Hello,
I almost finish to setup my VPN with ActiveDirectory FreeRadius (MFA google authenticator), I have one issue ..
I generated QR code for my Ad User and I scan it, when OpenVPN asking my OTP i have this following error
pam_winbind(google-authenticator:auth): request wbcLogonUser failed: WBC_ERR_AUTH_ERROR, PAM error: PAM_AUTH_ERR (7), NTSTATUS: NT_STATUS_LOGON_FAILURE, Error message was: The attempted logon is invalid. This is either due to a bad username or authentication information.
So my password + otp isn't working
Inside/etc/pam.d/radiusd :
auth requisite /usr/lib/x86_64-linux-gnu/security/pam_google_authenticator.so forward_pass
auth required pam_unix.so use_first_pass
I am little bit lost... i double checked OTP code and its good, so why pam isn't connecting ?
Thanks