| *** nowen (~nowen@99-174-93-102.lightspeed.tukrga.sbcglobal.net) has joined #wikid | 13:03 | |
| nowen | morning | 13:04 |
|---|---|---|
| nowen | back in a bit | 13:08 |
| nowen | ARG: how goes it? | 13:34 |
| ARG | Hey good morning I have the radius configured but how do I add users to wikid | 15:09 |
| nowen | for one, you can add your domain to a token, then go under Users/Add a user manually and click on the reg code | 15:10 |
| nowen | you can also do it programmatically, but I would wait on that | 15:10 |
| ARG | the user manually tab after you click on it is missing the enable botton | 15:14 |
| nowen | do you see a registration code listed? | 15:16 |
| ARG | no | 15:16 |
| nowen | do you have a token? | 15:17 |
| ARG | I'm not sure If I do | 15:18 |
| nowen | get one here: http://www.wikidsystems.com/downloads/token-clients | 15:18 |
| ARG | Ok I see thanks let play with this now | 15:19 |
| ARG | So the Token needs to be download on every user device that requier authentication | 15:34 |
| ARG | I found a video with the instruction | 15:38 |
| ARG | I'm getting this:The wClient connection to the server was NOT successfully established when trying to test the wAuth | 17:03 |
| nowen | on example.jsp? | 17:04 |
| ARG | yes | 17:04 |
| nowen | you edited the file? changing the localhost passphras? | 17:04 |
| ARG | yes | 17:05 |
| nowen | and then, did you restart wikid? | 17:05 |
| ARG | no | 17:05 |
| nowen | try that | 17:05 |
| ARG | ok | 17:06 |
| ARG | is working now | 17:09 |
| nowen | nice | 17:09 |
| nowen | it will show you the whole API | 17:09 |
| ARG | The WAuth test passed | 17:13 |
| ARG | now this is not working https://server/wikid/ADRegister/ADRegister.jsp | 17:14 |
| nowen | did you edit that file? | 17:14 |
| ARG | what file | 17:14 |
| nowen | ADRegister.jsp | 17:15 |
| ARG | I think I did yesterday | 17:15 |
| ARG | I made some changes to the file | 17:15 |
| nowen | any error? | 17:15 |
| ARG | yes it resjected my login | 17:16 |
| ARG | Authentication to the directory failed for | 17:16 |
| nowen | did you login using your AD creds? | 17:16 |
| ARG | I'm using radius | 17:16 |
| nowen | that file allows users to login with their AD creds and register their own token | 17:17 |
| nowen | once registered, they can login to a radius network client using WiKID | 17:17 |
| ARG | is not working for me any idea why | 17:18 |
| ARG | is there a way to test the radius | 17:18 |
| nowen | yes - set up a radius network client | 17:18 |
| ARG | I did | 17:19 |
| nowen | and does it work? | 17:19 |
| ARG | no | 17:19 |
| nowen | what error do you get in the WiKIDAdmin logs? | 17:19 |
| ARG | I can see that is setup on the netwokd client tab | 17:20 |
| nowen | http://www.wikidsystems.com/support/wikid-support-center/troubleshooting-faq/how-can-i-set-radius-logging-to-debug-how-can-i-see-if-wikid-is-getting-the-radius-requests?searchterm=radius+debug | 17:20 |
| ARG | this is the only error on the logs: 2013-03-29 10:39:49.119ERRORcom.wikidsystems.client.wClientERROR: java.io.IOException: PKCS12 key store mac invalid - wrong password or corrupted file. | 17:42 |
| nowen | set the log level to debug and hit filter | 17:43 |
| ARG | no errors on the radius logs | 17:43 |
| ARG | I already did | 17:43 |
| ARG | I followed the link instruction | 17:43 |
| nowen | which loggers do you have set for debug? | 17:43 |
| nowen | so you have 4 loggers to debug? | 17:44 |
| ARG | To enable debugging for radius, go to Logs/Configure Loggers and set com.wikidsystems and com.wikidsystems.wauth to debug and add com.wikidsystems.radius.log.DBSvrLogImpl and set it to debug as well. | 17:44 |
| nowen | ok | 17:44 |
| nowen | did you get an OTP from the token? | 17:44 |
| ARG | The token is working no problem | 17:44 |
| nowen | you should see the OTP request from the token in the logs | 17:45 |
| ARG | ok let me see | 17:45 |
| ARG | I don't see anything | 17:46 |
| ARG | maybe this ERROR: java.io.IOException: PKCS12 key store mac invalid - wrong password or corrupted file. | 17:48 |
| ARG | is there a way I can send you a screenshot | 17:48 |
| nowen | cut and paste the text into pastebin.org | 17:49 |
| nowen | and then paste the url they give you here | 17:49 |
| nowen | is the that error repeating? | 17:49 |
| nowen | because I am assuming it is from your example.jsp or adregister.jsp hits | 17:50 |
| ARG | yes it is an example but the first one I sent you is not | 17:51 |
| nowen | what is the time on the pkcs error? | 17:52 |
| ARG | 2013-03-29 10:39:49.119 | 17:53 |
| nowen | so, not recent | 17:54 |
| ARG | http://pastebin.com/kfLViV1G | 17:55 |
| nowen | can you paste the logs too please? | 17:55 |
| ARG | http://pastebin.com/hKEBaZnj | 17:55 |
| ARG | There is no logs the second link is the only one that has logs | 17:56 |
| nowen | I want to see the page that has the pkcs error | 17:57 |
| nowen | when you get an OTP, you should see 'Issued passcode to device -3767091469847503280' in the logs | 17:59 |
| nowen | are the dates correct on this server? | 17:59 |
| ARG | let me check | 18:00 |
| ARG | Yes Fri Mar 29 12:00:32 MDT 2013 | 18:00 |
| nowen | what is the domain identifier of the server? | 18:01 |
| ARG | 010010011165 | 18:01 |
| ARG | How do I get the pkcs error | 18:02 |
| nowen | on the top right hand side of the WiKIDAdmin UI is a link that says 'logs' | 18:02 |
| ARG | Yes I'm there now | 18:03 |
| nowen | ok, set the log level to debug and hit filter | 18:04 |
| ARG | what source you want me to choose | 18:04 |
| nowen | None | 18:05 |
| ARG | ok done | 18:05 |
| nowen | do you see 'Issued passcode to device -....'? | 18:06 |
| ARG | is only showing one error and is highlighter on red nothing else | 18:07 |
| nowen | get an OTP on the token and then hit filter againb | 18:07 |
| ARG | ok | 18:07 |
| ARG | OK I got a new one | 18:10 |
| nowen | and do you see it in the logs? | 18:10 |
| ARG | yes | 18:10 |
| ARG | 013-03-29 11:11:59.090WARNcom.mchange.v2.c3p0.management.ActiveManagementCoordinatorA C3P0Registry mbean is already registered. This probably means that an application using c3p0 was undeployed, but not all PooledDataSources were closed prior to undeployment. This may lead to resource leaks over time. Please take care to close all PooledDataSources. | 18:11 |
| nowen | you can ignore that | 18:11 |
| ARG | ok | 18:11 |
| ARG | that is all I see and the old one | 18:11 |
| nowen | you do have a 'Issued passcode to device ' log entry? | 18:11 |
| nowen | so, you are getting a passcode back to your software token, but you are not seeing it in the logs? | 18:12 |
| ARG | I'm not sure | 18:12 |
| nowen | http://pastebin.com/nrgEMHn6 | 18:14 |
| ARG | Well I'm not sure how the logs work for wikid but on the logs tab all I see is what I told you I don't see any where else where I can click to see details of the erroe | 18:14 |
| nowen | that's what it should look like | 18:14 |
| nowen | then, I guess my question is: when you entered your PIN into the software token, did you get back a one-time passcode? | 18:15 |
| ARG | I don't see that anywhere | 18:15 |
| ARG | yes | 18:15 |
| ARG | I also tested here and it works https://10.10.11.165/WiKIDAdmin/example.jsp | 18:15 |
| nowen | so, everything is working, except the logs? | 18:16 |
| ARG | yes | 18:16 |
| ARG | well no radius is not working | 18:17 |
| nowen | on the logs page, what are the settings on each drop down? | 18:18 |
| ARG | if you click on the log tab I should be able to see what show me on the link or there is another botton inside the logs | 18:19 |
| ARG | ok wait is working now | 18:19 |
| ARG | I just change it back ot debug and none and show me the logs | 18:20 |
| nowen | yes, debug and none is what you want | 18:20 |
| ARG | I had it that way before but it was not working | 18:20 |
| ARG | but now is working | 18:21 |
| nowen | ok | 18:21 |
| nowen | now try to login to your radius client and let me know what you see in the logs | 18:21 |
| ARG | ok | 18:21 |
| ARG | http://pastebin.com/GD6A9LPQ | 18:25 |
| nowen | none of that is radius | 18:27 |
| ARG | yes I know | 18:28 |
| nowen | do you see the OTP request? | 18:28 |
| ARG | where should I see the otp request | 18:28 |
| nowen | in the logs: it will say: 'Issued passcode to device ' xxxxx' | 18:29 |
| ARG | let see the logs | 18:30 |
| ARG | yes 2013-03-29 11:12:00.135INFOcom.wikidsystems.server.DeviceTransactionExecIssued passcode to device -7503691510695519935 | 18:31 |
| nowen | what time is it there? seems a bit old | 18:32 |
| ARG | 12.32 pm | 18:32 |
| ARG | but that is the only one | 18:32 |
| ARG | let refresh the logs | 18:33 |
| nowen | did you get a new OTP when you tried to log in to the radius client? | 18:33 |
| ARG | no but maybe takes time to see the new logs | 18:33 |
| ARG | I just update the logs but nothing new | 18:34 |
| nowen | you need a new OTP to login with! they are only good for 60 secs | 18:34 |
| nowen | do this: Get an OTP on the token. Enter the OTP into whatever radius client you are using. Check the logs. Everything after the OTP will be radius info. | 18:35 |
| nowen | what radius client are you using? Openvpn? | 18:37 |
| ARG | Ok let me clear this when I got the wikid/ADRegister/ADRegister.jsp it asked me for my AD username and password then when I click authenticate it reject me | 18:37 |
| nowen | ADRegister does not use radius! | 18:37 |
| ARG | crap | 18:38 |
| nowen | it is for user registration! | 18:38 |
| ARG | what do I loging using radius | 18:38 |
| nowen | anything that supports radius! | 18:38 |
| nowen | openvpn, a radius test client, a vpn | 18:38 |
| nowen | apache | 18:39 |
| nowen | pam | 18:39 |
| nowen | aren't you setting up openvpn? | 18:39 |
| ARG | I have openvpn and is already configure with ldap | 18:39 |
| ARG | sorry man I very cofused here | 18:41 |
| ARG | my wireless over here uses radius | 18:41 |
| ARG | my vpn ldap | 18:41 |
| ARG | so when would I use a radius with wikid from what device | 18:43 |
| nowen | maybe something like this: http://www.iea-software.com/products/radlogin4.cfm | 18:46 |
| ARG | Ok I'm going to lunch thanks | 18:50 |
| ARG | one more question before I go I have the token intalled on my pc | 18:51 |
| ARG | If I log out would it allowed to log back in | 18:51 |
| nowen | WiKID has no knowledge of your session or any concept of session. | 18:52 |
| ARG | ok I need to see how wikid works Im lost right now if you have a video can you send to me | 18:53 |
| nowen | http://www.wikidsystems.com/learn-more/technology/overview | 18:53 |
| nowen | I'm going to move the website, so there might be a bit of downtime. | 20:23 |
| ARG | OK | 20:25 |
Generated by irclog2html.py 2.11.0 by Marius Gedminas - find it at mg.pov.lt!