Hello,
Our previous privacyIDEA administrator left the company and I’ve been tasked with taking over. For over a year, our OTP cards have been working as expected. Recently, however, we’ve noticed several of our OTP cards “falling out of sync” with the server. I’ve tried a couple of solutions posted online, but I believe our system settings might be off because the “resync token” option is not working. Can anyone possibly offer some guidance?
Current system settings:
Thank you!
From this information it is impossible to tell.
If you are sure, this is the right card…
if you are sure the system has the correct encryption key…
…then I would probably increase the sync window to maybe 10000.
Then resync should more probalby work.
Then I would observe how the timeShift had changed and try to continue understand what happend.
Might be anything like side effect of your installation type and update procedure.
Thank you very much for your response, @cornelinux!
I can confirm that this is definitely an affected card.
The system is still working for 95% of our other OTP cards, but a minority are beginning to fall out of sync. The system was also working for 100% of our OTP cards for over a year. I assume this means that the encryption key must be correct?
I did previously try changing the sync window to 10000 for this particular card, and the resync still didn’t work. Do I need to change the system settings sync window to 10000, as well? What specific changes am I looking for in the timeShift, and what do they tell me?
Any other information I could provide to help investigate? Apologies in advance for being a novice.
