Hi all,

I' m trying to enable OTP:

- Enabled "Two factor authentication (password + OTP)" for a particular user.
- Added a OTP token, FreeOTP on an Android that is, for the user which all went fine.

Trying to login will fail. After several attempts, systemctl --failed will tell:


  UNIT                       LOAD   ACTIVE SUB    DESCRIPTION
* ipa-otpd@0-1642-0.service  loaded failed failed ipa-otpd service (PID 1642/UID 0)
* ipa-otpd@1-1642-0.service  loaded failed failed ipa-otpd service (PID 1642/UID 0)
* ipa-otpd@10-1642-0.service loaded failed failed ipa-otpd service (PID 1642/UID 0)
* ipa-otpd@11-1642-0.service loaded failed failed ipa-otpd service (PID 1642/UID 0)
* ipa-otpd@12-1642-0.service loaded failed failed ipa-otpd service (PID 1642/UID 0)
* ipa-otpd@13-1643-0.service loaded failed failed ipa-otpd service (PID 1643/UID 0)
* ipa-otpd@14-1643-0.service loaded failed failed ipa-otpd service (PID 1643/UID 0)
* ipa-otpd@15-1643-0.service loaded failed failed ipa-otpd service (PID 1643/UID 0)
* ipa-otpd@16-1643-0.service loaded failed failed ipa-otpd service (PID 1643/UID 0)
* ipa-otpd@2-1642-0.service  loaded failed failed ipa-otpd service (PID 1642/UID 0)
* ipa-otpd@3-1643-0.service  loaded failed failed ipa-otpd service (PID 1643/UID 0)
* ipa-otpd@4-1643-0.service  loaded failed failed ipa-otpd service (PID 1643/UID 0)
* ipa-otpd@5-1643-0.service  loaded failed failed ipa-otpd service (PID 1643/UID 0)
* ipa-otpd@6-1642-0.service  loaded failed failed ipa-otpd service (PID 1642/UID 0)
* ipa-otpd@7-1642-0.service  loaded failed failed ipa-otpd service (PID 1642/UID 0)
* ipa-otpd@8-1643-0.service  loaded failed failed ipa-otpd service (PID 1643/UID 0)
* ipa-otpd@9-1643-0.service  loaded failed failed ipa-otpd service (PID 1643/UID 0)

LOAD   = Reflects whether the unit definition was properly loaded.
ACTIVE = The high-level unit activation state, i.e. generalization of SUB.
SUB    = The low-level unit activation state, values depend on unit type.

17 loaded units listed. Pass --all to see loaded but inactive units, too.
To show all installed unit files use 'systemctl list-unit-files'.

Journalctl will tell some more:

root@ipa log]# journalctl -f -u ipa-otpd@9-1643-0.service
-- Logs begin at Fri 2016-01-29 10:14:55 CET. --
Feb 02 11:03:19 ipa.blabla.bla systemd[1]: ipa-otpd@9-1643-0.service: Main process exited, code=exited, status=1/FAILURE
Feb 02 11:03:19 ipa.blabla.bla systemd[1]: ipa-otpd@9-1643-0.service: Unit entered failed state.
Feb 02 11:03:19 ipa.blabla.bla systemd[1]: ipa-otpd@9-1643-0.service: Failed with result 'exit-code'.
Feb 02 11:04:31 ipa.blabla.bla systemd[1]: Started ipa-otpd service (PID 1643/UID 0).
Feb 02 11:04:31 ipa.blabla.bla systemd[1]: Starting ipa-otpd service (PID 1643/UID 0)...
Feb 02 11:04:31 ipa.blabla.bla ipa-otpd[2924]: LDAP: ldapi://%2fvar%2frun%2fslapd-BLABLA-BLA.socket
Feb 02 11:05:23 ipa.blabla.bla ipa-otpd[2924]: stdio.c:073: Invalid argument: Error receiving packet
Feb 02 11:05:23 ipa.blabla.bla systemd[1]: ipa-otpd@9-1643-0.service: Main process exited, code=exited, status=1/FAILURE
Feb 02 11:05:23 ipa.blabla.bla systemd[1]: ipa-otpd@9-1643-0.service: Unit entered failed state.
Feb 02 11:05:23 ipa.blabla.bla systemd[1]: ipa-otpd@9-1643-0.service: Failed with result 'exit-code'.


What' s going wrong here?

Winny
-- 
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

Reply via email to