[19-06-2023 14:26:51] [CCredentialProviderFilter.cpp:40] CSample_CreateInstance - FILTER START
[19-06-2023 14:26:51] [CCredentialProviderFilter.cpp
:141] CCredentialProviderFilter::CCredentialProviderFilter
[19-06-2023 14:26:51] [CCredentialProviderFilter.cpp:62] CCredentialProviderFilter::Filter CPUS_LOGON
[19-06-2023 14:26:51] [CCredentialProviderFilter.cpp:69] Filter disabled by registry setting!
[19-06-2023 14:26:51] [CProvider.cpp:82] CProvider::SetUsageScenario: CPUS_LOGON - AUTHENTICATION START
[19-06-2023 14:26:51] [Configuration.cpp:144] -----------------------------
[19-06-2023 14:26:51] [Configuration.cpp:145] CP Version: 3.3.0
[19-06-2023 14:26:51] [Configuration.cpp:147] Windows Version: 10.0.17763
[19-06-2023 14:26:51] [Configuration.cpp:148] ------- Configuration -------
[19-06-2023 14:26:51] [Configuration.cpp:149] Hostname: myPIserver.newDomain.com
[19-06-2023 14:26:51] [Configuration.cpp:138] Login text: privacyIDEA Login
[19-06-2023 14:26:51] [Configuration.cpp:138] OTP failure text: Wrong One-Time Password!
[19-06-2023 14:26:51] [Configuration.cpp:162] Hide domain/full name: false/false
[19-06-2023 14:26:51] [Configuration.cpp:163] SSL ignore unknown CA/invalid CN: true/true
[19-06-2023 14:26:51] [Configuration.cpp:166] 2step enabled/send empty/domain password: true/false/true
[19-06-2023 14:26:51] [Configuration.cpp:167] Debug Log: true
[19-06-2023 14:26:51] [Configuration.cpp:168] Log sensitive data: true
[19-06-2023 14:26:51] [Configuration.cpp:169] No default: false
[19-06-2023 14:26:51] [Configuration.cpp:170] Show domain hint: false
[19-06-2023 14:26:51] [Configuration.cpp:125] Offline refill threshold: 0
[19-06-2023 14:26:51] [Configuration.cpp:189] -----------------------------
[19-06-2023 14:26:51] [Shared.cpp:30] Shared::IsRequiredForScenario
[19-06-2023 14:26:51] [Shared.cpp:138] Session is local
[19-06-2023 14:26:51] [Shared.cpp:66] Checking for Provider, CPUS_LOGON, local, entry=0e
[19-06-2023 14:26:51] [CProvider.cpp:120] SetUsageScenario result: 0x0
[19-06-2023 14:26:51] [CCredentialProviderFilter.cpp:40] CSample_CreateInstance - FILTER START
[19-06-2023 14:26:51] [CCredentialProviderFilter.cpp:141] CCredentialProviderFilter::CCredentialProviderFilter
[19-06-2023 14:26:51] [CCredentialProviderFilter.cpp:62] CCredentialProviderFilter::Filter CPUS_PLAP
[19-06-2023 14:26:51] [CCredentialProviderFilter.cpp:69] Filter disabled by registry setting!
[19-06-2023 14:26:51] [CProvider.cpp:226] CProvider::Advise
[19-06-2023 14:26:51] [CProvider.cpp:345] CProvider::GetCredentialCount
[19-06-2023 14:26:51] [CProvider.cpp:385] CProvider::GetCredentialAt
[19-06-2023 14:26:51] [CProvider.cpp:392] Checking if already serialized credentials are present
[19-06-2023 14:26:51] [CProvider.cpp:529] CProvider::_GetSerializedCredentials
[19-06-2023 14:26:51] [CProvider.cpp:435] Looking-up missing domain name from computer
[19-06-2023 14:26:51] [CProvider.cpp:446] Found domain:oldDomain
[19-06-2023 14:26:51] [CProvider.cpp:450] Initializing CCredential
[19-06-2023 14:26:51] [CCredential.cpp:75] CCredential::Initialize
[19-06-2023 14:26:51] [CCredential.cpp:109] Username from provider: empty
[19-06-2023 14:26:51] [CCredential.cpp:110] Domain from provider: oldDomain
[19-06-2023 14:26:51] [CCredential.cpp:113] Password from provider: empty
[19-06-2023 14:26:51] [CCredential.cpp:148] Init result: 0x0
[19-06-2023 14:26:51] [CProvider.cpp:476] Returning interface to credential
[19-06-2023 14:26:51] [CProvider.cpp:499] GetCredentialAt result 0x0
[19-06-2023 14:26:51] [CProvider.cpp:267] CProvider::GetFieldDescriptorCount
[19-06-2023 14:26:51] [CCredential.cpp:334] CCredential::GetBitmapValue
[19-06-2023 14:26:51] [CCredential.cpp:381] (long) 0
[19-06-2023 14:26:51] [CCredential.cpp:395] CCredential::GetSubmitButtonValue
[19-06-2023 14:26:51] [CCredential.cpp:191] CCredential::SetSelected
[19-06-2023 14:27:09] [CCredential.cpp:782] CCredential::Connect: CREDENTIAL SUBMITTED - step 1
[19-06-2023 14:27:09] [Utilities.cpp:636] Utilities::CopyInputsToConfig
[19-06-2023 14:27:09] [Utilities.cpp:682] Loading user and domain from GUI: 'newDomain\jonw'
[19-06-2023 14:27:09] [Utilities.cpp:690] Changing user from '' to 'jonw'
[19-06-2023 14:27:09] [Utilities.cpp:700] Changing domain from 'oldDomain' to 'newDomain'
[19-06-2023 14:27:09] [Utilities.cpp:723] Loading password from GUI, value:
[19-06-2023 14:27:09] [Utilities.cpp:726] MyCorrectPassword341228
[19-06-2023 14:27:09] [Utilities.cpp:747] Loading OTP from GUI, from '' to ''
[19-06-2023 14:27:09] [CCredential.cpp:843] 1st step: Sending windows pass
[19-06-2023 14:27:09] [PrivacyIDEA.cpp:96] PrivacyIDEA::ValidateCheck
[19-06-2023 14:27:09] [Endpoint.cpp:164] Endpoint::SendRequest to /validate/check
[19-06-2023 14:27:09] [Endpoint.cpp:72] Request parameters:
[19-06-2023 14:27:09] [Endpoint.cpp:79] pass=MyCorrectPassword341228
[19-06-2023 14:27:09] [Endpoint.cpp:79] user=jonw
"detail": {
"message": "matching 1 tokens",
"otplen": 6,
"serial": "TOTP00020037",
"threadid": 140011323590208,
"type": "totp"
},
"id": 2,
"jsonrpc": "2.0",
"result": {
"authentication": "ACCEPT",
"status": true,
"value": true
},
"signature": "rsa_sha256_pss:2c3db269df8a67151aeede0593a71ba863a35db3c397e5400e859ab65db545d6bba5f8a63974139184977ec74c8a2b2227bfb49a6858676c6c08f11476dd9d0ff056841eba173adef2210cfc31543415a8301339b15f9c9993dbca3cee66e8285491bcd6e6bec3016c998190451c1cada3393f7026684b25e2efd3cb94ae049a225d83c7e29591eb8712ce322d3d29d169d5947d58170e28782d7ed10b6104fa7117edf318359ac778104e24bb300191549560e8487c1a432dfd5bf6cb4c1c15c83a23239553110d9b9799cc789fe04fb2269a8a1d870db2c8874296967937d62258676089a95ec6de21879f9cc2d95fc732f019404c27203ed7d9e8f7cec204",
"time": 1687177673.7343698,
"version": "privacyIDEA 3.8.1",
"versionnumber": "3.8.1"
}
[19-06-2023 14:27:25] [JsonParser.cpp:225] JsonParser::ParseResponseForOfflineData
[19-06-2023 14:27:25] [JsonParser.cpp:53] JsonParser::ParsePIResponse
[19-06-2023 14:27:25] [CCredential.cpp:957] Authentication complete: true
[19-06-2023 14:27:25] [CCredential.cpp:958] Connect - END
[19-06-2023 14:27:25] [CCredential.cpp:608] CCredential::GetSerialization
[19-06-2023 14:27:25] [PrivacyIDEA.cpp:186] Stopping poll thread...
[19-06-2023 14:27:25] [Utilities.cpp:47] Utilities::KerberosLogon - Packing Credential with:
[19-06-2023 14:27:25] [Utilities.cpp:57] Username: jonw
[19-06-2023 14:27:25] [Utilities.cpp:59] Password: MyCorrectPassword341228
[19-06-2023 14:27:25] [Utilities.cpp:60] Domain: newDomain
[19-06-2023 14:27:25] [Utilities.cpp:445] Utilities::Clear
[19-06-2023 14:27:25] [CCredential.cpp:747] CPGSR_RETURN_CREDENTIAL_FINISHED
[19-06-2023 14:27:25] [CCredential.cpp:752] CCredential::GetSerialization - END
[19-06-2023 14:27:25] [CCredential.cpp:1012] CCredential::ReportResult
[19-06-2023 14:27:25] [CCredential.cpp:1014] ntsStatus: 0xc000006d, ntsSubstatus: 0x0
[19-06-2023 14:27:25] [CCredential.cpp:1023] Complete reset!
[19-06-2023 14:27:25] [Utilities.cpp:771] Utilities::ResetScenario
[19-06-2023 14:27:25] [Utilities.cpp:346] SetScenario: LOGON_TWO_STEP
[19-06-2023 14:27:25] [Utilities.cpp:489] Utilities::SetFieldStatePairBatch
[19-06-2023 14:27:28] [CCredential.cpp:191] CCredential::SetSelected
[19-06-2023 14:27:29] [CCredential.cpp:257] CCredential::SetDeselected
[19-06-2023 14:27:29] [Utilities.cpp:445] Utilities::Clear
[19-06-2023 14:27:29] [Utilities.cpp:771] Utilities::ResetScenario
[19-06-2023 14:27:29] [Utilities.cpp:346] SetScenario: LOGON_TWO_STEP
[19-06-2023 14:27:29] [Utilities.cpp:489] Utilities::SetFieldStatePairBatch
[19-06-2023 14:27:34] [CProvider.cpp:244] CProvider::UnAdvise - AUTHENTICATION END
[19-06-2023 14:27:34] [Utilities.cpp:445] Utilities::Clear
Thanks for your reply! This is what my log looks like. I just anonymized my private values (to ‘oldDomain’, ‘NewDomain’, ‘MyCorrectPassword’ and ‘jonw’). My password is transmitted correctly with the totp value. I think it’s strange. that he logs Loading OTP from GUI, from '' to '' but the privacyidea audit seems to be happy with the provided credentials…
I also tried setting otppin=none like suggested here: PI credential provider and AD authentication failure but it didn’t work for me.