.lib.resolvers.SCIMIdResolver’,
‘privacyidea.lib.resolvers.SQLIdResolver’,
‘privacyidea.lib.resolvers.LDAPIdResolver’])
[2016-04-20
23:15:32,116][8697][140242422363904][DEBUG][privacyidea.lib.config:553]
using the module list: set([‘privacyidea.lib.resolvers.PasswdIdResolver’,
‘privacyidea.lib.resolvers.SCIMIdResolver’,
‘privacyidea.lib.resolvers.SQLIdResolver’,
‘privacyidea.lib.resolvers.LDAPIdResolver’])
[2016-04-20
23:15:32,116][8697][140242422363904][DEBUG][privacyidea.lib.config:561]
import module: privacyidea.lib.resolvers.PasswdIdResolver
[2016-04-20
23:15:32,116][8697][140242422363904][DEBUG][privacyidea.lib.config:561]
import module: privacyidea.lib.resolvers.SCIMIdResolver
[2016-04-20
23:15:32,116][8697][140242422363904][DEBUG][privacyidea.lib.config:561]
import module: privacyidea.lib.resolvers.SQLIdResolver
[2016-04-20
23:15:32,116][8697][140242422363904][DEBUG][privacyidea.lib.config:561]
import module: privacyidea.lib.resolvers.LDAPIdResolver
[2016-04-20
23:15:32,116][8697][140242422363904][DEBUG][privacyidea.lib.config:374]
module: <module ‘privacyidea.lib.resolvers.PasswdIdResolver’ from
‘/usr/lib/python2.7/dist-packages/privacyidea/lib/resolvers/PasswdIdResolver.pyc’>
[2016-04-20
23:15:32,117][8697][140242422363904][DEBUG][privacyidea.lib.config:374]
module: <module ‘privacyidea.lib.resolvers.SCIMIdResolver’ from
‘/usr/lib/python2.7/dist-packages/privacyidea/lib/resolvers/SCIMIdResolver.pyc’>
[2016-04-20
23:15:32,117][8697][140242422363904][DEBUG][privacyidea.lib.config:374]
module: <module ‘privacyidea.lib.resolvers.SQLIdResolver’ from
‘/usr/lib/python2.7/dist-packages/privacyidea/lib/resolvers/SQLIdResolver.pyc’>
[2016-04-20
23:15:32,117][8697][140242422363904][DEBUG][privacyidea.lib.config:374]
module: <module ‘privacyidea.lib.resolvers.LDAPIdResolver’ from
‘/usr/lib/python2.7/dist-packages/privacyidea/lib/resolvers/LDAPIdResolver.pyc’>
[2016-04-20
23:15:32,117][8697][140242422363904][DEBUG][privacyidea.lib.resolver:118]
Entering get_resolver_config with arguments (u’zaxis’,) and keywords {}
[2016-04-20
23:15:32,117][8697][140242422363904][DEBUG][privacyidea.lib.resolver:118]
Entering get_resolver_list with arguments () and keywords
{‘filter_resolver_name’: u’zaxis’}
[2016-04-20
23:15:32,122][8697][140242422363904][DEBUG][privacyidea.lib.crypto:118]
Entering decryptPassword with arguments
(u’36fd2ba4d66c46ec3cf27f6d4a6150f9:f6bb0a6c5790e63e252bf7077b4df7cce85b70f14b1d814b3b22a3aaf5fad07e’,)
and keywords {}
[2016-04-20
23:15:32,123][8697][140242422363904][DEBUG][privacyidea.lib.crypto:131]
Exiting decryptPassword with result HIDDEN
[2016-04-20
23:15:32,123][8697][140242422363904][DEBUG][privacyidea.lib.resolver:129]
Exiting get_resolver_list with result {u’zaxis’: {‘data’: {u’BINDDN’:
u’zaxis\administrator’, u’AUTHTYPE’: u’Simple’, u’LDAPFILTER’:
u’(&(sAMAccountName=%s)(objectClass=person))‘, u’LDAPBASE’:
u’cn=users,dc=zaxis,dc=local’, u’LDAPURI’: u’ldap://192.168.56.101’,
u’LDAPSEARCHFILTER’: u’(sAMAccountName=
)(objectClass=person)‘, u’UIDTYPE’:
u’objectGUID’, u’BINDPW’: ‘P@kistan1’, u’USERINFO’: u’{ “username”:
“sAMAccountName”, “phone” : “telephoneNumber”, “mobile” : “mobile”, “email”
: “mail”, “surname” : “sn”, “givenname” : “givenName” }‘, u’TIMEOUT’: u’5’,
u’SIZELIMIT’: u’500’, u’SCOPE’: u’SUBTREE’, u’NOREFERRALS’: u’1’,
u’LOGINNAMEATTRIBUTE’: u’sAMAccountName’}, ‘type’: u’ldapresolver’,
‘resolvername’: u’zaxis’}}
[2016-04-20
23:15:32,124][8697][140242422363904][DEBUG][privacyidea.lib.resolver:129]
Exiting get_resolver_config with result {u’BINDDN’:
u’zaxis\administrator’, u’AUTHTYPE’: u’Simple’, u’LDAPFILTER’:
u’(&(sAMAccountName=%s)(objectClass=person))‘, u’LDAPBASE’:
u’cn=users,dc=zaxis,dc=local’, u’LDAPURI’: u’ldap://192.168.56.101’,
u’LDAPSEARCHFILTER’: u’(sAMAccountName=)(objectClass=person)‘, u’UIDTYPE’:
u’objectGUID’, u’BINDPW’: ‘P@kistan1’, u’USERINFO’: u’{ “username”:
“sAMAccountName”, “phone” : “telephoneNumber”, “mobile” : “mobile”, “email”
: “mail”, “surname” : “sn”, “givenname” : “givenName” }‘, u’TIMEOUT’: u’5’,
u’SIZELIMIT’: u’500’, u’SCOPE’: u’SUBTREE’, u’NOREFERRALS’: u’1’,
u’LOGINNAMEATTRIBUTE’: u’sAMAccountName’}
[2016-04-20
23:15:32,125][8697][140242422363904][DEBUG][privacyidea.lib.resolver:129]
Exiting get_resolver_object with result
<privacyidea.lib.resolvers.LDAPIdResolver.IdResolver object at
0x7f8c9eaa52d0>
[2016-04-20
23:15:32,128][8697][140242422363904][DEBUG][privacyidea.lib.resolvers.LDAPIdResolver:535]
Added 192.168.56.101, None, False to server pool.
[2016-04-20
23:15:32,142][8697][140242422363904][DEBUG][privacyidea.lib.user:129]
Exiting get_username with result
[2016-04-20
23:15:32,143][8697][140242422363904][DEBUG][privacyidea.lib.token:1862]
Found user with loginId None: u’TOTP00019183’
[2016-04-20
23:15:32,143][8697][140242422363904][DEBUG][privacyidea.lib.tokens.hotptoken:118]
Entering is_challenge_request with arguments (<<class
‘privacyidea.lib.tokens.totptoken.TotpTokenClass’> {“‘token’”: ‘<<class
'privacyidea.models.Token'> {“'active'”: 'True', “'count_window'”:
'10L', “'key_enc'”:
“u'08ee66d0b10a87d34bbfc7e364bac25ce7f5b15dad85b0a6e4bd4c62569ba6bc5630c5f5a9498a6323a6fb9d25f97463268f74925d3771d150bf49855ad11e45bc7258287d605bb9f98135c467e97ee5a6e5f47120f9b01cc7db3c9117579864'”,
“'pin_hash'”: “u''”, “'so_pin'”: “u''”, “'user_id'”:
“u'ac7997d2-5271-4e6e-aba1-39874ad601a3'”, “'otplen'”: '6L',
“'so_pin_iv'”: “u''”, “'serial'”: “u'TOTP00019183'”, “'revoked'”:
'False', “'locked'”: 'False', “'maxfail'”: '1000L',
“'realm_list'”: '[<privacyidea.models.TokenRealm object at
0x7f8c9eacd890>]', “'count'”: '48705449L', “'pin_seed'”: “u''”,
“'sync_window'”: '1000L', “'description'”: “u''”,
“'resolver_type'”: “u'ldapresolver'”, “'user_pin_iv'”: “u''”,
“'user_pin'”: “u''”, “'rollout_state'”: “u''”, “'failcount'”:
'3L', “'_sa_instance_state'”: '<sqlalchemy.orm.state.InstanceState
object at 0x7f8c9eab3610>', “'id'”: '3L', “'resolver'”:
“u'zaxis'”, “'key_iv'”: “u'f8dc64d884c32d8309f27a0f302ce7f4'”,
“'tokentype'”: “u'totp'”}>’, “‘init_details’”: ‘{}’, “‘type’”:
“u’totp’”, “‘hKeyRequired’”: ‘True’, “‘auth_details’”: ‘{}’}>,
u’511357P@kistan123628408’) and keywords {‘user’: None, ‘options’:
{‘clientip’: ‘127.0.0.1’, ‘client’: u’127.0.0.1’, ‘user’: None, ‘g’:
<flask.g of ‘privacyidea.app’>, ‘pass’: u’511357P@kistan123628408’}}
[2016-04-20
23:15:32,144][8697][140242422363904][DEBUG][privacyidea.lib.user:118]
Entering User with arguments () and keywords {}
[2016-04-20
23:15:32,144][8697][140242422363904][DEBUG][privacyidea.lib.user:118]
Entering get_realm_resolvers with arguments (User(login=‘’, realm=‘’,
resolver=‘’),) and keywords {}
[2016-04-20
23:15:32,144][8697][140242422363904][DEBUG][privacyidea.lib.realm:118]
Entering get_realms with arguments (‘’,) and keywords {}
[2016-04-20
23:15:32,158][8697][140242422363904][DEBUG][privacyidea.lib.realm:129]
Exiting get_realms with result {u’zaxis’: {‘default’: True, ‘resolver’:
[{‘priority’: 999L, ‘type’: u’ldapresolver’, ‘name’: u’zaxis’}]}}
[2016-04-20
23:15:32,158][8697][140242422363904][DEBUG][privacyidea.lib.user:129]
Exiting get_realm_resolvers with result {}
[2016-04-20
23:15:32,159][8697][140242422363904][DEBUG][privacyidea.lib.user:129]
Exiting User with result
[2016-04-20
23:15:32,165][8697][140242422363904][DEBUG][privacyidea.lib.policydecorators:118]
Found these allowed tokentypes: []
[2016-04-20
23:15:32,165][8697][140242422363904][DEBUG][privacyidea.lib.tokens.hotptoken:129]
Exiting is_challenge_request with result False
[2016-04-20
23:15:32,165][8697][140242422363904][DEBUG][privacyidea.lib.config:118]
Entering get_from_config with arguments () and keywords {‘key’:
‘PrependPin’}
[2016-04-20
23:15:32,167][8697][140242422363904][DEBUG][privacyidea.lib.config:129]
Exiting get_from_config with result 1
[2016-04-20
23:15:32,167][8697][140242422363904][DEBUG][privacyidea.lib.user:118]
Entering get_username with arguments
(u’ac7997d2-5271-4e6e-aba1-39874ad601a3’, u’zaxis’) and keywords {}
[2016-04-20
23:15:32,167][8697][140242422363904][DEBUG][privacyidea.lib.resolver:118]
Entering get_resolver_object with arguments (u’zaxis’,) and keywords {}
[2016-04-20
23:15:32,167][8697][140242422363904][DEBUG][privacyidea.lib.resolver:118]
Entering get_resolver_list with arguments () and keywords
{‘filter_resolver_name’: u’zaxis’}
[2016-04-20
23:15:32,174][8697][140242422363904][DEBUG][privacyidea.lib.crypto:118]
Entering decryptPassword with arguments
(u’36fd2ba4d66c46ec3cf27f6d4a6150f9:f6bb0a6c5790e63e252bf7077b4df7cce85b70f14b1d814b3b22a3aaf5fad07e’,)
and keywords {}
[2016-04-20
23:15:32,182][8697][140242422363904][DEBUG][privacyidea.lib.crypto:131]
Exiting decryptPassword with result HIDDEN
[2016-04-20
23:15:32,185][8697][140242422363904][DEBUG][privacyidea.lib.resolver:129]
Exiting get_resolver_list with result {u’zaxis’: {‘data’: {u’BINDDN’:
u’zaxis\administrator’, u’AUTHTYPE’: u’Simple’, u’LDAPFILTER’:
u’(&(sAMAccountName=%s)(objectClass=person))‘, u’LDAPBASE’:
u’cn=users,dc=zaxis,dc=local’, u’LDAPURI’: u’ldap://192.168.56.101’,
u’LDAPSEARCHFILTER’: u’(sAMAccountName=
)(objectClass=person)‘, u’UIDTYPE’:
u’objectGUID’, u’BINDPW’: ‘P@kistan1’, u’USERINFO’: u’{ “username”:
“sAMAccountName”, “phone” : “telephoneNumber”, “mobile” : “mobile”, “email”
: “mail”, “surname” : “sn”, “givenname” : “givenName” }‘, u’TIMEOUT’: u’5’,
u’SIZELIMIT’: u’500’, u’SCOPE’: u’SUBTREE’, u’NOREFERRALS’: u’1’,
u’LOGINNAMEATTRIBUTE’: u’sAMAccountName’}, ‘type’: u’ldapresolver’,
‘resolvername’: u’zaxis’}}
[2016-04-20
23:15:32,185][8697][140242422363904][DEBUG][privacyidea.lib.config:118]
Entering get_resolver_list with arguments () and keywords {}
[2016-04-20
23:15:32,185][8697][140242422363904][DEBUG][privacyidea.lib.config:421] None
[2016-04-20
23:15:32,185][8697][140242422363904][DEBUG][privacyidea.lib.config:129]
Exiting get_resolver_list with result
set([‘privacyidea.lib.resolvers.PasswdIdResolver’,
‘privacyidea.lib.resolvers.SCIMIdResolver’,
‘privacyidea.lib.resolvers.SQLIdResolver’,
‘privacyidea.lib.resolvers.LDAPIdResolver’])
[2016-04-20
23:15:32,185][8697][140242422363904][DEBUG][privacyidea.lib.config:553]
using the module list: set([‘privacyidea.lib.resolvers.PasswdIdResolver’,
‘privacyidea.lib.resolvers.SCIMIdResolver’,
‘privacyidea.lib.resolvers.SQLIdResolver’,
‘privacyidea.lib.resolvers.LDAPIdResolver’])
[2016-04-20
23:15:32,190][8697][140242422363904][DEBUG][privacyidea.lib.config:561]
import module: privacyidea.lib.resolvers.PasswdIdResolver
[2016-04-20
23:15:32,191][8697][140242422363904][DEBUG][privacyidea.lib.config:561]
import module: privacyidea.lib.resolvers.SCIMIdResolver
[2016-04-20
23:15:32,191][8697][140242422363904][DEBUG][privacyidea.lib.config:561]
import module: privacyidea.lib.resolvers.SQLIdResolver
[2016-04-20
23:15:32,191][8697][140242422363904][DEBUG][privacyidea.lib.config:561]
import module: privacyidea.lib.resolvers.LDAPIdResolver
[2016-04-20
23:15:32,191][8697][140242422363904][DEBUG][privacyidea.lib.config:374]
module: <module ‘privacyidea.lib.resolvers.PasswdIdResolver’ from
‘/usr/lib/python2.7/dist-packages/privacyidea/lib/resolvers/PasswdIdResolver.pyc’>
[2016-04-20
23:15:32,191][8697][140242422363904][DEBUG][privacyidea.lib.config:374]
module: <module ‘privacyidea.lib.resolvers.SCIMIdResolver’ from
‘/usr/lib/python2.7/dist-packages/privacyidea/lib/resolvers/SCIMIdResolver.pyc’>
[2016-04-20
23:15:32,191][8697][140242422363904][DEBUG][privacyidea.lib.config:374]
module: <module ‘privacyidea.lib.resolvers.SQLIdResolver’ from
‘/usr/lib/python2.7/dist-packages/privacyidea/lib/resolvers/SQLIdResolver.pyc’>
[2016-04-20
23:15:32,192][8697][140242422363904][DEBUG][privacyidea.lib.config:374]
module: <module ‘privacyidea.lib.resolvers.LDAPIdResolver’ from
‘/usr/lib/python2.7/dist-packages/privacyidea/lib/resolvers/LDAPIdResolver.pyc’>
[2016-04-20
23:15:32,192][8697][140242422363904][DEBUG][privacyidea.lib.resolver:118]
Entering get_resolver_config with arguments (u’zaxis’,) and keywords {}
[2016-04-20
23:15:32,192][8697][140242422363904][DEBUG][privacyidea.lib.resolver:118]
Entering get_resolver_list with arguments () and keywords
{‘filter_resolver_name’: u’zaxis’}
[2016-04-20
23:15:32,197][8697][140242422363904][DEBUG][privacyidea.lib.crypto:118]
Entering decryptPassword with arguments
(u’36fd2ba4d66c46ec3cf27f6d4a6150f9:f6bb0a6c5790e63e252bf7077b4df7cce85b70f14b1d814b3b22a3aaf5fad07e’,)
and keywords {}
[2016-04-20
23:15:32,197][8697][140242422363904][DEBUG][privacyidea.lib.crypto:131]
Exiting decryptPassword with result HIDDEN
[2016-04-20
23:15:32,198][8697][140242422363904][DEBUG][privacyidea.lib.resolver:129]
Exiting get_resolver_list with result {u’zaxis’: {‘data’: {u’BINDDN’:
u’zaxis\administrator’, u’AUTHTYPE’: u’Simple’, u’LDAPFILTER’:
u’(&(sAMAccountName=%s)(objectClass=person))‘, u’LDAPBASE’:
u’cn=users,dc=zaxis,dc=local’, u’LDAPURI’: u’ldap://192.168.56.101’,
u’LDAPSEARCHFILTER’: u’(sAMAccountName=)(objectClass=person)‘, u’UIDTYPE’:
u’objectGUID’, u’BINDPW’: ‘P@kistan1’, u’USERINFO’: u’{ “username”:
“sAMAccountName”, “phone” : “telephoneNumber”, “mobile” : “mobile”, “email”
: “mail”, “surname” : “sn”, “givenname” : “givenName” }‘, u’TIMEOUT’: u’5’,
u’SIZELIMIT’: u’500’, u’SCOPE’: u’SUBTREE’, u’NOREFERRALS’: u’1’,
u’LOGINNAMEATTRIBUTE’: u’sAMAccountName’}, ‘type’: u’ldapresolver’,
‘resolvername’: u’zaxis’}}
[2016-04-20
23:15:32,198][8697][140242422363904][DEBUG][privacyidea.lib.resolver:129]
Exiting get_resolver_config with result {u’BINDDN’:
u’zaxis\administrator’, u’AUTHTYPE’: u’Simple’, u’LDAPFILTER’:
u’(&(sAMAccountName=%s)(objectClass=person))‘, u’LDAPBASE’:
u’cn=users,dc=zaxis,dc=local’, u’LDAPURI’: u’ldap://192.168.56.101’,
u’LDAPSEARCHFILTER’: u’(sAMAccountName=
)(objectClass=person)‘, u’UIDTYPE’:
u’objectGUID’, u’BINDPW’: ‘P@kistan1’, u’USERINFO’: u’{ “username”:
“sAMAccountName”, “phone” : “telephoneNumber”, “mobile” : “mobile”, “email”
: “mail”, “surname” : “sn”, “givenname” : “givenName” }‘, u’TIMEOUT’: u’5’,
u’SIZELIMIT’: u’500’, u’SCOPE’: u’SUBTREE’, u’NOREFERRALS’: u’1’,
u’LOGINNAMEATTRIBUTE’: u’sAMAccountName’}
[2016-04-20
23:15:32,199][8697][140242422363904][DEBUG][privacyidea.lib.resolver:129]
Exiting get_resolver_object with result
<privacyidea.lib.resolvers.LDAPIdResolver.IdResolver object at
0x7f8c9ead1910>
[2016-04-20
23:15:32,201][8697][140242422363904][DEBUG][privacyidea.lib.resolvers.LDAPIdResolver:535]
Added 192.168.56.101, None, False to server pool.
[2016-04-20
23:15:32,215][8697][140242422363904][DEBUG][privacyidea.lib.user:129]
Exiting get_username with result
[2016-04-20
23:15:32,215][8697][140242422363904][DEBUG][privacyidea.lib.user:118]
Entering User with arguments (‘’,) and keywords {‘realm’: u’zaxis’}
[2016-04-20
23:15:32,216][8697][140242422363904][DEBUG][privacyidea.lib.user:118]
Entering get_realm_resolvers with arguments (User(login=‘’, realm=u’zaxis’,
resolver=‘’),) and keywords {}
[2016-04-20
23:15:32,216][8697][140242422363904][DEBUG][privacyidea.lib.realm:118]
Entering get_realms with arguments (u’zaxis’,) and keywords {}
[2016-04-20
23:15:32,219][8697][140242422363904][DEBUG][privacyidea.lib.realm:129]
Exiting get_realms with result {u’zaxis’: {‘default’: True, ‘resolver’:
[{‘priority’: 999L, ‘type’: u’ldapresolver’, ‘name’: u’zaxis’}]}}
[2016-04-20
23:15:32,219][8697][140242422363904][DEBUG][privacyidea.lib.user:129]
Exiting get_realm_resolvers with result {u’zaxis’: {‘priority’: 999L,
‘type’: u’ldapresolver’}}
[2016-04-20
23:15:32,219][8697][140242422363904][DEBUG][privacyidea.lib.resolver:118]
Entering get_resolver_object with arguments (u’zaxis’,) and keywords {}
[2016-04-20
23:15:32,219][8697][140242422363904][DEBUG][privacyidea.lib.resolver:118]
Entering get_resolver_list with arguments () and keywords
{‘filter_resolver_name’: u’zaxis’}
[2016-04-20
23:15:32,228][8697][140242422363904][DEBUG][privacyidea.lib.crypto:118]
Entering decryptPassword with arguments
(u’36fd2ba4d66c46ec3cf27f6d4a6150f9:f6bb0a6c5790e63e252bf7077b4df7cce85b70f14b1d814b3b22a3aaf5fad07e’,)
and keywords {}
[2016-04-20
23:15:32,229][8697][140242422363904][DEBUG][privacyidea.lib.crypto:131]
Exiting decryptPassword with result HIDDEN
[2016-04-20
23:15:32,229][8697][140242422363904][DEBUG][privacyidea.lib.resolver:129]
Exiting get_resolver_list with result {u’zaxis’: {‘data’: {u’BINDDN’:
u’zaxis\administrator’, u’AUTHTYPE’: u’Simple’, u’LDAPFILTER’:
u’(&(sAMAccountName=%s)(objectClass=person))‘, u’LDAPBASE’:
u’cn=users,dc=zaxis,dc=local’, u’LDAPURI’: u’ldap://192.168.56.101’,
u’LDAPSEARCHFILTER’: u’(sAMAccountName=)(objectClass=person)‘, u’UIDTYPE’:
u’objectGUID’, u’BINDPW’: ‘P@kistan1’, u’USERINFO’: u’{ “username”:
“sAMAccountName”, “phone” : “telephoneNumber”, “mobile” : “mobile”, “email”
: “mail”, “surname” : “sn”, “givenname” : “givenName” }‘, u’TIMEOUT’: u’5’,
u’SIZELIMIT’: u’500’, u’SCOPE’: u’SUBTREE’, u’NOREFERRALS’: u’1’,
u’LOGINNAMEATTRIBUTE’: u’sAMAccountName’}, ‘type’: u’ldapresolver’,
‘resolvername’: u’zaxis’}}
[2016-04-20
23:15:32,230][8697][140242422363904][DEBUG][privacyidea.lib.config:118]
Entering get_resolver_list with arguments () and keywords {}
[2016-04-20
23:15:32,230][8697][140242422363904][DEBUG][privacyidea.lib.config:421] None
[2016-04-20
23:15:32,230][8697][140242422363904][DEBUG][privacyidea.lib.config:129]
Exiting get_resolver_list with result
set([‘privacyidea.lib.resolvers.PasswdIdResolver’,
‘privacyidea.lib.resolvers.SCIMIdResolver’,
‘privacyidea.lib.resolvers.SQLIdResolver’,
‘privacyidea.lib.resolvers.LDAPIdResolver’])
[2016-04-20
23:15:32,231][8697][140242422363904][DEBUG][privacyidea.lib.config:553]
using the module list: set([‘privacyidea.lib.resolvers.PasswdIdResolver’,
‘privacyidea.lib.resolvers.SCIMIdResolver’,
‘privacyidea.lib.resolvers.SQLIdResolver’,
‘privacyidea.lib.resolvers.LDAPIdResolver’])
[2016-04-20
23:15:32,231][8697][140242422363904][DEBUG][privacyidea.lib.config:561]
import module: privacyidea.lib.resolvers.PasswdIdResolver
[2016-04-20
23:15:32,232][8697][140242422363904][DEBUG][privacyidea.lib.config:561]
import module: privacyidea.lib.resolvers.SCIMIdResolver
[2016-04-20
23:15:32,232][8697][140242422363904][DEBUG][privacyidea.lib.config:561]
import module: privacyidea.lib.resolvers.SQLIdResolver
[2016-04-20
23:15:32,233][8697][140242422363904][DEBUG][privacyidea.lib.config:561]
import module: privacyidea.lib.resolvers.LDAPIdResolver
[2016-04-20
23:15:32,234][8697][140242422363904][DEBUG][privacyidea.lib.config:374]
module: <module ‘privacyidea.lib.resolvers.PasswdIdResolver’ from
‘/usr/lib/python2.7/dist-packages/privacyidea/lib/resolvers/PasswdIdResolver.pyc’>
[2016-04-20
23:15:32,234][8697][140242422363904][DEBUG][privacyidea.lib.config:374]
module: <module ‘privacyidea.lib.resolvers.SCIMIdResolver’ from
‘/usr/lib/python2.7/dist-packages/privacyidea/lib/resolvers/SCIMIdResolver.pyc’>
[2016-04-20
23:15:32,235][8697][140242422363904][DEBUG][privacyidea.lib.config:374]
module: <module ‘privacyidea.lib.resolvers.SQLIdResolver’ from
‘/usr/lib/python2.7/dist-packages/privacyidea/lib/resolvers/SQLIdResolver.pyc’>
[2016-04-20
23:15:32,235][8697][140242422363904][DEBUG][privacyidea.lib.config:374]
module: <module ‘privacyidea.lib.resolvers.LDAPIdResolver’ from
‘/usr/lib/python2.7/dist-packages/privacyidea/lib/resolvers/LDAPIdResolver.pyc’>
[2016-04-20
23:15:32,235][8697][140242422363904][DEBUG][privacyidea.lib.resolver:118]
Entering get_resolver_config with arguments (u’zaxis’,) and keywords {}
[2016-04-20
23:15:32,236][8697][140242422363904][DEBUG][privacyidea.lib.resolver:118]
Entering get_resolver_list with arguments () and keywords
{‘filter_resolver_name’: u’zaxis’}
[2016-04-20
23:15:32,244][8697][140242422363904][DEBUG][privacyidea.lib.crypto:118]
Entering decryptPassword with arguments
(u’36fd2ba4d66c46ec3cf27f6d4a6150f9:f6bb0a6c5790e63e252bf7077b4df7cce85b70f14b1d814b3b22a3aaf5fad07e’,)
and keywords {}
[2016-04-20
23:15:32,245][8697][140242422363904][DEBUG][privacyidea.lib.crypto:131]
Exiting decryptPassword with result HIDDEN
[2016-04-20
23:15:32,246][8697][140242422363904][DEBUG][privacyidea.lib.resolver:129]
Exiting get_resolver_list with result {u’zaxis’: {‘data’: {u’BINDDN’:
u’zaxis\administrator’, u’AUTHTYPE’: u’Simple’, u’LDAPFILTER’:
u’(&(sAMAccountName=%s)(objectClass=person))‘, u’LDAPBASE’:
u’cn=users,dc=zaxis,dc=local’, u’LDAPURI’: u’ldap://192.168.56.101’,
u’LDAPSEARCHFILTER’: u’(sAMAccountName=
)(objectClass=person)‘, u’UIDTYPE’:
u’objectGUID’, u’BINDPW’: ‘P@kistan1’, u’USERINFO’: u’{ “username”:
“sAMAccountName”, “phone” : “telephoneNumber”, “mobile” : “mobile”, “email”
: “mail”, “surname” : “sn”, “givenname” : “givenName” }‘, u’TIMEOUT’: u’5’,
u’SIZELIMIT’: u’500’, u’SCOPE’: u’SUBTREE’, u’NOREFERRALS’: u’1’,
u’LOGINNAMEATTRIBUTE’: u’sAMAccountName’}, ‘type’: u’ldapresolver’,
‘resolvername’: u’zaxis’}}
[2016-04-20
23:15:32,246][8697][140242422363904][DEBUG][privacyidea.lib.resolver:129]
Exiting get_resolver_config with result {u’BINDDN’:
u’zaxis\administrator’, u’AUTHTYPE’: u’Simple’, u’LDAPFILTER’:
u’(&(sAMAccountName=%s)(objectClass=person))‘, u’LDAPBASE’:
u’cn=users,dc=zaxis,dc=local’, u’LDAPURI’: u’ldap://192.168.56.101’,
u’LDAPSEARCHFILTER’: u’(sAMAccountName=)(objectClass=person)‘, u’UIDTYPE’:
u’objectGUID’, u’BINDPW’: ‘P@kistan1’, u’USERINFO’: u’{ “username”:
“sAMAccountName”, “phone” : “telephoneNumber”, “mobile” : “mobile”, “email”
: “mail”, “surname” : “sn”, “givenname” : “givenName” }‘, u’TIMEOUT’: u’5’,
u’SIZELIMIT’: u’500’, u’SCOPE’: u’SUBTREE’, u’NOREFERRALS’: u’1’,
u’LOGINNAMEATTRIBUTE’: u’sAMAccountName’}
[2016-04-20
23:15:32,248][8697][140242422363904][DEBUG][privacyidea.lib.resolver:129]
Exiting get_resolver_object with result
<privacyidea.lib.resolvers.LDAPIdResolver.IdResolver object at
0x7f8c9eab38d0>
[2016-04-20
23:15:32,252][8697][140242422363904][DEBUG][privacyidea.lib.resolvers.LDAPIdResolver:535]
Added 192.168.56.101, None, False to server pool.
[2016-04-20
23:15:32,276][8697][140242422363904][DEBUG][privacyidea.lib.user:200] user
‘’ not found in resolver u’zaxis’
[2016-04-20
23:15:32,276][8697][140242422363904][DEBUG][privacyidea.lib.user:129]
Exiting User with result <@zaxis>
[2016-04-20
23:15:32,277][8697][140242422363904][DEBUG][privacyidea.lib.user:118]
Entering check_password with arguments (User(login=‘’, realm=u’zaxis’,
resolver=‘’), u’511357P@kistan123’) and keywords {}
[2016-04-20
23:15:32,277][8697][140242422363904][INFO][privacyidea.lib.user:328] User
‘’ from realm u’zaxis’ tries to authenticate
[2016-04-20
23:15:32,277][8697][140242422363904][DEBUG][privacyidea.lib.user:118]
Entering get_realm_resolvers with arguments (User(login=u’‘,
realm=u’zaxis’, resolver=‘’),) and keywords {}
[2016-04-20
23:15:32,277][8697][140242422363904][DEBUG][privacyidea.lib.realm:118]
Entering get_realms with arguments (u’zaxis’,) and keywords {}
[2016-04-20
23:15:32,280][8697][140242422363904][DEBUG][privacyidea.lib.realm:129]
Exiting get_realms with result {u’zaxis’: {‘default’: True, ‘resolver’:
[{‘priority’: 999L, ‘type’: u’ldapresolver’, ‘name’: u’zaxis’}]}}
[2016-04-20
23:15:32,280][8697][140242422363904][DEBUG][privacyidea.lib.user:129]
Exiting get_realm_resolvers with result {u’zaxis’: {‘priority’: 999L,
‘type’: u’ldapresolver’}}
[2016-04-20
23:15:32,280][8697][140242422363904][DEBUG][privacyidea.lib.resolver:118]
Entering get_resolver_object with arguments (u’zaxis’,) and keywords {}
[2016-04-20
23:15:32,280][8697][140242422363904][DEBUG][privacyidea.lib.resolver:118]
Entering get_resolver_list with arguments () and keywords
{‘filter_resolver_name’: u’zaxis’}
[2016-04-20
23:15:32,286][8697][140242422363904][DEBUG][privacyidea.lib.crypto:118]
Entering decryptPassword with arguments
(u’36fd2ba4d66c46ec3cf27f6d4a6150f9:f6bb0a6c5790e63e252bf7077b4df7cce85b70f14b1d814b3b22a3aaf5fad07e’,)
and keywords {}
[2016-04-20
23:15:32,286][8697][140242422363904][DEBUG][privacyidea.lib.crypto:131]
Exiting decryptPassword with result HIDDEN
[2016-04-20
23:15:32,286][8697][140242422363904][DEBUG][privacyidea.lib.resolver:129]
Exiting get_resolver_list with result {u’zaxis’: {‘data’: {u’BINDDN’:
u’zaxis\administrator’, u’AUTHTYPE’: u’Simple’, u’LDAPFILTER’:
u’(&(sAMAccountName=%s)(objectClass=person))‘, u’LDAPBASE’:
u’cn=users,dc=zaxis,dc=local’, u’LDAPURI’: u’ldap://192.168.56.101’,
u’LDAPSEARCHFILTER’: u’(sAMAccountName=
)(objectClass=person)‘, u’UIDTYPE’:
u’objectGUID’, u’BINDPW’: ‘P@kistan1’, u’USERINFO’: u’{ “username”:
“sAMAccountName”, “phone” : “telephoneNumber”, “mobile” : “mobile”, “email”
: “mail”, “surname” : “sn”, “givenname” : “givenName” }‘, u’TIMEOUT’: u’5’,
u’SIZELIMIT’: u’500’, u’SCOPE’: u’SUBTREE’, u’NOREFERRALS’: u’1’,
u’LOGINNAMEATTRIBUTE’: u’sAMAccountName’}, ‘type’: u’ldapresolver’,
‘resolvername’: u’zaxis’}}
[2016-04-20
23:15:32,287][8697][140242422363904][DEBUG][privacyidea.lib.config:118]
Entering get_resolver_list with arguments () and keywords {}
[2016-04-20
23:15:32,287][8697][140242422363904][DEBUG][privacyidea.lib.config:421] None
[2016-04-20
23:15:32,287][8697][140242422363904][DEBUG][privacyidea.lib.config:129]
Exiting get_resolver_list with result
set([‘privacyidea.lib.resolvers.PasswdIdResolver’,
‘privacyidea.lib.resolvers.SCIMIdResolver’,
‘privacyidea.lib.resolvers.SQLIdResolver’,
‘privacyidea.lib.resolvers.LDAPIdResolver’])
[2016-04-20
23:15:32,287][8697][140242422363904][DEBUG][privacyidea.lib.config:553]
using the module list: set([‘privacyidea.lib.resolvers.PasswdIdResolver’,
‘privacyidea.lib.resolvers.SCIMIdResolver’,
‘privacyidea.lib.resolvers.SQLIdResolver’,
‘privacyidea.lib.resolvers.LDAPIdResolver’])
[2016-04-20
23:15:32,287][8697][140242422363904][DEBUG][privacyidea.lib.config:561]
import module: privacyidea.lib.resolvers.PasswdIdResolver
[2016-04-20
23:15:32,287][8697][140242422363904][DEBUG][privacyidea.lib.config:561]
import module: privacyidea.lib.resolvers.SCIMIdResolver
[2016-04-20
23:15:32,287][8697][140242422363904][DEBUG][privacyidea.lib.config:561]
import module: privacyidea.lib.resolvers.SQLIdResolver
[2016-04-20
23:15:32,287][8697][140242422363904][DEBUG][privacyidea.lib.config:561]
import module: privacyidea.lib.resolvers.LDAPIdResolver
[2016-04-20
23:15:32,287][8697][140242422363904][DEBUG][privacyidea.lib.config:374]
module: <module ‘privacyidea.lib.resolvers.PasswdIdResolver’ from
‘/usr/lib/python2.7/dist-packages/privacyidea/lib/resolvers/PasswdIdResolver.pyc’>
[2016-04-20
23:15:32,288][8697][140242422363904][DEBUG][privacyidea.lib.config:374]
module: <module ‘privacyidea.lib.resolvers.SCIMIdResolver’ from
‘/usr/lib/python2.7/dist-packages/privacyidea/lib/resolvers/SCIMIdResolver.pyc’>
[2016-04-20
23:15:32,288][8697][140242422363904][DEBUG][privacyidea.lib.config:374]
module: <module ‘privacyidea.lib.resolvers.SQLIdResolver’ from
‘/usr/lib/python2.7/dist-packages/privacyidea/lib/resolvers/SQLIdResolver.pyc’>
[2016-04-20
23:15:32,288][8697][140242422363904][DEBUG][privacyidea.lib.config:374]
module: <module ‘privacyidea.lib.resolvers.LDAPIdResolver’ from
‘/usr/lib/python2.7/dist-packages/privacyidea/lib/resolvers/LDAPIdResolver.pyc’>
[2016-04-20
23:15:32,288][8697][140242422363904][DEBUG][privacyidea.lib.resolver:118]
Entering get_resolver_config with arguments (u’zaxis’,) and keywords {}
[2016-04-20
23:15:32,288][8697][140242422363904][DEBUG][privacyidea.lib.resolver:118]
Entering get_resolver_list with arguments () and keywords
{‘filter_resolver_name’: u’zaxis’}
[2016-04-20
23:15:32,295][8697][140242422363904][DEBUG][privacyidea.lib.crypto:118]
Entering decryptPassword with arguments
(u’36fd2ba4d66c46ec3cf27f6d4a6150f9:f6bb0a6c5790e63e252bf7077b4df7cce85b70f14b1d814b3b22a3aaf5fad07e’,)
and keywords {}
[2016-04-20
23:15:32,295][8697][140242422363904][DEBUG][privacyidea.lib.crypto:131]
Exiting decryptPassword with result HIDDEN
[2016-04-20
23:15:32,295][8697][140242422363904][DEBUG][privacyidea.lib.resolver:129]
Exiting get_resolver_list with result {u’zaxis’: {‘data’: {u’BINDDN’:
u’zaxis\administrator’, u’AUTHTYPE’: u’Simple’, u’LDAPFILTER’:
u’(&(sAMAccountName=%s)(objectClass=person))‘, u’LDAPBASE’:
u’cn=users,dc=zaxis,dc=local’, u’LDAPURI’: u’ldap://192.168.56.101’,
u’LDAPSEARCHFILTER’: u’(sAMAccountName=)(objectClass=person)‘, u’UIDTYPE’:
u’objectGUID’, u’BINDPW’: ‘P@kistan1’, u’USERINFO’: u’{ “username”:
“sAMAccountName”, “phone” : “telephoneNumber”, “mobile” : “mobile”, “email”
: “mail”, “surname” : “sn”, “givenname” : “givenName” }‘, u’TIMEOUT’: u’5’,
u’SIZELIMIT’: u’500’, u’SCOPE’: u’SUBTREE’, u’NOREFERRALS’: u’1’,
u’LOGINNAMEATTRIBUTE’: u’sAMAccountName’}, ‘type’: u’ldapresolver’,
‘resolvername’: u’zaxis’}}
[2016-04-20
23:15:32,296][8697][140242422363904][DEBUG][privacyidea.lib.resolver:129]
Exiting get_resolver_config with result {u’BINDDN’:
u’zaxis\administrator’, u’AUTHTYPE’: u’Simple’, u’LDAPFILTER’:
u’(&(sAMAccountName=%s)(objectClass=person))‘, u’LDAPBASE’:
u’cn=users,dc=zaxis,dc=local’, u’LDAPURI’: u’ldap://192.168.56.101’,
u’LDAPSEARCHFILTER’: u’(sAMAccountName=
)(objectClass=person)‘, u’UIDTYPE’:
u’objectGUID’, u’BINDPW’: ‘P@kistan1’, u’USERINFO’: u’{ “username”:
“sAMAccountName”, “phone” : “telephoneNumber”, “mobile” : “mobile”, “email”
: “mail”, “surname” : “sn”, “givenname” : “givenName” }‘, u’TIMEOUT’: u’5’,
u’SIZELIMIT’: u’500’, u’SCOPE’: u’SUBTREE’, u’NOREFERRALS’: u’1’,
u’LOGINNAMEATTRIBUTE’: u’sAMAccountName’}
[2016-04-20
23:15:32,297][8697][140242422363904][DEBUG][privacyidea.lib.resolver:129]
Exiting get_resolver_object with result
<privacyidea.lib.resolvers.LDAPIdResolver.IdResolver object at
0x7f8c9eaa5ad0>
[2016-04-20
23:15:32,300][8697][140242422363904][DEBUG][privacyidea.lib.resolvers.LDAPIdResolver:535]
Added 192.168.56.101, None, False to server pool.
[2016-04-20
23:15:32,312][8697][140242422363904][DEBUG][privacyidea.lib.user:200] user
u’’ not found in resolver u’zaxis’
[2016-04-20
23:15:32,312][8697][140242422363904][ERROR][privacyidea.lib.user:344] The
user User(login=u’‘, realm=u’zaxis’, resolver=‘’) exists in NO resolver.
[2016-04-20
23:15:32,312][8697][140242422363904][DEBUG][privacyidea.lib.user:129]
Exiting check_password with result None
[2016-04-20
23:15:32,313][8697][140242422363904][DEBUG][privacyidea.lib.config:118]
Entering get_from_config with arguments () and keywords {‘key’:
‘IncFailCountOnFalsePin’}
[2016-04-20
23:15:32,315][8697][140242422363904][DEBUG][privacyidea.lib.config:129]
Exiting get_from_config with result 1
[2016-04-20
23:15:32,354][8697][140242422363904][DEBUG][privacyidea.lib.token:129]
Exiting check_token_list with result (False, {‘message’: ‘wrong otp pin’})
[2016-04-20
23:15:32,355][8697][140242422363904][DEBUG][privacyidea.lib.token:129]
Exiting check_user_pass with result (False, {‘message’: ‘wrong otp pin’})
[2016-04-20
23:15:32,355][8697][140242422363904][DEBUG][privacyidea.lib.config:118]
Entering get_from_config with arguments (‘splitAtSign’,) and keywords {}
[2016-04-20
23:15:32,357][8697][140242422363904][DEBUG][privacyidea.lib.config:129]
Exiting get_from_config with result 1
[2016-04-20
23:15:32,357][8697][140242422363904][DEBUG][privacyidea.lib.user:118]
Entering split_user with arguments (u’user98@zaxis’,) and keywords {}
[2016-04-20
23:15:32,357][8697][140242422363904][DEBUG][privacyidea.lib.realm:118]
Entering realm_is_defined with arguments (u’zaxis’,) and keywords {}
[2016-04-20
23:15:32,358][8697][140242422363904][DEBUG][privacyidea.lib.realm:118]
Entering get_realms with arguments () and keywords {}
[2016-04-20
23:15:32,362][8697][140242422363904][DEBUG][privacyidea.lib.realm:129]
Exiting get_realms with result {u’zaxis’: {‘default’: True, ‘resolver’:
[{‘priority’: 999L, ‘type’: u’ldapresolver’, ‘name’: u’zaxis’}]}}
[2016-04-20
23:15:32,362][8697][140242422363904][DEBUG][privacyidea.lib.realm:129]
Exiting realm_is_defined with result True
[2016-04-20
23:15:32,362][8697][140242422363904][DEBUG][privacyidea.lib.user:129]
Exiting split_user with result (u’user98’, u’zaxis’)
[2016-04-20
23:15:32,362][8697][140242422363904][DEBUG][privacyidea.lib.user:118]
Entering User with arguments () and keywords {‘login’: u’user98’, ‘realm’:
u’zaxis’}
[2016-04-20
23:15:32,362][8697][140242422363904][DEBUG][privacyidea.lib.user:118]
Entering get_realm_resolvers with arguments (User(login=u’user98’,
realm=u’zaxis’, resolver=‘’),) and keywords {}
[2016-04-20
23:15:32,362][8697][140242422363904][DEBUG][privacyidea.lib.realm:118]
Entering get_realms with arguments (u’zaxis’,) and keywords {}
[2016-04-20
23:15:32,370][8697][140242422363904][DEBUG][privacyidea.lib.realm:129]
Exiting get_realms with result {u’zaxis’: {‘default’: True, ‘resolver’:
[{‘priority’: 999L, ‘type’: u’ldapresolver’, ‘name’: u’zaxis’}]}}
[2016-04-20
23:15:32,370][8697][140242422363904][DEBUG][privacyidea.lib.user:129]
Exiting get_realm_resolvers with result {u’zaxis’: {‘priority’: 999L,
‘type’: u’ldapresolver’}}
[2016-04-20
23:15:32,370][8697][140242422363904][DEBUG][privacyidea.lib.resolver:118]
Entering get_resolver_object with arguments (u’zaxis’,) and keywords {}
[2016-04-20
23:15:32,370][8697][140242422363904][DEBUG][privacyidea.lib.resolver:118]
Entering get_resolver_list with arguments () and keywords
{‘filter_resolver_name’: u’zaxis’}
[2016-04-20
23:15:32,376][8697][140242422363904][DEBUG][privacyidea.lib.crypto:118]
Entering decryptPassword with arguments
(u’36fd2ba4d66c46ec3cf27f6d4a6150f9:f6bb0a6c5790e63e252bf7077b4df7cce85b70f14b1d814b3b22a3aaf5fad07e’,)
and keywords {}
[2016-04-20
23:15:32,377][8697][140242422363904][DEBUG][privacyidea.lib.crypto:131]
Exiting decryptPassword with result HIDDEN
[2016-04-20
23:15:32,377][8697][140242422363904][DEBUG][privacyidea.lib.resolver:129]
Exiting get_resolver_list with result {u’zaxis’: {‘data’: {u’BINDDN’:
u’zaxis\administrator’, u’AUTHTYPE’: u’Simple’, u’LDAPFILTER’:
u’(&(sAMAccountName=%s)(objectClass=person))‘, u’LDAPBASE’:
u’cn=users,dc=zaxis,dc=local’, u’LDAPURI’: u’ldap://192.168.56.101’,
u’LDAPSEARCHFILTER’: u’(sAMAccountName=)(objectClass=person)‘, u’UIDTYPE’:
u’objectGUID’, u’BINDPW’: ‘P@kistan1’, u’USERINFO’: u’{ “username”:
“sAMAccountName”, “phone” : “telephoneNumber”, “mobile” : “mobile”, “email”
: “mail”, “surname” : “sn”, “givenname” : “givenName” }‘, u’TIMEOUT’: u’5’,
u’SIZELIMIT’: u’500’, u’SCOPE’: u’SUBTREE’, u’NOREFERRALS’: u’1’,
u’LOGINNAMEATTRIBUTE’: u’sAMAccountName’}, ‘type’: u’ldapresolver’,
‘resolvername’: u’zaxis’}}
[2016-04-20
23:15:32,377][8697][140242422363904][DEBUG][privacyidea.lib.config:118]
Entering get_resolver_list with arguments () and keywords {}
[2016-04-20
23:15:32,377][8697][140242422363904][DEBUG][privacyidea.lib.config:421] None
[2016-04-20
23:15:32,378][8697][140242422363904][DEBUG][privacyidea.lib.config:129]
Exiting get_resolver_list with result
set([‘privacyidea.lib.resolvers.PasswdIdResolver’,
‘privacyidea.lib.resolvers.SCIMIdResolver’,
‘privacyidea.lib.resolvers.SQLIdResolver’,
‘privacyidea.lib.resolvers.LDAPIdResolver’])
[2016-04-20
23:15:32,378][8697][140242422363904][DEBUG][privacyidea.lib.config:553]
using the module list: set([‘privacyidea.lib.resolvers.PasswdIdResolver’,
‘privacyidea.lib.resolvers.SCIMIdResolver’,
‘privacyidea.lib.resolvers.SQLIdResolver’,
‘privacyidea.lib.resolvers.LDAPIdResolver’])
[2016-04-20
23:15:32,378][8697][140242422363904][DEBUG][privacyidea.lib.config:561]
import module: privacyidea.lib.resolvers.PasswdIdResolver
[2016-04-20
23:15:32,378][8697][140242422363904][DEBUG][privacyidea.lib.config:561]
import module: privacyidea.lib.resolvers.SCIMIdResolver
[2016-04-20
23:15:32,378][8697][140242422363904][DEBUG][privacyidea.lib.config:561]
import module: privacyidea.lib.resolvers.SQLIdResolver
[2016-04-20
23:15:32,378][8697][140242422363904][DEBUG][privacyidea.lib.config:561]
import module: privacyidea.lib.resolvers.LDAPIdResolver
[2016-04-20
23:15:32,378][8697][140242422363904][DEBUG][privacyidea.lib.config:374]
module: <module ‘privacyidea.lib.resolvers.PasswdIdResolver’ from
‘/usr/lib/python2.7/dist-packages/privacyidea/lib/resolvers/PasswdIdResolver.pyc’>
[2016-04-20
23:15:32,379][8697][140242422363904][DEBUG][privacyidea.lib.config:374]
module: <module ‘privacyidea.lib.resolvers.SCIMIdResolver’ from
‘/usr/lib/python2.7/dist-packages/privacyidea/lib/resolvers/SCIMIdResolver.pyc’>
[2016-04-20
23:15:32,379][8697][140242422363904][DEBUG][privacyidea.lib.config:374]
module: <module ‘privacyidea.lib.resolvers.SQLIdResolver’ from
‘/usr/lib/python2.7/dist-packages/privacyidea/lib/resolvers/SQLIdResolver.pyc’>
[2016-04-20
23:15:32,379][8697][140242422363904][DEBUG][privacyidea.lib.config:374]
module: <module ‘privacyidea.lib.resolvers.LDAPIdResolver’ from
‘/usr/lib/python2.7/dist-packages/privacyidea/lib/resolvers/LDAPIdResolver.pyc’>
[2016-04-20
23:15:32,379][8697][140242422363904][DEBUG][privacyidea.lib.resolver:118]
Entering get_resolver_config with arguments (u’zaxis’,) and keywords {}
[2016-04-20
23:15:32,380][8697][140242422363904][DEBUG][privacyidea.lib.resolver:118]
Entering get_resolver_list with arguments () and keywords
{‘filter_resolver_name’: u’zaxis’}
[2016-04-20
23:15:32,388][8697][140242422363904][DEBUG][privacyidea.lib.crypto:118]
Entering decryptPassword with arguments
(u’36fd2ba4d66c46ec3cf27f6d4a6150f9:f6bb0a6c5790e63e252bf7077b4df7cce85b70f14b1d814b3b22a3aaf5fad07e’,)
and keywords {}
[2016-04-20
23:15:32,389][8697][140242422363904][DEBUG][privacyidea.lib.crypto:131]
Exiting decryptPassword with result HIDDEN
[2016-04-20
23:15:32,390][8697][140242422363904][DEBUG][privacyidea.lib.resolver:129]
Exiting get_resolver_list with result {u’zaxis’: {‘data’: {u’BINDDN’:
u’zaxis\administrator’, u’AUTHTYPE’: u’Simple’, u’LDAPFILTER’:
u’(&(sAMAccountName=%s)(objectClass=person))‘, u’LDAPBASE’:
u’cn=users,dc=zaxis,dc=local’, u’LDAPURI’: u’ldap://192.168.56.101’,
u’LDAPSEARCHFILTER’: u’(sAMAccountName=
)(objectClass=person)‘, u’UIDTYPE’:
u’objectGUID’, u’BINDPW’: ‘P@kistan1’, u’USERINFO’: u’{ “username”:
“sAMAccountName”, “phone” : “telephoneNumber”, “mobile” : “mobile”, “email”
: “mail”, “surname” : “sn”, “givenname” : “givenName” }‘, u’TIMEOUT’: u’5’,
u’SIZELIMIT’: u’500’, u’SCOPE’: u’SUBTREE’, u’NOREFERRALS’: u’1’,
u’LOGINNAMEATTRIBUTE’: u’sAMAccountName’}, ‘type’: u’ldapresolver’,
‘resolvername’: u’zaxis’}}
[2016-04-20
23:15:32,391][8697][140242422363904][DEBUG][privacyidea.lib.resolver:129]
Exiting get_resolver_config with result {u’BINDDN’:
u’zaxis\administrator’, u’AUTHTYPE’: u’Simple’, u’LDAPFILTER’:
u’(&(sAMAccountName=%s)(objectClass=person))‘, u’LDAPBASE’:
u’cn=users,dc=zaxis,dc=local’, u’LDAPURI’: u’ldap://192.168.56.101’,
u’LDAPSEARCHFILTER’: u’(sAMAccountName=*)(objectClass=person)‘, u’UIDTYPE’:
u’objectGUID’, u’BINDPW’: ‘P@kistan1’, u’USERINFO’: u’{ “username”:
“sAMAccountName”, “phone” : “telephoneNumber”, “mobile” : “mobile”, “email”
: “mail”, “surname” : “sn”, “givenname” : “givenName” }‘, u’TIMEOUT’: u’5’,
u’SIZELIMIT’: u’500’, u’SCOPE’: u’SUBTREE’, u’NOREFERRALS’: u’1’,
u’LOGINNAMEATTRIBUTE’: u’sAMAccountName’}
[2016-04-20
23:15:32,393][8697][140242422363904][DEBUG][privacyidea.lib.resolver:129]
Exiting get_resolver_object with result
<privacyidea.lib.resolvers.LDAPIdResolver.IdResolver object at
0x7f8c9eaa6050>
[2016-04-20
23:15:32,396][8697][140242422363904][DEBUG][privacyidea.lib.resolvers.LDAPIdResolver:535]
Added 192.168.56.101, None, False to server pool.
[2016-04-20
23:15:32,408][8697][140242422363904][INFO][privacyidea.lib.user:188] user
u’user98’ found in resolver u’zaxis’
[2016-04-20
23:15:32,409][8697][140242422363904][INFO][privacyidea.lib.user:189] userid
resolved to ‘ac7997d2-5271-4e6e-aba1-39874ad601a3’
[2016-04-20
23:15:32,409][8697][140242422363904][DEBUG][privacyidea.lib.user:192]
priority of the resolver is 999
[2016-04-20
23:15:32,409][8697][140242422363904][DEBUG][privacyidea.lib.user:193] The
highest priority is 1000
[2016-04-20
23:15:32,409][8697][140242422363904][DEBUG][privacyidea.lib.user:129]
Exiting User with result user98.zaxis@zaxis
[2016-04-20
23:15:32,471][8697][140242422363904][DEBUG][privacyidea.api.lib.utils:235]
Can not get param: No JSON object could be decoded

Hi.

authentication { “passthru”: “userstore”, “otppin”: “userstore” } [ “zaxis”
] [ “zaxis” ]

i have tried a previous version of PI and there it was working as expected
that WinPassword+TOTP was authenticated by PI.

This is not happening in current release
regards,
zia

Hi,

how does you policy look like?
What behaviour do you expect and what do you see?

Kind regards
CorneliusAm Mittwoch, den 20.04.2016, 10:52 -0700 schrieb Zia-ul-Hassan Siddique:

Hi,
I am trying to test PI on Ubuntu 14.04. TOTP and Psssthru works fine
individually. but in policy {“otppin”: “userstore”}, its not working.
following are the logs of the said operation.

username=user98
domainname=zaxis

[2016-04-20
22:28:43,775][7593][140706888959744][INFO][privacyidea.lib.user:188]
user u’user98’ found in resolver u’zaxis’
[2016-04-20
22:28:43,776][7593][140706888959744][INFO][privacyidea.lib.user:189]
userid resolved to ‘ac7997d2-5271-4e6e-aba1-39874ad601a3’
[2016-04-20
22:28:43,845][7593][140706888959744][INFO][privacyidea.lib.user:188]
user u’user98’ found in resolver u’zaxis’
[2016-04-20
22:28:43,845][7593][140706888959744][INFO][privacyidea.lib.user:189]
userid resolved to ‘ac7997d2-5271-4e6e-aba1-39874ad601a3’
[2016-04-20
22:28:43,889][7593][140706888959744][INFO][privacyidea.lib.user:188]
user u’user98’ found in resolver u’zaxis’
[2016-04-20
22:28:43,890][7593][140706888959744][INFO][privacyidea.lib.user:189]
userid resolved to ‘ac7997d2-5271-4e6e-aba1-39874ad601a3’
[2016-04-20
22:28:43,949][7593][140706888959744][INFO][privacyidea.lib.user:188]
user u’user98’ found in resolver u’zaxis’
[2016-04-20
22:28:43,949][7593][140706888959744][INFO][privacyidea.lib.user:189]
userid resolved to ‘ac7997d2-5271-4e6e-aba1-39874ad601a3’
[2016-04-20
22:28:44,147][7593][140706888959744][INFO][privacyidea.lib.user:328]
User ‘’ from realm u’zaxis’ tries to authenticate
[2016-04-20
22:28:44,174][7593][140706888959744][ERROR][privacyidea.lib.user:344]
The user User(login=u’‘, realm=u’zaxis’, resolver=‘’) exists in NO
resolver.
[2016-04-20
22:28:44,279][7593][140706888959744][INFO][privacyidea.lib.user:328]
User ‘’ from realm u’zaxis’ tries to authenticate
[2016-04-20
22:28:44,312][7593][140706888959744][ERROR][privacyidea.lib.user:344]
The user User(login=u’‘, realm=u’zaxis’, resolver=‘’) exists in NO
resolver.
[2016-04-20
22:28:44,448][7593][140706888959744][INFO][privacyidea.lib.user:188]
user u’user98’ found in resolver u’zaxis’
[2016-04-20
22:28:44,448][7593][140706888959744][INFO][privacyidea.lib.user:189]
userid resolved to ‘ac7997d2-5271-4e6e-aba1-39874ad601a3’
[2016-04-20
22:48:37,158][7593][140707006514944][INFO][privacyidea.lib.user:188]
user u’user98’ found in resolver u’zaxis’
[2016-04-20
22:48:37,159][7593][140707006514944][INFO][privacyidea.lib.user:189]
userid resolved to ‘ac7997d2-5271-4e6e-aba1-39874ad601a3’
[2016-04-20
22:48:37,210][7593][140707006514944][INFO][privacyidea.lib.user:188]
user u’user98’ found in resolver u’zaxis’
[2016-04-20
22:48:37,211][7593][140707006514944][INFO][privacyidea.lib.user:189]
userid resolved to ‘ac7997d2-5271-4e6e-aba1-39874ad601a3’
[2016-04-20
22:48:37,260][7593][140707006514944][INFO][privacyidea.lib.user:188]
user u’user98’ found in resolver u’zaxis’
[2016-04-20
22:48:37,260][7593][140707006514944][INFO][privacyidea.lib.user:189]
userid resolved to ‘ac7997d2-5271-4e6e-aba1-39874ad601a3’
[2016-04-20
22:48:37,299][7593][140707006514944][INFO][privacyidea.lib.user:188]
user u’user98’ found in resolver u’zaxis’
[2016-04-20
22:48:37,299][7593][140707006514944][INFO][privacyidea.lib.user:189]
userid resolved to ‘ac7997d2-5271-4e6e-aba1-39874ad601a3’
[2016-04-20
22:48:37,556][7593][140707006514944][INFO][privacyidea.lib.user:328]
User ‘’ from realm u’zaxis’ tries to authenticate
[2016-04-20
22:48:37,605][7593][140707006514944][ERROR][privacyidea.lib.user:344]
The user User(login=u’‘, realm=u’zaxis’, resolver=‘’) exists in NO
resolver.
[2016-04-20
22:48:37,725][7593][140707006514944][INFO][privacyidea.lib.user:188]
user u’user98’ found in resolver u’zaxis’
[2016-04-20
22:48:37,726][7593][140707006514944][INFO][privacyidea.lib.user:189]
userid resolved to ‘ac7997d2-5271-4e6e-aba1-39874ad601a3’

Pleeeeez help me with this… Thanx
zia


Please read the blog post about getting help
Getting help – privacyID3A.

For professional services and consultancy regarding two factor
authentication please visit
One Time Services - NetKnights - IT-Sicherheit - Zwei-Faktor-Authentisierung - Verschlüsselung

In an enterprise environment you should get a SERVICE LEVEL AGREEMENT
which suites your needs for SECURITY, AVAILABILITY and LIABILITY:
privacyIDEA Support Level

You received this message because you are subscribed to the Google
Groups “privacyidea” group.
To unsubscribe from this group and stop receiving emails from it, send
an email to privacyidea+unsubscribe@googlegroups.com.
To post to this group, send email to privacyidea@googlegroups.com.
Visit this group at https://groups.google.com/group/privacyidea.
To view this discussion on the web visit
https://groups.google.com/d/msgid/privacyidea/1c3a92e0-e772-4e3e-b76a-971d73703096%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


Cornelius Kölbel
@cornelinux
+49 151 2960 1417

NetKnights GmbH
http://www.netknights.it
Landgraf-Karl-Str. 19, 34131 Kassel, Germany
Tel: +49 561 3166797, Fax: +49 561 3166798

Amtsgericht Kassel, HRB 16405
Geschäftsführer: Cornelius Kölbel

signature.asc (836 Bytes)

error on radtest is
rad_recv: Access-Reject packet from host 127.0.0.1 port 1812, id=221,
length=35
Reply-Message = “wrong otp pin”

Total approved auths: 0
Total denied auths: 1
Total lost auths: 0On Thursday, April 21, 2016 at 4:14:50 AM UTC+5, Zia-ul-Hassan Siddique wrote:

Hi.

authentication { “passthru”: “userstore”, “otppin”: “userstore” } [
“zaxis” ] [ “zaxis” ]

i have tried a previous version of PI and there it was working as expected
that WinPassword+TOTP was authenticated by PI.

This is not happening in current release
regards,
zia

Hi Zia,

there are some things you can please do to narrow down your issue:

  1. please check the prepend PIN in the system settings. You could auth
    with either or .

  2. Check if authentication with OTP PIN works. (Remove otppin:userstore)

  3. There is no need to specify the resolver or the realm unless you
    have a complicated setup.

3a. Please remove the resolver from the policy

3b. Please remove the realm from the policy.

Kind regards
CorneliusAm Mittwoch, den 20.04.2016, 16:14 -0700 schrieb Zia-ul-Hassan Siddique:

    Hi.

authentication { “passthru”: “userstore”, “otppin”: “userstore” }
[ “zaxis” ] [ “zaxis” ]

i have tried a previous version of PI and there it was working as
expected that WinPassword+TOTP was authenticated by PI.

This is not happening in current release
regards,
zia

Please read the blog post about getting help
Getting help – privacyID3A.

For professional services and consultancy regarding two factor
authentication please visit
One Time Services - NetKnights - IT-Sicherheit - Zwei-Faktor-Authentisierung - Verschlüsselung

In an enterprise environment you should get a SERVICE LEVEL AGREEMENT
which suites your needs for SECURITY, AVAILABILITY and LIABILITY:
privacyIDEA Support Level

You received this message because you are subscribed to the Google
Groups “privacyidea” group.
To unsubscribe from this group and stop receiving emails from it, send
an email to privacyidea+unsubscribe@googlegroups.com.
To post to this group, send email to privacyidea@googlegroups.com.
Visit this group at https://groups.google.com/group/privacyidea.
To view this discussion on the web visit
https://groups.google.com/d/msgid/privacyidea/4ec957f8-8c80-45eb-886d-0e764d386f03%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


Cornelius Kölbel
@cornelinux
+49 151 2960 1417

NetKnights GmbH
http://www.netknights.it
Landgraf-Karl-Str. 19, 34131 Kassel, Germany
Tel: +49 561 3166797, Fax: +49 561 3166798

Amtsgericht Kassel, HRB 16405
Geschäftsführer: Cornelius Kölbel

signature.asc (836 Bytes)

Hi Ziu,

I can not confirm that LDAP+OTP is not working.

So the question is, what is special at your setup.

I am confused by this error:

11:34:00,006][1226][140569441117952][ERROR][privacyidea.lib.user:344]
The user User(login=u’‘, realm=u’zpi’, resolver=‘’) exists in NO
resolver.

Did you also check via the API in the browser?
…or only via your application.

I you are representing a company you could order half an hour or an hour
remote session.

Kind regards
CorneliusAm Sonntag, den 24.04.2016, 23:43 -0700 schrieb Zia-ul-Hassan Siddique:

Hi,
I have done the guided steps.
PIN+OTP is its default.
LDAP+OTP is not working.
Pasthru works fine and LDAP Authentication is perfect.
i have tried posste append and pre-append, both work with PIN but not
with LDAP when com bined with OTP.

following are the logs

[2016-04-25
11:33:59,710][1226][140569441117952][INFO][privacyidea.lib.user:188]
user u’user3’ found in resolver u’zaxis’
[2016-04-25
11:33:59,711][1226][140569441117952][INFO][privacyidea.lib.user:189]
userid resolved to ‘3210bcb9-f581-4463-ae42-336a7c7392b6’
[2016-04-25
11:33:59,760][1226][140569441117952][INFO][privacyidea.lib.user:188]
user u’user3’ found in resolver u’zaxis’
[2016-04-25
11:33:59,761][1226][140569441117952][INFO][privacyidea.lib.user:189]
userid resolved to ‘3210bcb9-f581-4463-ae42-336a7c7392b6’
[2016-04-25
11:33:59,799][1226][140569441117952][INFO][privacyidea.lib.user:188]
user u’user3’ found in resolver u’zaxis’
[2016-04-25
11:33:59,799][1226][140569441117952][INFO][privacyidea.lib.user:189]
userid resolved to ‘3210bcb9-f581-4463-ae42-336a7c7392b6’
[2016-04-25
11:33:59,842][1226][140569441117952][INFO][privacyidea.lib.user:188]
user u’user3’ found in resolver u’zaxis’
[2016-04-25
11:33:59,842][1226][140569441117952][INFO][privacyidea.lib.user:189]
userid resolved to ‘3210bcb9-f581-4463-ae42-336a7c7392b6’
[2016-04-25
11:33:59,983][1226][140569441117952][INFO][privacyidea.lib.user:328]
User ‘’ from realm u’zpi’ tries to authenticate
[2016-04-25
11:34:00,006][1226][140569441117952][ERROR][privacyidea.lib.user:344]
The user User(login=u’‘, realm=u’zpi’, resolver=‘’) exists in NO
resolver.
[2016-04-25
11:34:00,082][1226][140569441117952][INFO][privacyidea.lib.user:188]
user u’user3’ found in resolver u’zaxis’
[2016-04-25
11:34:00,083][1226][140569441117952][INFO][privacyidea.lib.user:189]
userid resolved to ‘3210bcb9-f581-4463-ae42-336a7c7392b6’
[2016-04-25
11:34:45,484][1226][140569474688768][INFO][privacyidea.lib.user:188]
user u’user3’ found in resolver u’zaxis’
[2016-04-25
11:34:45,484][1226][140569474688768][INFO][privacyidea.lib.user:189]
userid resolved to ‘3210bcb9-f581-4463-ae42-336a7c7392b6’
[2016-04-25
11:34:45,525][1226][140569474688768][INFO][privacyidea.lib.user:188]
user u’user3’ found in resolver u’zaxis’
[2016-04-25
11:34:45,526][1226][140569474688768][INFO][privacyidea.lib.user:189]
userid resolved to ‘3210bcb9-f581-4463-ae42-336a7c7392b6’
[2016-04-25
11:34:45,554][1226][140569474688768][INFO][privacyidea.lib.user:188]
user u’user3’ found in resolver u’zaxis’
[2016-04-25
11:34:45,555][1226][140569474688768][INFO][privacyidea.lib.user:189]
userid resolved to ‘3210bcb9-f581-4463-ae42-336a7c7392b6’
[2016-04-25
11:34:45,589][1226][140569474688768][INFO][privacyidea.lib.user:188]
user u’user3’ found in resolver u’zaxis’
[2016-04-25
11:34:45,590][1226][140569474688768][INFO][privacyidea.lib.user:189]
userid resolved to ‘3210bcb9-f581-4463-ae42-336a7c7392b6’
[2016-04-25
11:34:45,718][1226][140569474688768][INFO][privacyidea.lib.user:328]
User ‘’ from realm u’zpi’ tries to authenticate
[2016-04-25
11:34:45,737][1226][140569474688768][ERROR][privacyidea.lib.user:344]
The user User(login=u’‘, realm=u’zpi’, resolver=‘’) exists in NO
resolver.
[2016-04-25
11:34:45,808][1226][140569474688768][INFO][privacyidea.lib.user:188]
user u’user3’ found in resolver u’zaxis’
[2016-04-25
11:34:45,809][1226][140569474688768][INFO][privacyidea.lib.user:189]
userid resolved to ‘3210bcb9-f581-4463-ae42-336a7c7392b6’

I have used Ubuntu packages to install and configure as directed in
“Documents”.

Please help me in this regard,
Zia

On Thursday, April 21, 2016 at 2:22:25 PM UTC+5, Cornelius Kölbel wrote:
Hi Zia,

    there are some things you can please do to narrow down your
    issue: 
    
    1. please check the prepend PIN in the system settings. You
    could auth 
       with either <WinPW><OTP> or <OTP><WinPW>. 
    
    2. Check if authentication with OTP PIN works. (Remove
    otppin:userstore) 
    
    3. There is no need to specify the resolver or the realm
    unless you 
       have a complicated setup. 
    
    3a. Please remove the resolver from the policy 
    
    3b. Please remove the realm from the policy. 
    
    Kind regards 
    Cornelius 
    
    Am Mittwoch, den 20.04.2016, 16:14 -0700 schrieb Zia-ul-Hassan
    Siddique: 
    >         Hi. 
    > authentication { "passthru": "userstore", "otppin":
    "userstore" } 
    > [ "zaxis" ] [] [ "zaxis" ] [] 
    > 
    > 
    > i have tried a previous version of PI and there it was
    working as 
    > expected that WinPassword+TOTP was authenticated by PI. 
    > 
    > 
    > This is not happening in  current release 
    > regards, 
    > zia 
    > -- 
    > Please read the blog post about getting help 
    > https://www.privacyidea.org/getting-help/. 
    >   
    > For professional services and consultancy regarding two
    factor 
    > authentication please visit 
    > https://netknights.it/en/leistungen/one-time-services/ 
    >   
    > In an enterprise environment you should get a SERVICE LEVEL
    AGREEMENT 
    > which suites your needs for SECURITY, AVAILABILITY and
    LIABILITY: 
    >
    https://netknights.it/en/leistungen/service-level-agreements/ 
    > --- 
    > You received this message because you are subscribed to the
    Google 
    > Groups "privacyidea" group. 
    > To unsubscribe from this group and stop receiving emails
    from it, send 
    > an email to privacyidea...@googlegroups.com. 
    > To post to this group, send email to
    priva...@googlegroups.com. 
    > Visit this group at
    https://groups.google.com/group/privacyidea. 
    > To view this discussion on the web visit 
    >
    https://groups.google.com/d/msgid/privacyidea/4ec957f8-8c80-45eb-886d-0e764d386f03%40googlegroups.com. 
    > For more options, visit https://groups.google.com/d/optout. 
    
    -- 
    Cornelius Kölbel 
    corneliu...@netknights.it 
    +49 151 2960 1417 
    
    NetKnights GmbH 
    http://www.netknights.it 
    Landgraf-Karl-Str. 19, 34131 Kassel, Germany 
    Tel: +49 561 3166797, Fax: +49 561 3166798 
    
    Amtsgericht Kassel, HRB 16405 
    Geschäftsführer: Cornelius Kölbel 


Please read the blog post about getting help
Getting help – privacyID3A.

For professional services and consultancy regarding two factor
authentication please visit
One Time Services - NetKnights - IT-Sicherheit - Zwei-Faktor-Authentisierung - Verschlüsselung

In an enterprise environment you should get a SERVICE LEVEL AGREEMENT
which suites your needs for SECURITY, AVAILABILITY and LIABILITY:
privacyIDEA Support Level

You received this message because you are subscribed to the Google
Groups “privacyidea” group.
To unsubscribe from this group and stop receiving emails from it, send
an email to privacyidea+unsubscribe@googlegroups.com.
To post to this group, send email to privacyidea@googlegroups.com.
Visit this group at https://groups.google.com/group/privacyidea.
To view this discussion on the web visit
https://groups.google.com/d/msgid/privacyidea/d01b2cdc-6451-4640-b996-3a7e23c9594b%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


Cornelius Kölbel
@cornelinux
+49 151 2960 1417

NetKnights GmbH
http://www.netknights.it
Landgraf-Karl-Str. 19, 34131 Kassel, Germany
Tel: +49 561 3166797, Fax: +49 561 3166798

Amtsgericht Kassel, HRB 16405
Geschäftsführer: Cornelius Kölbel

signature.asc (836 Bytes)

Hi,
I have done the guided steps.
PIN+OTP is its default.
LDAP+OTP is not working.
Pasthru works fine and LDAP Authentication is perfect.
i have tried posste append and pre-append, both work with PIN but not with
LDAP when com bined with OTP.

following are the logs

[2016-04-25
11:33:59,710][1226][140569441117952][INFO][privacyidea.lib.user:188] user
u’user3’ found in resolver u’zaxis’
[2016-04-25
11:33:59,711][1226][140569441117952][INFO][privacyidea.lib.user:189] userid
resolved to ‘3210bcb9-f581-4463-ae42-336a7c7392b6’
[2016-04-25
11:33:59,760][1226][140569441117952][INFO][privacyidea.lib.user:188] user
u’user3’ found in resolver u’zaxis’
[2016-04-25
11:33:59,761][1226][140569441117952][INFO][privacyidea.lib.user:189] userid
resolved to ‘3210bcb9-f581-4463-ae42-336a7c7392b6’
[2016-04-25
11:33:59,799][1226][140569441117952][INFO][privacyidea.lib.user:188] user
u’user3’ found in resolver u’zaxis’
[2016-04-25
11:33:59,799][1226][140569441117952][INFO][privacyidea.lib.user:189] userid
resolved to ‘3210bcb9-f581-4463-ae42-336a7c7392b6’
[2016-04-25
11:33:59,842][1226][140569441117952][INFO][privacyidea.lib.user:188] user
u’user3’ found in resolver u’zaxis’
[2016-04-25
11:33:59,842][1226][140569441117952][INFO][privacyidea.lib.user:189] userid
resolved to ‘3210bcb9-f581-4463-ae42-336a7c7392b6’
[2016-04-25
11:33:59,983][1226][140569441117952][INFO][privacyidea.lib.user:328] User
‘’ from realm u’zpi’ tries to authenticate
[2016-04-25
11:34:00,006][1226][140569441117952][ERROR][privacyidea.lib.user:344] The
user User(login=u’‘, realm=u’zpi’, resolver=‘’) exists in NO resolver.
[2016-04-25
11:34:00,082][1226][140569441117952][INFO][privacyidea.lib.user:188] user
u’user3’ found in resolver u’zaxis’
[2016-04-25
11:34:00,083][1226][140569441117952][INFO][privacyidea.lib.user:189] userid
resolved to ‘3210bcb9-f581-4463-ae42-336a7c7392b6’
[2016-04-25
11:34:45,484][1226][140569474688768][INFO][privacyidea.lib.user:188] user
u’user3’ found in resolver u’zaxis’
[2016-04-25
11:34:45,484][1226][140569474688768][INFO][privacyidea.lib.user:189] userid
resolved to ‘3210bcb9-f581-4463-ae42-336a7c7392b6’
[2016-04-25
11:34:45,525][1226][140569474688768][INFO][privacyidea.lib.user:188] user
u’user3’ found in resolver u’zaxis’
[2016-04-25
11:34:45,526][1226][140569474688768][INFO][privacyidea.lib.user:189] userid
resolved to ‘3210bcb9-f581-4463-ae42-336a7c7392b6’
[2016-04-25
11:34:45,554][1226][140569474688768][INFO][privacyidea.lib.user:188] user
u’user3’ found in resolver u’zaxis’
[2016-04-25
11:34:45,555][1226][140569474688768][INFO][privacyidea.lib.user:189] userid
resolved to ‘3210bcb9-f581-4463-ae42-336a7c7392b6’
[2016-04-25
11:34:45,589][1226][140569474688768][INFO][privacyidea.lib.user:188] user
u’user3’ found in resolver u’zaxis’
[2016-04-25
11:34:45,590][1226][140569474688768][INFO][privacyidea.lib.user:189] userid
resolved to ‘3210bcb9-f581-4463-ae42-336a7c7392b6’
[2016-04-25
11:34:45,718][1226][140569474688768][INFO][privacyidea.lib.user:328] User
‘’ from realm u’zpi’ tries to authenticate
[2016-04-25
11:34:45,737][1226][140569474688768][ERROR][privacyidea.lib.user:344] The
user User(login=u’‘, realm=u’zpi’, resolver=‘’) exists in NO resolver.
[2016-04-25
11:34:45,808][1226][140569474688768][INFO][privacyidea.lib.user:188] user
u’user3’ found in resolver u’zaxis’
[2016-04-25
11:34:45,809][1226][140569474688768][INFO][privacyidea.lib.user:189] userid
resolved to ‘3210bcb9-f581-4463-ae42-336a7c7392b6’

I have used Ubuntu packages to install and configure as directed in
“Documents”.

Please help me in this regard,
ZiaOn Thursday, April 21, 2016 at 2:22:25 PM UTC+5, Cornelius Kölbel wrote:

Hi Zia,

there are some things you can please do to narrow down your issue:

  1. please check the prepend PIN in the system settings. You could auth
    with either or .

  2. Check if authentication with OTP PIN works. (Remove otppin:userstore)

  3. There is no need to specify the resolver or the realm unless you
    have a complicated setup.

3a. Please remove the resolver from the policy

3b. Please remove the realm from the policy.

Kind regards
Cornelius

Am Mittwoch, den 20.04.2016, 16:14 -0700 schrieb Zia-ul-Hassan Siddique:

    Hi. 

authentication { “passthru”: “userstore”, “otppin”: “userstore” }
[ “zaxis” ] [ “zaxis” ]

i have tried a previous version of PI and there it was working as
expected that WinPassword+TOTP was authenticated by PI.

This is not happening in current release
regards,
zia

Please read the blog post about getting help
Getting help – privacyID3A.

For professional services and consultancy regarding two factor
authentication please visit
One Time Services - NetKnights - IT-Sicherheit - Zwei-Faktor-Authentisierung - Verschlüsselung

In an enterprise environment you should get a SERVICE LEVEL AGREEMENT
which suites your needs for SECURITY, AVAILABILITY and LIABILITY:
privacyIDEA Support Level

You received this message because you are subscribed to the Google
Groups “privacyidea” group.
To unsubscribe from this group and stop receiving emails from it, send
an email to privacyidea...@googlegroups.com <javascript:>.
To post to this group, send email to priva...@googlegroups.com
<javascript:>.
Visit this group at https://groups.google.com/group/privacyidea.
To view this discussion on the web visit

https://groups.google.com/d/msgid/privacyidea/4ec957f8-8c80-45eb-886d-0e764d386f03%40googlegroups.com.

For more options, visit https://groups.google.com/d/optout.


Cornelius Kölbel
corneliu…@netknights.it <javascript:>
+49 151 2960 1417

NetKnights GmbH
http://www.netknights.it
Landgraf-Karl-Str. 19, 34131 Kassel, Germany
Tel: +49 561 3166797, Fax: +49 561 3166798

Amtsgericht Kassel, HRB 16405
Geschäftsführer: Cornelius Kölbel

Hi Zia,

unforutnately you did not answer my question.
It is hard to help you, if I only get 50% of information I requested.
This is why the best way is, to take a look at it.

Your problem is uncommon and not reproducable. You are having an error
in the log, which usually would not occur! So we need to take the look.
(Or you need to dig into it yourself. My crystal ball is broken)
I very much assume, that you configured something wrong.
Honestly, what are you expecting with the information you are providing?

Get a workshop. In a remote session in a non-sensitive environment. Then
we might realize, what was misconfigured.

Kind regards
CorneliusAm Dienstag, den 26.04.2016, 06:44 -0700 schrieb Zia-ul-Hassan Siddique:

I am doing a PoC install which may lead different sensitive institutes
to deploy and hence get SLA at larg scale if PoC is proven to them.
Purchasing remote access support is currently out of scope due to
access level restrictions of the environment till higher Ops are
willing to deploy it in production.

I have tried the same with web based “Tocken Check” option in PI Web
page… Results was “wrong OTP Pin”.
Is it possible to deploy older versions of PI for R&D for comparative
analysis?

Best Regards,
Zia

On Monday, April 25, 2016 at 1:30:03 PM UTC+5, Cornelius Kölbel wrote:
Hi Ziu,

    I can not confirm that LDAP+OTP is not working. 
    
    So the question is, what is special at your setup. 
    
    I am confused by this error: 
    
    11:34:00,006][1226][140569441117952][ERROR][privacyidea.lib.user:344] 
    The user User(login=u'', realm=u'zpi', resolver='') exists in
    NO 
    resolver. 
    
    Did you also check via the API in the browser? 
    ...or only via your application. 
    
    I you are representing a company you could order half an hour
    or an hour 
    remote session. 
    
    Kind regards 
    Cornelius 
    
    
    Am Sonntag, den 24.04.2016, 23:43 -0700 schrieb Zia-ul-Hassan
    Siddique: 
    > Hi, 
    >  I have done the guided steps. 
    > PIN+OTP is its default. 
    > LDAP+OTP is not working. 
    > Pasthru works fine and LDAP Authentication is perfect. 
    > i have tried posste append and pre-append, both work with
    PIN but not 
    > with LDAP when com bined with OTP. 
    > 
    > 
    > following are the logs 
    > 
    > 
    > [2016-04-25 
    >
    11:33:59,710][1226][140569441117952][INFO][privacyidea.lib.user:188] 
    > user u'user3' found in resolver u'zaxis' 
    > [2016-04-25 
    >
    11:33:59,711][1226][140569441117952][INFO][privacyidea.lib.user:189] 
    > userid resolved to '3210bcb9-f581-4463-ae42-336a7c7392b6' 
    > [2016-04-25 
    >
    11:33:59,760][1226][140569441117952][INFO][privacyidea.lib.user:188] 
    > user u'user3' found in resolver u'zaxis' 
    > [2016-04-25 
    >
    11:33:59,761][1226][140569441117952][INFO][privacyidea.lib.user:189] 
    > userid resolved to '3210bcb9-f581-4463-ae42-336a7c7392b6' 
    > [2016-04-25 
    >
    11:33:59,799][1226][140569441117952][INFO][privacyidea.lib.user:188] 
    > user u'user3' found in resolver u'zaxis' 
    > [2016-04-25 
    >
    11:33:59,799][1226][140569441117952][INFO][privacyidea.lib.user:189] 
    > userid resolved to '3210bcb9-f581-4463-ae42-336a7c7392b6' 
    > [2016-04-25 
    >
    11:33:59,842][1226][140569441117952][INFO][privacyidea.lib.user:188] 
    > user u'user3' found in resolver u'zaxis' 
    > [2016-04-25 
    >
    11:33:59,842][1226][140569441117952][INFO][privacyidea.lib.user:189] 
    > userid resolved to '3210bcb9-f581-4463-ae42-336a7c7392b6' 
    > [2016-04-25 
    >
    11:33:59,983][1226][140569441117952][INFO][privacyidea.lib.user:328] 
    > User '' from realm u'zpi' tries to authenticate 
    > [2016-04-25 
    >
    11:34:00,006][1226][140569441117952][ERROR][privacyidea.lib.user:344] 
    > The user User(login=u'', realm=u'zpi', resolver='') exists
    in NO 
    > resolver. 
    > [2016-04-25 
    >
    11:34:00,082][1226][140569441117952][INFO][privacyidea.lib.user:188] 
    > user u'user3' found in resolver u'zaxis' 
    > [2016-04-25 
    >
    11:34:00,083][1226][140569441117952][INFO][privacyidea.lib.user:189] 
    > userid resolved to '3210bcb9-f581-4463-ae42-336a7c7392b6' 
    > [2016-04-25 
    >
    11:34:45,484][1226][140569474688768][INFO][privacyidea.lib.user:188] 
    > user u'user3' found in resolver u'zaxis' 
    > [2016-04-25 
    >
    11:34:45,484][1226][140569474688768][INFO][privacyidea.lib.user:189] 
    > userid resolved to '3210bcb9-f581-4463-ae42-336a7c7392b6' 
    > [2016-04-25 
    >
    11:34:45,525][1226][140569474688768][INFO][privacyidea.lib.user:188] 
    > user u'user3' found in resolver u'zaxis' 
    > [2016-04-25 
    >
    11:34:45,526][1226][140569474688768][INFO][privacyidea.lib.user:189] 
    > userid resolved to '3210bcb9-f581-4463-ae42-336a7c7392b6' 
    > [2016-04-25 
    >
    11:34:45,554][1226][140569474688768][INFO][privacyidea.lib.user:188] 
    > user u'user3' found in resolver u'zaxis' 
    > [2016-04-25 
    >
    11:34:45,555][1226][140569474688768][INFO][privacyidea.lib.user:189] 
    > userid resolved to '3210bcb9-f581-4463-ae42-336a7c7392b6' 
    > [2016-04-25 
    >
    11:34:45,589][1226][140569474688768][INFO][privacyidea.lib.user:188] 
    > user u'user3' found in resolver u'zaxis' 
    > [2016-04-25 
    >
    11:34:45,590][1226][140569474688768][INFO][privacyidea.lib.user:189] 
    > userid resolved to '3210bcb9-f581-4463-ae42-336a7c7392b6' 
    > [2016-04-25 
    >
    11:34:45,718][1226][140569474688768][INFO][privacyidea.lib.user:328] 
    > User '' from realm u'zpi' tries to authenticate 
    > [2016-04-25 
    >
    11:34:45,737][1226][140569474688768][ERROR][privacyidea.lib.user:344] 
    > The user User(login=u'', realm=u'zpi', resolver='') exists
    in NO 
    > resolver. 
    > [2016-04-25 
    >
    11:34:45,808][1226][140569474688768][INFO][privacyidea.lib.user:188] 
    > user u'user3' found in resolver u'zaxis' 
    > [2016-04-25 
    >
    11:34:45,809][1226][140569474688768][INFO][privacyidea.lib.user:189] 
    > userid resolved to '3210bcb9-f581-4463-ae42-336a7c7392b6' 
    > 
    > 
    > I have used Ubuntu packages to install and configure as
    directed in 
    > "Documents". 
    > 
    > 
    > 
    > 
    > Please help me in this regard, 
    > Zia 
    > 
    > 
    > 
    > 
    > On Thursday, April 21, 2016 at 2:22:25 PM UTC+5, Cornelius Kölbel  wrote: 
    >         Hi Zia, 
    >         
    >         there are some things you can please do to narrow
    down your 
    >         issue: 
    >         
    >         1. please check the prepend PIN in the system
    settings. You 
    >         could auth 
    >            with either <WinPW><OTP> or <OTP><WinPW>. 
    >         
    >         2. Check if authentication with OTP PIN works.
    (Remove 
    >         otppin:userstore) 
    >         
    >         3. There is no need to specify the resolver or the
    realm 
    >         unless you 
    >            have a complicated setup. 
    >         
    >         3a. Please remove the resolver from the policy 
    >         
    >         3b. Please remove the realm from the policy. 
    >         
    >         Kind regards 
    >         Cornelius 
    >         
    >         Am Mittwoch, den 20.04.2016, 16:14 -0700 schrieb
    Zia-ul-Hassan 
    >         Siddique: 
    >         >         Hi. 
    >         > authentication { "passthru": "userstore",
    "otppin": 
    >         "userstore" } 
    >         > [ "zaxis" ] [] [ "zaxis" ] [] 
    >         > 
    >         > 
    >         > i have tried a previous version of PI and there it
    was 
    >         working as 
    >         > expected that WinPassword+TOTP was authenticated
    by PI. 
    >         > 
    >         > 
    >         > This is not happening in  current release 
    >         > regards, 
    >         > zia 
    >         > -- 
    >         > Please read the blog post about getting help 
    >         > https://www.privacyidea.org/getting-help/. 
    >         >   
    >         > For professional services and consultancy
    regarding two 
    >         factor 
    >         > authentication please visit 
    >         >
    https://netknights.it/en/leistungen/one-time-services/ 
    >         >   
    >         > In an enterprise environment you should get a
    SERVICE LEVEL 
    >         AGREEMENT 
    >         > which suites your needs for SECURITY, AVAILABILITY
    and 
    >         LIABILITY: 
    >         > 
    >
    https://netknights.it/en/leistungen/service-level-agreements/ 
    >         > --- 
    >         > You received this message because you are
    subscribed to the 
    >         Google 
    >         > Groups "privacyidea" group. 
    >         > To unsubscribe from this group and stop receiving
    emails 
    >         from it, send 
    >         > an email to privacyidea...@googlegroups.com. 
    >         > To post to this group, send email to 
    >         priva...@googlegroups.com. 
    >         > Visit this group at 
    >         https://groups.google.com/group/privacyidea. 
    >         > To view this discussion on the web visit 
    >         > 
    >
    https://groups.google.com/d/msgid/privacyidea/4ec957f8-8c80-45eb-886d-0e764d386f03%40googlegroups.com. 
    >         > For more options, visit
    https://groups.google.com/d/optout. 
    >         
    >         -- 
    >         Cornelius Kölbel 
    >         corneliu...@netknights.it 
    >         +49 151 2960 1417 
    >         
    >         NetKnights GmbH 
    >         http://www.netknights.it 
    >         Landgraf-Karl-Str. 19, 34131 Kassel, Germany 
    >         Tel: +49 561 3166797, Fax: +49 561 3166798 
    >         
    >         Amtsgericht Kassel, HRB 16405 
    >         Geschäftsführer: Cornelius Kölbel 
    >         
    >         
    > -- 
    > Please read the blog post about getting help 
    > https://www.privacyidea.org/getting-help/. 
    >   
    > For professional services and consultancy regarding two
    factor 
    > authentication please visit 
    > https://netknights.it/en/leistungen/one-time-services/ 
    >   
    > In an enterprise environment you should get a SERVICE LEVEL
    AGREEMENT 
    > which suites your needs for SECURITY, AVAILABILITY and
    LIABILITY: 
    >
    https://netknights.it/en/leistungen/service-level-agreements/ 
    > --- 
    > You received this message because you are subscribed to the
    Google 
    > Groups "privacyidea" group. 
    > To unsubscribe from this group and stop receiving emails
    from it, send 
    > an email to privacyidea...@googlegroups.com. 
    > To post to this group, send email to
    priva...@googlegroups.com. 
    > Visit this group at
    https://groups.google.com/group/privacyidea. 
    > To view this discussion on the web visit 
    >
    https://groups.google.com/d/msgid/privacyidea/d01b2cdc-6451-4640-b996-3a7e23c9594b%40googlegroups.com. 
    > For more options, visit https://groups.google.com/d/optout. 
    
    -- 
    Cornelius Kölbel 
    corneliu...@netknights.it 
    +49 151 2960 1417 
    
    NetKnights GmbH 
    http://www.netknights.it 
    Landgraf-Karl-Str. 19, 34131 Kassel, Germany 
    Tel: +49 561 3166797, Fax: +49 561 3166798 
    
    Amtsgericht Kassel, HRB 16405 
    Geschäftsführer: Cornelius Kölbel 


Please read the blog post about getting help
Getting help – privacyID3A.

For professional services and consultancy regarding two factor
authentication please visit
One Time Services - NetKnights - IT-Sicherheit - Zwei-Faktor-Authentisierung - Verschlüsselung

In an enterprise environment you should get a SERVICE LEVEL AGREEMENT
which suites your needs for SECURITY, AVAILABILITY and LIABILITY:
privacyIDEA Support Level

You received this message because you are subscribed to the Google
Groups “privacyidea” group.
To unsubscribe from this group and stop receiving emails from it, send
an email to privacyidea+unsubscribe@googlegroups.com.
To post to this group, send email to privacyidea@googlegroups.com.
Visit this group at https://groups.google.com/group/privacyidea.
To view this discussion on the web visit
https://groups.google.com/d/msgid/privacyidea/64a4c599-6cf2-4080-9df1-3316f8464329%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


Cornelius Kölbel
@cornelinux
+49 151 2960 1417

NetKnights GmbH
http://www.netknights.it
Landgraf-Karl-Str. 19, 34131 Kassel, Germany
Tel: +49 561 3166797, Fax: +49 561 3166798

Amtsgericht Kassel, HRB 16405
Geschäftsführer: Cornelius Kölbel

signature.asc (836 Bytes)

I am doing a PoC install which may lead different sensitive institutes to
deploy and hence get SLA at larg scale if PoC is proven to them.
Purchasing remote access support is currently out of scope due to access
level restrictions of the environment till higher Ops are willing to deploy
it in production.

I have tried the same with web based “Tocken Check” option in PI Web
page… Results was “wrong OTP Pin”.
Is it possible to deploy older versions of PI for R&D for comparative
analysis?

Best Regards,
ZiaOn Monday, April 25, 2016 at 1:30:03 PM UTC+5, Cornelius Kölbel wrote:

Hi Ziu,

I can not confirm that LDAP+OTP is not working.

So the question is, what is special at your setup.

I am confused by this error:

11:34:00,006][1226][140569441117952][ERROR][privacyidea.lib.user:344]
The user User(login=u’‘, realm=u’zpi’, resolver=‘’) exists in NO
resolver.

Did you also check via the API in the browser?
…or only via your application.

I you are representing a company you could order half an hour or an hour
remote session.

Kind regards
Cornelius

Am Sonntag, den 24.04.2016, 23:43 -0700 schrieb Zia-ul-Hassan Siddique:

Hi,
I have done the guided steps.
PIN+OTP is its default.
LDAP+OTP is not working.
Pasthru works fine and LDAP Authentication is perfect.
i have tried posste append and pre-append, both work with PIN but not
with LDAP when com bined with OTP.

following are the logs

[2016-04-25
11:33:59,710][1226][140569441117952][INFO][privacyidea.lib.user:188]
user u’user3’ found in resolver u’zaxis’
[2016-04-25
11:33:59,711][1226][140569441117952][INFO][privacyidea.lib.user:189]
userid resolved to ‘3210bcb9-f581-4463-ae42-336a7c7392b6’
[2016-04-25
11:33:59,760][1226][140569441117952][INFO][privacyidea.lib.user:188]
user u’user3’ found in resolver u’zaxis’
[2016-04-25
11:33:59,761][1226][140569441117952][INFO][privacyidea.lib.user:189]
userid resolved to ‘3210bcb9-f581-4463-ae42-336a7c7392b6’
[2016-04-25
11:33:59,799][1226][140569441117952][INFO][privacyidea.lib.user:188]
user u’user3’ found in resolver u’zaxis’
[2016-04-25
11:33:59,799][1226][140569441117952][INFO][privacyidea.lib.user:189]
userid resolved to ‘3210bcb9-f581-4463-ae42-336a7c7392b6’
[2016-04-25
11:33:59,842][1226][140569441117952][INFO][privacyidea.lib.user:188]
user u’user3’ found in resolver u’zaxis’
[2016-04-25
11:33:59,842][1226][140569441117952][INFO][privacyidea.lib.user:189]
userid resolved to ‘3210bcb9-f581-4463-ae42-336a7c7392b6’
[2016-04-25
11:33:59,983][1226][140569441117952][INFO][privacyidea.lib.user:328]
User ‘’ from realm u’zpi’ tries to authenticate
[2016-04-25
11:34:00,006][1226][140569441117952][ERROR][privacyidea.lib.user:344]
The user User(login=u’‘, realm=u’zpi’, resolver=‘’) exists in NO
resolver.
[2016-04-25
11:34:00,082][1226][140569441117952][INFO][privacyidea.lib.user:188]
user u’user3’ found in resolver u’zaxis’
[2016-04-25
11:34:00,083][1226][140569441117952][INFO][privacyidea.lib.user:189]
userid resolved to ‘3210bcb9-f581-4463-ae42-336a7c7392b6’
[2016-04-25
11:34:45,484][1226][140569474688768][INFO][privacyidea.lib.user:188]
user u’user3’ found in resolver u’zaxis’
[2016-04-25
11:34:45,484][1226][140569474688768][INFO][privacyidea.lib.user:189]
userid resolved to ‘3210bcb9-f581-4463-ae42-336a7c7392b6’
[2016-04-25
11:34:45,525][1226][140569474688768][INFO][privacyidea.lib.user:188]
user u’user3’ found in resolver u’zaxis’
[2016-04-25
11:34:45,526][1226][140569474688768][INFO][privacyidea.lib.user:189]
userid resolved to ‘3210bcb9-f581-4463-ae42-336a7c7392b6’
[2016-04-25
11:34:45,554][1226][140569474688768][INFO][privacyidea.lib.user:188]
user u’user3’ found in resolver u’zaxis’
[2016-04-25
11:34:45,555][1226][140569474688768][INFO][privacyidea.lib.user:189]
userid resolved to ‘3210bcb9-f581-4463-ae42-336a7c7392b6’
[2016-04-25
11:34:45,589][1226][140569474688768][INFO][privacyidea.lib.user:188]
user u’user3’ found in resolver u’zaxis’
[2016-04-25
11:34:45,590][1226][140569474688768][INFO][privacyidea.lib.user:189]
userid resolved to ‘3210bcb9-f581-4463-ae42-336a7c7392b6’
[2016-04-25
11:34:45,718][1226][140569474688768][INFO][privacyidea.lib.user:328]
User ‘’ from realm u’zpi’ tries to authenticate
[2016-04-25
11:34:45,737][1226][140569474688768][ERROR][privacyidea.lib.user:344]
The user User(login=u’‘, realm=u’zpi’, resolver=‘’) exists in NO
resolver.
[2016-04-25
11:34:45,808][1226][140569474688768][INFO][privacyidea.lib.user:188]
user u’user3’ found in resolver u’zaxis’
[2016-04-25
11:34:45,809][1226][140569474688768][INFO][privacyidea.lib.user:189]
userid resolved to ‘3210bcb9-f581-4463-ae42-336a7c7392b6’

I have used Ubuntu packages to install and configure as directed in
“Documents”.

Please help me in this regard,
Zia

On Thursday, April 21, 2016 at 2:22:25 PM UTC+5, Cornelius Kölbel wrote:
Hi Zia,

    there are some things you can please do to narrow down your 
    issue: 
    
    1. please check the prepend PIN in the system settings. You 
    could auth 
       with either <WinPW><OTP> or <OTP><WinPW>. 
    
    2. Check if authentication with OTP PIN works. (Remove 
    otppin:userstore) 
    
    3. There is no need to specify the resolver or the realm 
    unless you 
       have a complicated setup. 
    
    3a. Please remove the resolver from the policy 
    
    3b. Please remove the realm from the policy. 
    
    Kind regards 
    Cornelius 
    
    Am Mittwoch, den 20.04.2016, 16:14 -0700 schrieb Zia-ul-Hassan 
    Siddique: 
    >         Hi. 
    > authentication { "passthru": "userstore", "otppin": 
    "userstore" } 
    > [ "zaxis" ] [] [ "zaxis" ] [] 
    > 
    > 
    > i have tried a previous version of PI and there it was 
    working as 
    > expected that WinPassword+TOTP was authenticated by PI. 
    > 
    > 
    > This is not happening in  current release 
    > regards, 
    > zia 
    > -- 
    > Please read the blog post about getting help 
    > https://www.privacyidea.org/getting-help/. 
    >   
    > For professional services and consultancy regarding two 
    factor 
    > authentication please visit 
    > https://netknights.it/en/leistungen/one-time-services/ 
    >   
    > In an enterprise environment you should get a SERVICE LEVEL 
    AGREEMENT 
    > which suites your needs for SECURITY, AVAILABILITY and 
    LIABILITY: 
    > 
    https://netknights.it/en/leistungen/service-level-agreements/ 
    > --- 
    > You received this message because you are subscribed to the 
    Google 
    > Groups "privacyidea" group. 
    > To unsubscribe from this group and stop receiving emails 
    from it, send 
    > an email to privacyidea...@googlegroups.com. 
    > To post to this group, send email to 
    priva...@googlegroups.com. 
    > Visit this group at 
    https://groups.google.com/group/privacyidea. 
    > To view this discussion on the web visit 
    > 

https://groups.google.com/d/msgid/privacyidea/4ec957f8-8c80-45eb-886d-0e764d386f03%40googlegroups.com.

    > For more options, visit https://groups.google.com/d/optout. 
    
    -- 
    Cornelius Kölbel 
    corneliu...@netknights.it 
    +49 151 2960 1417 
    
    NetKnights GmbH 
    http://www.netknights.it 
    Landgraf-Karl-Str. 19, 34131 Kassel, Germany 
    Tel: +49 561 3166797, Fax: +49 561 3166798 
    
    Amtsgericht Kassel, HRB 16405 
    Geschäftsführer: Cornelius Kölbel 


Please read the blog post about getting help
Getting help – privacyID3A.

For professional services and consultancy regarding two factor
authentication please visit
One Time Services - NetKnights - IT-Sicherheit - Zwei-Faktor-Authentisierung - Verschlüsselung

In an enterprise environment you should get a SERVICE LEVEL AGREEMENT
which suites your needs for SECURITY, AVAILABILITY and LIABILITY:
privacyIDEA Support Level

You received this message because you are subscribed to the Google
Groups “privacyidea” group.
To unsubscribe from this group and stop receiving emails from it, send
an email to privacyidea...@googlegroups.com <javascript:>.
To post to this group, send email to priva...@googlegroups.com
<javascript:>.
Visit this group at https://groups.google.com/group/privacyidea.
To view this discussion on the web visit

https://groups.google.com/d/msgid/privacyidea/d01b2cdc-6451-4640-b996-3a7e23c9594b%40googlegroups.com.

For more options, visit https://groups.google.com/d/optout.


Cornelius Kölbel
corneliu…@netknights.it <javascript:>
+49 151 2960 1417

NetKnights GmbH
http://www.netknights.it
Landgraf-Karl-Str. 19, 34131 Kassel, Germany
Tel: +49 561 3166797, Fax: +49 561 3166798

Amtsgericht Kassel, HRB 16405
Geschäftsführer: Cornelius Kölbel

Dear Cornelius,

I admire your patience and content support. I have tried pi-manage validate
option which works fine with following console output.
Using PI_LOGFILE /var/log/privacyidea/privacyidea.log.

         _                    _______  _______

___ () _____ _______ __/ / _ / __/ _ |
/ _ / __/ / |/ / _ `/ / // // // // / _// __ |
/ .
/
/ /
/|
/_,/_/_, ///// ||
/
/ /___/

/usr/lib/python2.7/dist-packages/sqlalchemy/engine/default.py:459:
SAWarning: Unicode type received non-unicode bind param value
param.append(processorskey)
RESULT=True
DETAILS={‘serial’: u’TOTP0000B35A’, ‘type’: u’totp’, ‘message’: ‘matching 1
tokens’}
root@authz:~#

but this is not in case if i try same login via radius. However radius
works fine with pasthru or tpin+otp but causes trouble only with ADPASS+OTP--------------------------
i have tried ubuntu lts 14.04 and PI with apache2…

Should i try some other OS or Install method?

Kind Regards,
Zia

[2016-05-02
17:31:00,898][1956][139634842126144][DEBUG][privacyidea.models:118]
Entering get_otpkey with arguments (<<class ‘privacyidea.models.Token’>
{“‘active’”: ‘True’, “‘count_window’”: ‘20L’, “‘key_enc’”:
“u’0c9b6517a5838f66ec3480148371b8e2a1ba454132d49d95f9afaf7f8eb85ca4068e952659e788ace4f339b4b494c130e5f212a60ed8fad4b7784013b498c049c465333e5bc12cef8aedc614b2f530ba347bd13322c8d934489e9a9e098b5a25’”,
“‘pin_hash’”:
“u’45c72af9c5fde577372ab4dd9dfaadd7e12f0bdf8e131268d3ce5440a77c7929’”,
“‘so_pin’”: “u’'”, “‘user_id’”: “u’4660a08f-af03-453c-9f2e-f93ddf7cb8a3’”,
“‘otplen’”: ‘6L’, “‘so_pin_iv’”: “u’'”, “‘serial’”: “u’TOTP0000B35A’”,
“‘revoked’”: ‘False’, “‘locked’”: ‘False’, “‘maxfail’”: ‘1000L’,
“‘realm_list’”: ‘[<privacyidea.models.TokenRealm object at
0x7eff34982e50>]’, “‘count’”: ‘48737514L’, “‘pin_seed’”:
“u’a4c108baf9695ce91bed8e9b0780285b’”, “‘sync_window’”: ‘1000L’,
“‘description’”: “u’'”, “‘resolver_type’”: “u’ldapresolver’”,
“‘user_pin_iv’”: “u’'”, “‘user_pin’”: “u’'”, “‘rollout_state’”: “u’'”,
“‘failcount’”: ‘6L’, “‘_sa_instance_state’”:
‘<sqlalchemy.orm.state.InstanceState object at 0x7eff34a53850>’, “‘id’”:
‘4L’, “‘resolver’”: “u’localhost’”, “‘key_iv’”:
“u’78b0b4e1331878cdfe5094366a856d38’”, “‘tokentype’”: “u’totp’”}>,) and
keywords {}
[2016-05-02
17:31:00,899][1956][139634842126144][DEBUG][privacyidea.models:129] Exiting
get_otpkey with result <privacyidea.lib.crypto.SecretObj object at
0x7eff34941350>
[2016-05-02
17:31:00,961][1956][139634842126144][DEBUG][privacyidea.lib.tokens.HMAC:118]
Entering checkOtp with arguments (<privacyidea.lib.tokens.HMAC.HmacOtp
object at 0x7eff3494ed90>, u’528864’, 6) and keywords {‘symetric’: True}
[2016-05-02
17:31:00,961][1956][139634842126144][DEBUG][privacyidea.lib.tokens.HMAC:145]
OTP range counter: 48739735 - 48739747
[2016-05-02
17:31:00,961][1956][139634842126144][DEBUG][privacyidea.lib.crypto:118]
Entering decrypt with arguments
(‘\x0c\x9be\x17\xa5\x83\x8ff\xec4\x80\x14\x83q\xb8\xe2\xa1\xbaEA2\xd4\x9d\x95\xf9\xaf\xaf\x7f\x8e\xb8\\xa4\x06\x8e\x95&Y\xe7\x88\xac\xe4\xf39\xb4\xb4\x94\xc10\xe5\xf2\x12\xa6\x0e\xd8\xfa\xd4\xb7x@\x13\xb4\x98\xc0I\xc4e3>[\xc1,\xef\x8a\xed\xc6\x14\xb2\xf50\xba4{\xd13"\xc8\xd94H\x9e\x9a\x9e\t\x8bZ%’,
‘x\xb0\xb4\xe13\x18x\xcd\xfeP\x946j\x85m8’) and keywords {}
[2016-05-02
17:31:00,962][1956][139634842126144][DEBUG][privacyidea.lib.crypto:131]
Exiting decrypt with result HIDDEN
[2016-05-02
17:31:00,962][1956][139634842126144][DEBUG][privacyidea.lib.tokens.HMAC:149]
calculating counter 48739735: u’528864’ ‘293480’
[2016-05-02
17:31:00,962][1956][139634842126144][DEBUG][privacyidea.lib.tokens.HMAC:149]
calculating counter 48739736: u’528864’ ‘515118’
[2016-05-02
17:31:00,962][1956][139634842126144][DEBUG][privacyidea.lib.tokens.HMAC:149]
calculating counter 48739737: u’528864’ ‘642527’
[2016-05-02
17:31:00,963][1956][139634842126144][DEBUG][privacyidea.lib.tokens.HMAC:149]
calculating counter 48739738: u’528864’ ‘598887’
[2016-05-02
17:31:00,963][1956][139634842126144][DEBUG][privacyidea.lib.tokens.HMAC:149]
calculating counter 48739739: u’528864’ ‘835559’
[2016-05-02
17:31:00,963][1956][139634842126144][DEBUG][privacyidea.lib.tokens.HMAC:149]
calculating counter 48739740: u’528864’ ‘224614’
[2016-05-02
17:31:00,964][1956][139634842126144][DEBUG][privacyidea.lib.tokens.HMAC:149]
calculating counter 48739741: u’528864’ ‘528864’
[2016-05-02
17:31:00,965][1956][139634842126144][DEBUG][privacyidea.lib.tokens.HMAC:129]
Exiting checkOtp with result 48739741
[2016-05-02
17:31:00,994][1956][139634842126144][DEBUG][privacyidea.lib.tokens.totptoken:347]
last auth : datetime.datetime(2016, 5, 1, 22, 56, 45)
[2016-05-02
17:31:00,995][1956][139634842126144][DEBUG][privacyidea.lib.tokens.totptoken:348]
tokentime : datetime.datetime(2016, 5, 2, 17, 30, 15)
[2016-05-02
17:31:00,995][1956][139634842126144][DEBUG][privacyidea.lib.tokens.totptoken:349]
now : datetime.datetime(2016, 5, 2, 17, 31)
[2016-05-02
17:31:00,995][1956][139634842126144][DEBUG][privacyidea.lib.tokens.totptoken:350]
delta : -45.0
[2016-05-02
17:31:00,995][1956][139634842126144][DEBUG][privacyidea.lib.tokens.totptoken:354]
the counter 48739741 matched. New shift: -45.0
[2016-05-02
17:31:01,116][1956][139634842126144][DEBUG][privacyidea.lib.token:129]
Exiting check_token_list with result (True, {‘serial’: u’TOTP0000B35A’,
‘type’: u’totp’, ‘message’: ‘matching 1 tokens’})
[2016-05-02
17:31:01,117][1956][139634842126144][DEBUG][privacyidea.lib.token:129]
Exiting check_user_pass with result (True, {‘serial’: u’TOTP0000B35A’,
‘type’: u’totp’, ‘message’: ‘matching 1 tokens’})

On Tuesday, April 26, 2016 at 7:12:18 PM UTC+5, Cornelius Kölbel wrote:

Hi Zia,

unforutnately you did not answer my question.
It is hard to help you, if I only get 50% of information I requested.
This is why the best way is, to take a look at it.

Your problem is uncommon and not reproducable. You are having an error
in the log, which usually would not occur! So we need to take the look.
(Or you need to dig into it yourself. My crystal ball is broken)
I very much assume, that you configured something wrong.
Honestly, what are you expecting with the information you are providing?

Get a workshop. In a remote session in a non-sensitive environment. Then
we might realize, what was misconfigured.

Kind regards
Cornelius

Am Dienstag, den 26.04.2016, 06:44 -0700 schrieb Zia-ul-Hassan Siddique:

I am doing a PoC install which may lead different sensitive institutes
to deploy and hence get SLA at larg scale if PoC is proven to them.
Purchasing remote access support is currently out of scope due to
access level restrictions of the environment till higher Ops are
willing to deploy it in production.

I have tried the same with web based “Tocken Check” option in PI Web
page… Results was “wrong OTP Pin”.
Is it possible to deploy older versions of PI for R&D for comparative
analysis?

Best Regards,
Zia

On Monday, April 25, 2016 at 1:30:03 PM UTC+5, Cornelius Kölbel wrote:
Hi Ziu,

    I can not confirm that LDAP+OTP is not working. 
    
    So the question is, what is special at your setup. 
    
    I am confused by this error: 

11:34:00,006][1226][140569441117952][ERROR][privacyidea.lib.user:344]

    The user User(login=u'', realm=u'zpi', resolver='') exists in 
    NO 
    resolver. 
    
    Did you also check via the API in the browser? 
    ...or only via your application. 
    
    I you are representing a company you could order half an hour 
    or an hour 
    remote session. 
    
    Kind regards 
    Cornelius 
    
    
    Am Sonntag, den 24.04.2016, 23:43 -0700 schrieb Zia-ul-Hassan 
    Siddique: 
    > Hi, 
    >  I have done the guided steps. 
    > PIN+OTP is its default. 
    > LDAP+OTP is not working. 
    > Pasthru works fine and LDAP Authentication is perfect. 
    > i have tried posste append and pre-append, both work with 
    PIN but not 
    > with LDAP when com bined with OTP. 
    > 
    > 
    > following are the logs 
    > 
    > 
    > [2016-04-25 
    > 

11:33:59,710][1226][140569441117952][INFO][privacyidea.lib.user:188]

    > user u'user3' found in resolver u'zaxis' 
    > [2016-04-25 
    > 

11:33:59,711][1226][140569441117952][INFO][privacyidea.lib.user:189]

    > userid resolved to '3210bcb9-f581-4463-ae42-336a7c7392b6' 
    > [2016-04-25 
    > 

11:33:59,760][1226][140569441117952][INFO][privacyidea.lib.user:188]

    > user u'user3' found in resolver u'zaxis' 
    > [2016-04-25 
    > 

11:33:59,761][1226][140569441117952][INFO][privacyidea.lib.user:189]

    > userid resolved to '3210bcb9-f581-4463-ae42-336a7c7392b6' 
    > [2016-04-25 
    > 

11:33:59,799][1226][140569441117952][INFO][privacyidea.lib.user:188]

    > user u'user3' found in resolver u'zaxis' 
    > [2016-04-25 
    > 

11:33:59,799][1226][140569441117952][INFO][privacyidea.lib.user:189]

    > userid resolved to '3210bcb9-f581-4463-ae42-336a7c7392b6' 
    > [2016-04-25 
    > 

11:33:59,842][1226][140569441117952][INFO][privacyidea.lib.user:188]

    > user u'user3' found in resolver u'zaxis' 
    > [2016-04-25 
    > 

11:33:59,842][1226][140569441117952][INFO][privacyidea.lib.user:189]

    > userid resolved to '3210bcb9-f581-4463-ae42-336a7c7392b6' 
    > [2016-04-25 
    > 

11:33:59,983][1226][140569441117952][INFO][privacyidea.lib.user:328]

    > User '' from realm u'zpi' tries to authenticate 
    > [2016-04-25 
    > 

11:34:00,006][1226][140569441117952][ERROR][privacyidea.lib.user:344]

    > The user User(login=u'', realm=u'zpi', resolver='') exists 
    in NO 
    > resolver. 
    > [2016-04-25 
    > 

11:34:00,082][1226][140569441117952][INFO][privacyidea.lib.user:188]

    > user u'user3' found in resolver u'zaxis' 
    > [2016-04-25 
    > 

11:34:00,083][1226][140569441117952][INFO][privacyidea.lib.user:189]

    > userid resolved to '3210bcb9-f581-4463-ae42-336a7c7392b6' 
    > [2016-04-25 
    > 

11:34:45,484][1226][140569474688768][INFO][privacyidea.lib.user:188]

    > user u'user3' found in resolver u'zaxis' 
    > [2016-04-25 
    > 

11:34:45,484][1226][140569474688768][INFO][privacyidea.lib.user:189]

    > userid resolved to '3210bcb9-f581-4463-ae42-336a7c7392b6' 
    > [2016-04-25 
    > 

11:34:45,525][1226][140569474688768][INFO][privacyidea.lib.user:188]

    > user u'user3' found in resolver u'zaxis' 
    > [2016-04-25 
    > 

11:34:45,526][1226][140569474688768][INFO][privacyidea.lib.user:189]

    > userid resolved to '3210bcb9-f581-4463-ae42-336a7c7392b6' 
    > [2016-04-25 
    > 

11:34:45,554][1226][140569474688768][INFO][privacyidea.lib.user:188]

    > user u'user3' found in resolver u'zaxis' 
    > [2016-04-25 
    > 

11:34:45,555][1226][140569474688768][INFO][privacyidea.lib.user:189]

    > userid resolved to '3210bcb9-f581-4463-ae42-336a7c7392b6' 
    > [2016-04-25 
    > 

11:34:45,589][1226][140569474688768][INFO][privacyidea.lib.user:188]

    > user u'user3' found in resolver u'zaxis' 
    > [2016-04-25 
    > 

11:34:45,590][1226][140569474688768][INFO][privacyidea.lib.user:189]

    > userid resolved to '3210bcb9-f581-4463-ae42-336a7c7392b6' 
    > [2016-04-25 
    > 

11:34:45,718][1226][140569474688768][INFO][privacyidea.lib.user:328]

    > User '' from realm u'zpi' tries to authenticate 
    > [2016-04-25 
    > 

11:34:45,737][1226][140569474688768][ERROR][privacyidea.lib.user:344]

    > The user User(login=u'', realm=u'zpi', resolver='') exists 
    in NO 
    > resolver. 
    > [2016-04-25 
    > 

11:34:45,808][1226][140569474688768][INFO][privacyidea.lib.user:188]

    > user u'user3' found in resolver u'zaxis' 
    > [2016-04-25 
    > 

11:34:45,809][1226][140569474688768][INFO][privacyidea.lib.user:189]

    > userid resolved to '3210bcb9-f581-4463-ae42-336a7c7392b6' 
    > 
    > 
    > I have used Ubuntu packages to install and configure as 
    directed in 
    > "Documents". 
    > 
    > 
    > 
    > 
    > Please help me in this regard, 
    > Zia 
    > 
    > 
    > 
    > 
    > On Thursday, April 21, 2016 at 2:22:25 PM UTC+5, Cornelius  Kölbel  wrote: 
    >         Hi Zia, 
    >         
    >         there are some things you can please do to narrow 
    down your 
    >         issue: 
    >         
    >         1. please check the prepend PIN in the system 
    settings. You 
    >         could auth 
    >            with either <WinPW><OTP> or <OTP><WinPW>. 
    >         
    >         2. Check if authentication with OTP PIN works. 
    (Remove 
    >         otppin:userstore) 
    >         
    >         3. There is no need to specify the resolver or the 
    realm 
    >         unless you 
    >            have a complicated setup. 
    >         
    >         3a. Please remove the resolver from the policy 
    >         
    >         3b. Please remove the realm from the policy. 
    >         
    >         Kind regards 
    >         Cornelius 
    >         
    >         Am Mittwoch, den 20.04.2016, 16:14 -0700 schrieb 
    Zia-ul-Hassan 
    >         Siddique: 
    >         >         Hi. 
    >         > authentication { "passthru": "userstore", 
    "otppin": 
    >         "userstore" } 
    >         > [ "zaxis" ] [] [ "zaxis" ] [] 
    >         > 
    >         > 
    >         > i have tried a previous version of PI and there it 
    was 
    >         working as 
    >         > expected that WinPassword+TOTP was authenticated 
    by PI. 
    >         > 
    >         > 
    >         > This is not happening in  current release 
    >         > regards, 
    >         > zia 
    >         > -- 
    >         > Please read the blog post about getting help 
    >         > https://www.privacyidea.org/getting-help/. 
    >         >   
    >         > For professional services and consultancy 
    regarding two 
    >         factor 
    >         > authentication please visit 
    >         > 
    https://netknights.it/en/leistungen/one-time-services/ 
    >         >   
    >         > In an enterprise environment you should get a 
    SERVICE LEVEL 
    >         AGREEMENT 
    >         > which suites your needs for SECURITY, AVAILABILITY 
    and 
    >         LIABILITY: 
    >         > 
    > 
    https://netknights.it/en/leistungen/service-level-agreements/ 
    >         > --- 
    >         > You received this message because you are 
    subscribed to the 
    >         Google 
    >         > Groups "privacyidea" group. 
    >         > To unsubscribe from this group and stop receiving 
    emails 
    >         from it, send 
    >         > an email to privacyidea...@googlegroups.com. 
    >         > To post to this group, send email to 
    >         priva...@googlegroups.com. 
    >         > Visit this group at 
    >         https://groups.google.com/group/privacyidea. 
    >         > To view this discussion on the web visit 
    >         > 
    > 

https://groups.google.com/d/msgid/privacyidea/4ec957f8-8c80-45eb-886d-0e764d386f03%40googlegroups.com.

    >         > For more options, visit 
    https://groups.google.com/d/optout. 
    >         
    >         -- 
    >         Cornelius Kölbel 
    >         corneliu...@netknights.it 
    >         +49 151 2960 1417 
    >         
    >         NetKnights GmbH 
    >         http://www.netknights.it 
    >         Landgraf-Karl-Str. 19, 34131 Kassel, Germany 
    >         Tel: +49 561 3166797, Fax: +49 561 3166798 
    >         
    >         Amtsgericht Kassel, HRB 16405 
    >         Geschäftsführer: Cornelius Kölbel 
    >         
    >         
    > -- 
    > Please read the blog post about getting help 
    > https://www.privacyidea.org/getting-help/. 
    >   
    > For professional services and consultancy regarding two 
    factor 
    > authentication please visit 
    > https://netknights.it/en/leistungen/one-time-services/ 
    >   
    > In an enterprise environment you should get a SERVICE LEVEL 
    AGREEMENT 
    > which suites your needs for SECURITY, AVAILABILITY and 
    LIABILITY: 
    > 
    https://netknights.it/en/leistungen/service-level-agreements/ 
    > --- 
    > You received this message because you are subscribed to the 
    Google 
    > Groups "privacyidea" group. 
    > To unsubscribe from this group and stop receiving emails 
    from it, send 
    > an email to privacyidea...@googlegroups.com. 
    > To post to this group, send email to 
    priva...@googlegroups.com. 
    > Visit this group at 
    https://groups.google.com/group/privacyidea. 
    > To view this discussion on the web visit 
    > 

https://groups.google.com/d/msgid/privacyidea/d01b2cdc-6451-4640-b996-3a7e23c9594b%40googlegroups.com.

    > For more options, visit https://groups.google.com/d/optout. 
    
    -- 
    Cornelius Kölbel 
    corneliu...@netknights.it 
    +49 151 2960 1417 
    
    NetKnights GmbH 
    http://www.netknights.it 
    Landgraf-Karl-Str. 19, 34131 Kassel, Germany 
    Tel: +49 561 3166797, Fax: +49 561 3166798 
    
    Amtsgericht Kassel, HRB 16405 
    Geschäftsführer: Cornelius Kölbel 


Please read the blog post about getting help
Getting help – privacyID3A.

For professional services and consultancy regarding two factor
authentication please visit
One Time Services - NetKnights - IT-Sicherheit - Zwei-Faktor-Authentisierung - Verschlüsselung

In an enterprise environment you should get a SERVICE LEVEL AGREEMENT
which suites your needs for SECURITY, AVAILABILITY and LIABILITY:
privacyIDEA Support Level

You received this message because you are subscribed to the Google
Groups “privacyidea” group.
To unsubscribe from this group and stop receiving emails from it, send
an email to privacyidea...@googlegroups.com <javascript:>.
To post to this group, send email to priva...@googlegroups.com
<javascript:>.
Visit this group at https://groups.google.com/group/privacyidea.
To view this discussion on the web visit

https://groups.google.com/d/msgid/privacyidea/64a4c599-6cf2-4080-9df1-3316f8464329%40googlegroups.com.

For more options, visit https://groups.google.com/d/optout.


Cornelius Kölbel
corneliu…@netknights.it <javascript:>
+49 151 2960 1417

NetKnights GmbH
http://www.netknights.it
Landgraf-Karl-Str. 19, 34131 Kassel, Germany
Tel: +49 561 3166797, Fax: +49 561 3166798

Amtsgericht Kassel, HRB 16405
Geschäftsführer: Cornelius Kölbel

Hi Zia,

thanks a lot.
Some claimed I would als do a good social worker.
Interesting. In fact I am a community worker :wink:
…at least for privacyIDEA community.

So you are telling that your authentication against privacyIDEA with
LDAP+OTP works fine. But not with radius.

I have a feeling here: Could it be that you have some characters in your
LDAP-password that break the freeradius module/plugin…?

If authentication with LDAP+OTP works within privacyIDEA but not in
RADIUS, then the problem must be located in the RADIUS server/plugin.
And the first thing I would think of is the one mentioned above.
So please try with a “simple” LDAP password.

Kind regards
CorneliusAm Montag, den 02.05.2016, 07:03 -0700 schrieb Zia-ul-Hassan Siddique:

Dear Cornelius,

I admire your patience and content support. I have tried pi-manage
validate option which works fine with following console output.
Using PI_LOGFILE /var/log/privacyidea/privacyidea.log.

         _                    _______  _______

___ () _____ _______ __/ / _ / __/ _ |
/ _ / __/ / |/ / _ `/ / // // // // / _// __ |
/ .
/
/ /
/|
/_,/_/_, ///// ||
/
/ /___/

/usr/lib/python2.7/dist-packages/sqlalchemy/engine/default.py:459:
SAWarning: Unicode type received non-unicode bind param value
param.append(processorskey)
RESULT=True
DETAILS={‘serial’: u’TOTP0000B35A’, ‘type’: u’totp’, ‘message’:
‘matching 1 tokens’}
root@authz:~#

but this is not in case if i try same login via radius. However radius
works fine with pasthru or tpin+otp but causes trouble only with
ADPASS+OTP


i have tried ubuntu lts 14.04 and PI with apache2…

Should i try some other OS or Install method?

Kind Regards,
Zia

[2016-05-02
17:31:00,898][1956][139634842126144][DEBUG][privacyidea.models:118]
Entering get_otpkey with arguments (<<class
‘privacyidea.models.Token’> {“‘active’”: ‘True’, “‘count_window’”:
‘20L’, “‘key_enc’”:
“u’0c9b6517a5838f66ec3480148371b8e2a1ba454132d49d95f9afaf7f8eb85ca4068e952659e788ace4f339b4b494c130e5f212a60ed8fad4b7784013b498c049c465333e5bc12cef8aedc614b2f530ba347bd13322c8d934489e9a9e098b5a25’”, “‘pin_hash’”: “u’45c72af9c5fde577372ab4dd9dfaadd7e12f0bdf8e131268d3ce5440a77c7929’”, “‘so_pin’”: “u’'”, “‘user_id’”: “u’4660a08f-af03-453c-9f2e-f93ddf7cb8a3’”, “‘otplen’”: ‘6L’, “‘so_pin_iv’”: “u’'”, “‘serial’”: “u’TOTP0000B35A’”, “‘revoked’”: ‘False’, “‘locked’”: ‘False’, “‘maxfail’”: ‘1000L’, “‘realm_list’”: ‘[<privacyidea.models.TokenRealm object at 0x7eff34982e50>]’, “‘count’”: ‘48737514L’, “‘pin_seed’”: “u’a4c108baf9695ce91bed8e9b0780285b’”, “‘sync_window’”: ‘1000L’, “‘description’”: “u’'”, “‘resolver_type’”: “u’ldapresolver’”, “‘user_pin_iv’”: “u’'”, “‘user_pin’”: “u’'”, “‘rollout_state’”: “u’'”, “‘failcount’”: ‘6L’, “‘_sa_instance_state’”: ‘<sqlalchemy.orm.state.InstanceState object at 0x7eff34a53850>’, “‘id’”: ‘4L’, “‘resolver’”: “u’localhost’”, “‘key_iv’”: “u’78b0b4e1331878cdfe5094366a856d38’”, “‘tokentype’”: “u’totp’”}>,) and keywords {}
[2016-05-02
17:31:00,899][1956][139634842126144][DEBUG][privacyidea.models:129]
Exiting get_otpkey with result <privacyidea.lib.crypto.SecretObj
object at 0x7eff34941350>
[2016-05-02
17:31:00,961][1956][139634842126144][DEBUG][privacyidea.lib.tokens.HMAC:118] Entering checkOtp with arguments (<privacyidea.lib.tokens.HMAC.HmacOtp object at 0x7eff3494ed90>, u’528864’, 6) and keywords {‘symetric’: True}
[2016-05-02
17:31:00,961][1956][139634842126144][DEBUG][privacyidea.lib.tokens.HMAC:145] OTP range counter: 48739735 - 48739747
[2016-05-02
17:31:00,961][1956][139634842126144][DEBUG][privacyidea.lib.crypto:118] Entering decrypt with arguments (‘\x0c\x9be\x17\xa5\x83\x8ff\xec4\x80\x14\x83q\xb8\xe2\xa1\xbaEA2\xd4\x9d\x95\xf9\xaf\xaf\x7f\x8e\xb8\\xa4\x06\x8e\x95&Y\xe7\x88\xac\xe4\xf39\xb4\xb4\x94\xc10\xe5\xf2\x12\xa6\x0e\xd8\xfa\xd4\xb7x@\x13\xb4\x98\xc0I\xc4e3>[\xc1,\xef\x8a\xed\xc6\x14\xb2\xf50\xba4{\xd13"\xc8\xd94H\x9e\x9a\x9e\t\x8bZ%’, ‘x\xb0\xb4\xe13\x18x\xcd\xfeP\x946j\x85m8’) and keywords {}
[2016-05-02
17:31:00,962][1956][139634842126144][DEBUG][privacyidea.lib.crypto:131] Exiting decrypt with result HIDDEN
[2016-05-02
17:31:00,962][1956][139634842126144][DEBUG][privacyidea.lib.tokens.HMAC:149] calculating counter 48739735: u’528864’ ‘293480’
[2016-05-02
17:31:00,962][1956][139634842126144][DEBUG][privacyidea.lib.tokens.HMAC:149] calculating counter 48739736: u’528864’ ‘515118’
[2016-05-02
17:31:00,962][1956][139634842126144][DEBUG][privacyidea.lib.tokens.HMAC:149] calculating counter 48739737: u’528864’ ‘642527’
[2016-05-02
17:31:00,963][1956][139634842126144][DEBUG][privacyidea.lib.tokens.HMAC:149] calculating counter 48739738: u’528864’ ‘598887’
[2016-05-02
17:31:00,963][1956][139634842126144][DEBUG][privacyidea.lib.tokens.HMAC:149] calculating counter 48739739: u’528864’ ‘835559’
[2016-05-02
17:31:00,963][1956][139634842126144][DEBUG][privacyidea.lib.tokens.HMAC:149] calculating counter 48739740: u’528864’ ‘224614’
[2016-05-02
17:31:00,964][1956][139634842126144][DEBUG][privacyidea.lib.tokens.HMAC:149] calculating counter 48739741: u’528864’ ‘528864’
[2016-05-02
17:31:00,965][1956][139634842126144][DEBUG][privacyidea.lib.tokens.HMAC:129] Exiting checkOtp with result 48739741
[2016-05-02
17:31:00,994][1956][139634842126144][DEBUG][privacyidea.lib.tokens.totptoken:347] last auth : datetime.datetime(2016, 5, 1, 22, 56, 45)
[2016-05-02
17:31:00,995][1956][139634842126144][DEBUG][privacyidea.lib.tokens.totptoken:348] tokentime : datetime.datetime(2016, 5, 2, 17, 30, 15)
[2016-05-02
17:31:00,995][1956][139634842126144][DEBUG][privacyidea.lib.tokens.totptoken:349] now : datetime.datetime(2016, 5, 2, 17, 31)
[2016-05-02
17:31:00,995][1956][139634842126144][DEBUG][privacyidea.lib.tokens.totptoken:350] delta : -45.0
[2016-05-02
17:31:00,995][1956][139634842126144][DEBUG][privacyidea.lib.tokens.totptoken:354] the counter 48739741 matched. New shift: -45.0
[2016-05-02
17:31:01,116][1956][139634842126144][DEBUG][privacyidea.lib.token:129]
Exiting check_token_list with result (True, {‘serial’:
u’TOTP0000B35A’, ‘type’: u’totp’, ‘message’: ‘matching 1 tokens’})
[2016-05-02
17:31:01,117][1956][139634842126144][DEBUG][privacyidea.lib.token:129]
Exiting check_user_pass with result (True, {‘serial’: u’TOTP0000B35A’,
‘type’: u’totp’, ‘message’: ‘matching 1 tokens’})

On Tuesday, April 26, 2016 at 7:12:18 PM UTC+5, Cornelius Kölbel wrote:
Hi Zia,

    unforutnately you did not answer my question. 
    It is hard to help you, if I only get 50% of information I
    requested. 
    This is why the best way is, to take a look at it. 
    
    Your problem is uncommon and not reproducable. You are having
    an error 
    in the log, which usually would not occur! So we need to take
    the look. 
    (Or you need to dig into it yourself. My crystal ball is
    broken) 
    I very much assume, that you configured something wrong. 
    Honestly, what are you expecting with the information you are
    providing? 
    
    Get a workshop. In a remote session in a non-sensitive
    environment. Then 
    we might realize, what was misconfigured. 
    
    Kind regards 
    Cornelius 
    
    
    Am Dienstag, den 26.04.2016, 06:44 -0700 schrieb Zia-ul-Hassan
    Siddique: 
    > I am doing a PoC install which may lead different sensitive
    institutes 
    > to  deploy and hence get SLA at larg scale if PoC is proven
    to them. 
    > Purchasing remote access support is currently out of scope
    due to 
    > access level restrictions of the environment till higher Ops
    are 
    > willing to deploy it in production. 
    > 
    > 
    > I have tried the same with web based "Tocken Check" option
    in PI Web 
    > page..... Results was "wrong OTP Pin". 
    > Is it possible to deploy older versions of PI for R&D for
    comparative 
    > analysis? 
    > 
    > 
    > Best Regards, 
    > Zia 
    > 
    > On Monday, April 25, 2016 at 1:30:03 PM UTC+5, Cornelius Kölbel wrote: 
    >         Hi Ziu, 
    >         
    >         I can not confirm that LDAP+OTP is not working. 
    >         
    >         So the question is, what is special at your setup. 
    >         
    >         I am confused by this error: 
    >         
    >
    11:34:00,006][1226][140569441117952][ERROR][privacyidea.lib.user:344] 
    >         The user User(login=u'', realm=u'zpi', resolver='')
    exists in 
    >         NO 
    >         resolver. 
    >         
    >         Did you also check via the API in the browser? 
    >         ...or only via your application. 
    >         
    >         I you are representing a company you could order
    half an hour 
    >         or an hour 
    >         remote session. 
    >         
    >         Kind regards 
    >         Cornelius 
    >         
    >         
    >         Am Sonntag, den 24.04.2016, 23:43 -0700 schrieb
    Zia-ul-Hassan 
    >         Siddique: 
    >         > Hi, 
    >         >  I have done the guided steps. 
    >         > PIN+OTP is its default. 
    >         > LDAP+OTP is not working. 
    >         > Pasthru works fine and LDAP Authentication is
    perfect. 
    >         > i have tried posste append and pre-append, both
    work with 
    >         PIN but not 
    >         > with LDAP when com bined with OTP. 
    >         > 
    >         > 
    >         > following are the logs 
    >         > 
    >         > 
    >         > [2016-04-25 
    >         > 
    >
    11:33:59,710][1226][140569441117952][INFO][privacyidea.lib.user:188] 
    >         > user u'user3' found in resolver u'zaxis' 
    >         > [2016-04-25 
    >         > 
    >
    11:33:59,711][1226][140569441117952][INFO][privacyidea.lib.user:189] 
    >         > userid resolved to
    '3210bcb9-f581-4463-ae42-336a7c7392b6' 
    >         > [2016-04-25 
    >         > 
    >
    11:33:59,760][1226][140569441117952][INFO][privacyidea.lib.user:188] 
    >         > user u'user3' found in resolver u'zaxis' 
    >         > [2016-04-25 
    >         > 
    >
    11:33:59,761][1226][140569441117952][INFO][privacyidea.lib.user:189] 
    >         > userid resolved to
    '3210bcb9-f581-4463-ae42-336a7c7392b6' 
    >         > [2016-04-25 
    >         > 
    >
    11:33:59,799][1226][140569441117952][INFO][privacyidea.lib.user:188] 
    >         > user u'user3' found in resolver u'zaxis' 
    >         > [2016-04-25 
    >         > 
    >
    11:33:59,799][1226][140569441117952][INFO][privacyidea.lib.user:189] 
    >         > userid resolved to
    '3210bcb9-f581-4463-ae42-336a7c7392b6' 
    >         > [2016-04-25 
    >         > 
    >
    11:33:59,842][1226][140569441117952][INFO][privacyidea.lib.user:188] 
    >         > user u'user3' found in resolver u'zaxis' 
    >         > [2016-04-25 
    >         > 
    >
    11:33:59,842][1226][140569441117952][INFO][privacyidea.lib.user:189] 
    >         > userid resolved to
    '3210bcb9-f581-4463-ae42-336a7c7392b6' 
    >         > [2016-04-25 
    >         > 
    >
    11:33:59,983][1226][140569441117952][INFO][privacyidea.lib.user:328] 
    >         > User '' from realm u'zpi' tries to authenticate 
    >         > [2016-04-25 
    >         > 
    >
    11:34:00,006][1226][140569441117952][ERROR][privacyidea.lib.user:344] 
    >         > The user User(login=u'', realm=u'zpi',
    resolver='') exists 
    >         in NO 
    >         > resolver. 
    >         > [2016-04-25 
    >         > 
    >
    11:34:00,082][1226][140569441117952][INFO][privacyidea.lib.user:188] 
    >         > user u'user3' found in resolver u'zaxis' 
    >         > [2016-04-25 
    >         > 
    >
    11:34:00,083][1226][140569441117952][INFO][privacyidea.lib.user:189] 
    >         > userid resolved to
    '3210bcb9-f581-4463-ae42-336a7c7392b6' 
    >         > [2016-04-25 
    >         > 
    >
    11:34:45,484][1226][140569474688768][INFO][privacyidea.lib.user:188] 
    >         > user u'user3' found in resolver u'zaxis' 
    >         > [2016-04-25 
    >         > 
    >
    11:34:45,484][1226][140569474688768][INFO][privacyidea.lib.user:189] 
    >         > userid resolved to
    '3210bcb9-f581-4463-ae42-336a7c7392b6' 
    >         > [2016-04-25 
    >         > 
    >
    11:34:45,525][1226][140569474688768][INFO][privacyidea.lib.user:188] 
    >         > user u'user3' found in resolver u'zaxis' 
    >         > [2016-04-25 
    >         > 
    >
    11:34:45,526][1226][140569474688768][INFO][privacyidea.lib.user:189] 
    >         > userid resolved to
    '3210bcb9-f581-4463-ae42-336a7c7392b6' 
    >         > [2016-04-25 
    >         > 
    >
    11:34:45,554][1226][140569474688768][INFO][privacyidea.lib.user:188] 
    >         > user u'user3' found in resolver u'zaxis' 
    >         > [2016-04-25 
    >         > 
    >
    11:34:45,555][1226][140569474688768][INFO][privacyidea.lib.user:189] 
    >         > userid resolved to
    '3210bcb9-f581-4463-ae42-336a7c7392b6' 
    >         > [2016-04-25 
    >         > 
    >
    11:34:45,589][1226][140569474688768][INFO][privacyidea.lib.user:188] 
    >         > user u'user3' found in resolver u'zaxis' 
    >         > [2016-04-25 
    >         > 
    >
    11:34:45,590][1226][140569474688768][INFO][privacyidea.lib.user:189] 
    >         > userid resolved to
    '3210bcb9-f581-4463-ae42-336a7c7392b6' 
    >         > [2016-04-25 
    >         > 
    >
    11:34:45,718][1226][140569474688768][INFO][privacyidea.lib.user:328] 
    >         > User '' from realm u'zpi' tries to authenticate 
    >         > [2016-04-25 
    >         > 
    >
    11:34:45,737][1226][140569474688768][ERROR][privacyidea.lib.user:344] 
    >         > The user User(login=u'', realm=u'zpi',
    resolver='') exists 
    >         in NO 
    >         > resolver. 
    >         > [2016-04-25 
    >         > 
    >
    11:34:45,808][1226][140569474688768][INFO][privacyidea.lib.user:188] 
    >         > user u'user3' found in resolver u'zaxis' 
    >         > [2016-04-25 
    >         > 
    >
    11:34:45,809][1226][140569474688768][INFO][privacyidea.lib.user:189] 
    >         > userid resolved to
    '3210bcb9-f581-4463-ae42-336a7c7392b6' 
    >         > 
    >         > 
    >         > I have used Ubuntu packages to install and
    configure as 
    >         directed in 
    >         > "Documents". 
    >         > 
    >         > 
    >         > 
    >         > 
    >         > Please help me in this regard, 
    >         > Zia 
    >         > 
    >         > 
    >         > 
    >         > 
    >         > On Thursday, April 21, 2016 at 2:22:25 PM UTC+5, Cornelius  Kölbel  wrote: 
    >         >         Hi Zia, 
    >         >         
    >         >         there are some things you can please do to
    narrow 
    >         down your 
    >         >         issue: 
    >         >         
    >         >         1. please check the prepend PIN in the
    system 
    >         settings. You 
    >         >         could auth 
    >         >            with either <WinPW><OTP> or
    <OTP><WinPW>. 
    >         >         
    >         >         2. Check if authentication with OTP PIN
    works. 
    >         (Remove 
    >         >         otppin:userstore) 
    >         >         
    >         >         3. There is no need to specify the
    resolver or the 
    >         realm 
    >         >         unless you 
    >         >            have a complicated setup. 
    >         >         
    >         >         3a. Please remove the resolver from the
    policy 
    >         >         
    >         >         3b. Please remove the realm from the
    policy. 
    >         >         
    >         >         Kind regards 
    >         >         Cornelius 
    >         >         
    >         >         Am Mittwoch, den 20.04.2016, 16:14 -0700 schrieb 
    >         Zia-ul-Hassan 
    >         >         Siddique: 
    >         >         >         Hi. 
    >         >         > authentication { "passthru":
    "userstore", 
    >         "otppin": 
    >         >         "userstore" } 
    >         >         > [ "zaxis" ] [] [ "zaxis" ] [] 
    >         >         > 
    >         >         > 
    >         >         > i have tried a previous version of PI
    and there it 
    >         was 
    >         >         working as 
    >         >         > expected that WinPassword+TOTP was
    authenticated 
    >         by PI. 
    >         >         > 
    >         >         > 
    >         >         > This is not happening in  current
    release 
    >         >         > regards, 
    >         >         > zia 
    >         >         > -- 
    >         >         > Please read the blog post about getting
    help 
    >         >         >
    https://www.privacyidea.org/getting-help/. 
    >         >         >   
    >         >         > For professional services and
    consultancy 
    >         regarding two 
    >         >         factor 
    >         >         > authentication please visit 
    >         >         > 
    >
    https://netknights.it/en/leistungen/one-time-services/ 
    >         >         >   
    >         >         > In an enterprise environment you should
    get a 
    >         SERVICE LEVEL 
    >         >         AGREEMENT 
    >         >         > which suites your needs for SECURITY,
    AVAILABILITY 
    >         and 
    >         >         LIABILITY: 
    >         >         > 
    >         > 
    >
    https://netknights.it/en/leistungen/service-level-agreements/ 
    >         >         > --- 
    >         >         > You received this message because you
    are 
    >         subscribed to the 
    >         >         Google 
    >         >         > Groups "privacyidea" group. 
    >         >         > To unsubscribe from this group and stop
    receiving 
    >         emails 
    >         >         from it, send 
    >         >         > an email to
    privacyidea...@googlegroups.com. 
    >         >         > To post to this group, send email to 
    >         >         priva...@googlegroups.com. 
    >         >         > Visit this group at 
    >         >
    https://groups.google.com/group/privacyidea. 
    >         >         > To view this discussion on the web
    visit 
    >         >         > 
    >         > 
    >
    https://groups.google.com/d/msgid/privacyidea/4ec957f8-8c80-45eb-886d-0e764d386f03%40googlegroups.com. 
    >         >         > For more options, visit 
    >         https://groups.google.com/d/optout. 
    >         >         
    >         >         -- 
    >         >         Cornelius Kölbel 
    >         >         corneliu...@netknights.it 
    >         >         +49 151 2960 1417 
    >         >         
    >         >         NetKnights GmbH 
    >         >         http://www.netknights.it 
    >         >         Landgraf-Karl-Str. 19, 34131 Kassel,
    Germany 
    >         >         Tel: +49 561 3166797, Fax: +49 561
    3166798 
    >         >         
    >         >         Amtsgericht Kassel, HRB 16405 
    >         >         Geschäftsführer: Cornelius Kölbel 
    >         >         
    >         >         
    >         > -- 
    >         > Please read the blog post about getting help 
    >         > https://www.privacyidea.org/getting-help/. 
    >         >   
    >         > For professional services and consultancy
    regarding two 
    >         factor 
    >         > authentication please visit 
    >         >
    https://netknights.it/en/leistungen/one-time-services/ 
    >         >   
    >         > In an enterprise environment you should get a
    SERVICE LEVEL 
    >         AGREEMENT 
    >         > which suites your needs for SECURITY, AVAILABILITY
    and 
    >         LIABILITY: 
    >         > 
    >
    https://netknights.it/en/leistungen/service-level-agreements/ 
    >         > --- 
    >         > You received this message because you are
    subscribed to the 
    >         Google 
    >         > Groups "privacyidea" group. 
    >         > To unsubscribe from this group and stop receiving
    emails 
    >         from it, send 
    >         > an email to privacyidea...@googlegroups.com. 
    >         > To post to this group, send email to 
    >         priva...@googlegroups.com. 
    >         > Visit this group at 
    >         https://groups.google.com/group/privacyidea. 
    >         > To view this discussion on the web visit 
    >         > 
    >
    https://groups.google.com/d/msgid/privacyidea/d01b2cdc-6451-4640-b996-3a7e23c9594b%40googlegroups.com. 
    >         > For more options, visit
    https://groups.google.com/d/optout. 
    >         
    >         -- 
    >         Cornelius Kölbel 
    >         corneliu...@netknights.it 
    >         +49 151 2960 1417 
    >         
    >         NetKnights GmbH 
    >         http://www.netknights.it 
    >         Landgraf-Karl-Str. 19, 34131 Kassel, Germany 
    >         Tel: +49 561 3166797, Fax: +49 561 3166798 
    >         
    >         Amtsgericht Kassel, HRB 16405 
    >         Geschäftsführer: Cornelius Kölbel 
    >         
    >         
    > -- 
    > Please read the blog post about getting help 
    > https://www.privacyidea.org/getting-help/. 
    >   
    > For professional services and consultancy regarding two
    factor 
    > authentication please visit 
    > https://netknights.it/en/leistungen/one-time-services/ 
    >   
    > In an enterprise environment you should get a SERVICE LEVEL
    AGREEMENT 
    > which suites your needs for SECURITY, AVAILABILITY and
    LIABILITY: 
    >
    https://netknights.it/en/leistungen/service-level-agreements/ 
    > --- 
    > You received this message because you are subscribed to the
    Google 
    > Groups "privacyidea" group. 
    > To unsubscribe from this group and stop receiving emails
    from it, send 
    > an email to privacyidea...@googlegroups.com. 
    > To post to this group, send email to
    priva...@googlegroups.com. 
    > Visit this group at
    https://groups.google.com/group/privacyidea. 
    > To view this discussion on the web visit 
    >
    https://groups.google.com/d/msgid/privacyidea/64a4c599-6cf2-4080-9df1-3316f8464329%40googlegroups.com. 
    > For more options, visit https://groups.google.com/d/optout. 
    
    -- 
    Cornelius Kölbel 
    corneliu...@netknights.it 
    +49 151 2960 1417 
    
    NetKnights GmbH 
    http://www.netknights.it 
    Landgraf-Karl-Str. 19, 34131 Kassel, Germany 
    Tel: +49 561 3166797, Fax: +49 561 3166798 
    
    Amtsgericht Kassel, HRB 16405 
    Geschäftsführer: Cornelius Kölbel 


Please read the blog post about getting help
Getting help – privacyID3A.

For professional services and consultancy regarding two factor
authentication please visit
One Time Services - NetKnights - IT-Sicherheit - Zwei-Faktor-Authentisierung - Verschlüsselung

In an enterprise environment you should get a SERVICE LEVEL AGREEMENT
which suites your needs for SECURITY, AVAILABILITY and LIABILITY:
privacyIDEA Support Level

You received this message because you are subscribed to the Google
Groups “privacyidea” group.
To unsubscribe from this group and stop receiving emails from it, send
an email to privacyidea+unsubscribe@googlegroups.com.
To post to this group, send email to privacyidea@googlegroups.com.
Visit this group at https://groups.google.com/group/privacyidea.
To view this discussion on the web visit
https://groups.google.com/d/msgid/privacyidea/bc04f6f3-3af2-4954-b9a6-38c44e2018d1%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


Cornelius Kölbel
@cornelinux
+49 151 2960 1417

NetKnights GmbH
http://www.netknights.it
Landgraf-Karl-Str. 19, 34131 Kassel, Germany
Tel: +49 561 3166797, Fax: +49 561 3166798

Amtsgericht Kassel, HRB 16405
Geschäftsführer: Cornelius Kölbel

signature.asc (836 Bytes)