neos-sdi / adfsmfa Goto Github PK
View Code? Open in Web Editor NEWMFA for ADFS 2022/2019/2016/2012r2
License: MIT License
MFA for ADFS 2022/2019/2016/2012r2
License: MIT License
like the following figure, if I input [email protected], it will say "Email not correctly formatted" and not allow me to save.
You can reference the suitable email regular expression format in here: http://emailregex.com/
thanks.
I try to set SHA256, security mode set to RNG 1024bits, regenerate the user's key and use Google authenticator/Microsoft authenticator to generate OTP. But it cannot login and the exception is as below. So my question is can I use SHAxxx other than SHA1? Thanks.
Encountered error during federation passive request.
Additional Data
Protocol Name:
OAuthAuthorizationProtocol
Relying Party:
https://fs.adfsuat.local
Exception details:
Microsoft.IdentityServer.Web.Authentication.External.ExternalAuthenticationException: [email protected] : Invalid identification, please restart your session.
at Neos.IdentityServer.MultiFactor.AuthenticationProvider.TryLocking(AuthenticationContext usercontext, IAuthenticationContext context, IProofData proofData, HttpListenerRequest request, Claim[]& claims)
at Neos.IdentityServer.MultiFactor.AuthenticationProvider.TryEndAuthentication(IAuthenticationContext context, IProofData proofData, HttpListenerRequest request, Claim[]& claims)
at Microsoft.IdentityServer.Web.Authentication.External.ExternalAuthenticationHandlerBase.TryEndAuthentication(IAuthenticationContext authContext, IProofData proofData, HttpListenerRequest request, Claim[]& adapterClaims)
at Microsoft.IdentityServer.Web.Authentication.External.ExternalAuthenticationHandler.Process(ProtocolContext context)
at Microsoft.IdentityServer.Web.Authentication.AuthenticationOptionsHandler.Process(ProtocolContext context)
at Microsoft.IdentityServer.Web.PassiveProtocolListener.OnGetContext(WrappedHttpListenerContext context)
I tried to compile the source code in vs2017 but failed. Did I miss something? Thanks.
Environment:
VS2017
.net framework 4.6.2
Windows Server 2016 and ADFS
a self-signed cert (Neos.IdentityServer.pfx).
1>------ Build started: Project: Neos.IdentityServer.MultiFactor.Common, Configuration: Debug Any CPU ------
1>C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.Common\Neos.IdentityServer.MultiFactor.Utilities.cs(94,30,94,55): error CS0122: 'ADDSDataRepositoryService' is inaccessible due to its protection level
1>C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.Common\Neos.IdentityServer.MultiFactor.Utilities.cs(96,30,96,54): error CS0122: 'SQLDataRepositoryService' is inaccessible due to its protection level
1>C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.Common\Neos.IdentityServer.MultiFactor.Utilities.cs(867,30,867,55): error CS0122: 'ADDSKeysRepositoryService' is inaccessible due to its protection level
1>C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.Common\Neos.IdentityServer.MultiFactor.Utilities.cs(869,30,869,54): error CS0122: 'SQLKeysRepositoryService' is inaccessible due to its protection level
1>C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.Common\Neos.IdentityServer.MultiFactor.Utilities.cs(108,30,108,55): error CS0122: 'ADDSDataRepositoryService' is inaccessible due to its protection level
1>C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.Common\Neos.IdentityServer.MultiFactor.Utilities.cs(110,30,110,54): error CS0122: 'SQLDataRepositoryService' is inaccessible due to its protection level
1>C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.Common\Neos.IdentityServer.MultiFactor.Utilities.cs(122,30,122,55): error CS0122: 'ADDSDataRepositoryService' is inaccessible due to its protection level
1>C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.Common\Neos.IdentityServer.MultiFactor.Utilities.cs(124,30,124,54): error CS0122: 'SQLDataRepositoryService' is inaccessible due to its protection level
1>C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.Common\Neos.IdentityServer.MultiFactor.Utilities.cs(136,30,136,55): error CS0122: 'ADDSDataRepositoryService' is inaccessible due to its protection level
1>C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.Common\Neos.IdentityServer.MultiFactor.Utilities.cs(138,30,138,54): error CS0122: 'SQLDataRepositoryService' is inaccessible due to its protection level
1>C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.Common\Neos.IdentityServer.MultiFactor.Utilities.cs(150,30,150,55): error CS0122: 'ADDSDataRepositoryService' is inaccessible due to its protection level
1>C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.Common\Neos.IdentityServer.MultiFactor.Utilities.cs(152,30,152,54): error CS0122: 'SQLDataRepositoryService' is inaccessible due to its protection level
1>C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.Common\Neos.IdentityServer.MultiFactor.Utilities.cs(164,30,164,55): error CS0122: 'ADDSDataRepositoryService' is inaccessible due to its protection level
1>C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.Common\Neos.IdentityServer.MultiFactor.Utilities.cs(166,30,166,54): error CS0122: 'SQLDataRepositoryService' is inaccessible due to its protection level
1>C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.Common\Neos.IdentityServer.MultiFactor.Utilities.cs(178,30,178,55): error CS0122: 'ADDSDataRepositoryService' is inaccessible due to its protection level
1>C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.Common\Neos.IdentityServer.MultiFactor.Utilities.cs(180,30,180,54): error CS0122: 'SQLDataRepositoryService' is inaccessible due to its protection level
1>C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.Common\Neos.IdentityServer.MultiFactor.Utilities.cs(192,30,192,55): error CS0122: 'ADDSDataRepositoryService' is inaccessible due to its protection level
1>C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.Common\Neos.IdentityServer.MultiFactor.Utilities.cs(194,30,194,54): error CS0122: 'SQLDataRepositoryService' is inaccessible due to its protection level
1>C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.Common\Neos.IdentityServer.MultiFactor.Utilities.cs(206,30,206,55): error CS0122: 'ADDSDataRepositoryService' is inaccessible due to its protection level
1>C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.Common\Neos.IdentityServer.MultiFactor.Utilities.cs(208,30,208,54): error CS0122: 'SQLDataRepositoryService' is inaccessible due to its protection level
1>C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.Common\Neos.IdentityServer.MultiFactor.Utilities.cs(1069,30,1069,55): error CS0122: 'ADDSKeysRepositoryService' is inaccessible due to its protection level
1>C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.Common\Neos.IdentityServer.MultiFactor.Utilities.cs(1071,30,1071,54): error CS0122: 'SQLKeysRepositoryService' is inaccessible due to its protection level
1>C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.Common\Neos.IdentityServer.MultiFactor.Utilities.cs(226,52,226,77): error CS0122: 'ADDSDataRepositoryService' is inaccessible due to its protection level
1>C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.Common\Neos.IdentityServer.MultiFactor.Utilities.cs(235,35,235,60): error CS0122: 'ADDSDataRepositoryService' is inaccessible due to its protection level
1>C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.Common\Neos.IdentityServer.MultiFactor.Utilities.cs(242,35,242,59): error CS0122: 'SQLDataRepositoryService' is inaccessible due to its protection level
1>C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.Common\Neos.IdentityServer.MultiFactor.Utilities.cs(305,34,305,59): error CS0122: 'ADDSDataRepositoryService' is inaccessible due to its protection level
1>C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.Common\Neos.IdentityServer.MultiFactor.Utilities.cs(308,34,308,58): error CS0122: 'SQLDataRepositoryService' is inaccessible due to its protection level
1>C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.Common\Neos.IdentityServer.MultiFactor.Utilities.cs(313,38,313,63): error CS0122: 'ADDSDataRepositoryService' is inaccessible due to its protection level
1>C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.Common\Neos.IdentityServer.MultiFactor.Utilities.cs(318,38,318,62): error CS0122: 'SQLDataRepositoryService' is inaccessible due to its protection level
1>C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.Common\Neos.IdentityServer.MultiFactor.Utilities.cs(333,30,333,55): error CS0122: 'ADDSDataRepositoryService' is inaccessible due to its protection level
1>C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.Common\Neos.IdentityServer.MultiFactor.Utilities.cs(335,30,335,54): error CS0122: 'SQLDataRepositoryService' is inaccessible due to its protection level
1>C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.Common\Neos.IdentityServer.MultiFactor.Utilities.cs(347,30,347,55): error CS0122: 'ADDSDataRepositoryService' is inaccessible due to its protection level
1>C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.Common\Neos.IdentityServer.MultiFactor.Utilities.cs(349,30,349,54): error CS0122: 'SQLDataRepositoryService' is inaccessible due to its protection level
2>------ Build started: Project: Neos.IdentityServer.MultiFactor.Administration, Configuration: Debug Any CPU ------
3>------ Build started: Project: Neos.IdentityServer.MultiFactor, Configuration: Debug Any CPU ------
4>------ Build started: Project: Neos.IdentityServer.MultiFactor.SMS.Azure, Configuration: Debug Any CPU ------
5>------ Build started: Project: Neos.IdentityServer.MultiFactor.SMS.Sample, Configuration: Debug Any CPU ------
6>------ Build started: Project: Neos.IdentityServer.Multifactor.Keys.Sample, Configuration: Debug Any CPU ------
4>CSC : error CS0006: Metadata file 'C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.Common\bin\Debug\Neos.IdentityServer.MultiFactor.Common.dll' could not be found
3>CSC : error CS0006: Metadata file 'C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.Common\bin\Debug\Neos.IdentityServer.MultiFactor.Common.dll' could not be found
2>CSC : error CS0006: Metadata file 'C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.Common\bin\Debug\Neos.IdentityServer.MultiFactor.Common.dll' could not be found
7>------ Build started: Project: Neos.IdentityServer.Console, Configuration: Debug Any CPU ------
8>------ Build started: Project: Neos.IdentityServer.MultiFactor.Cmdlets, Configuration: Debug Any CPU ------
5>CSC : error CS0006: Metadata file 'C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.Common\bin\Debug\Neos.IdentityServer.MultiFactor.Common.dll' could not be found
6>CSC : error CS0006: Metadata file 'C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.Common\bin\Debug\Neos.IdentityServer.MultiFactor.Common.dll' could not be found
8>CSC : error CS0006: Metadata file 'C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.Common.Admin\bin\Debug\Neos.IdentityServer.MultiFactor.Administration.dll' could not be found
8>CSC : error CS0006: Metadata file 'C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.Common\bin\Debug\Neos.IdentityServer.MultiFactor.Common.dll' could not be found
7>CSC : error CS0006: Metadata file 'C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.Common.Admin\bin\Debug\Neos.IdentityServer.MultiFactor.Administration.dll' could not be found
7>CSC : error CS0006: Metadata file 'C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.Common\bin\Debug\Neos.IdentityServer.MultiFactor.Common.dll' could not be found
9>------ Build started: Project: Neos.IdentityServer.MultiFactor.WixSetup, Configuration: Debug x86 ------
9> C:\Program Files (x86)\WiX Toolset v3.11\bin\candle.exe -d"DevEnvDir=C:\Program Files (x86)\Microsoft Visual Studio\2017\Community\Common7\IDE\" -d"SolutionDir=C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\" -dSolutionExt=.sln -dSolutionFileName=Neos.IdentityServer.MultiFactor.sln -dSolutionName=Neos.IdentityServer.MultiFactor -d"SolutionPath=C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.MultiFactor.sln" -dConfiguration=Debug -dOutDir=bin\Debug\ -dPlatform=x86 -d"ProjectDir=C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.MultiFactor.WixSetup\" -dProjectExt=.wixproj -dProjectFileName=Neos.IdentityServer.MultiFactor.WixSetup.wixproj -dProjectName=Neos.IdentityServer.MultiFactor.WixSetup -d"ProjectPath=C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.MultiFactor.WixSetup\Neos.IdentityServer.MultiFactor.WixSetup.wixproj" -d"TargetDir=C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.MultiFactor.WixSetup\bin\Debug\" -dTargetExt=.msi -dTargetFileName=adfsmfa.msi -dTargetName=adfsmfa -d"TargetPath=C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.MultiFactor.WixSetup\bin\Debug\adfsmfa.msi" -dNeos.IdentityServer.Console.NativeResources.Configuration=Debug -d"Neos.IdentityServer.Console.NativeResources.FullConfiguration=Debug|Win32" -dNeos.IdentityServer.Console.NativeResources.Platform=Win32 -d"Neos.IdentityServer.Console.NativeResources.ProjectDir=C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.Console.NativeResources\" -dNeos.IdentityServer.Console.NativeResources.ProjectExt=.vcxproj -dNeos.IdentityServer.Console.NativeResources.ProjectFileName=Win32Project1.vcxproj -dNeos.IdentityServer.Console.NativeResources.ProjectName=Win32Project1 -d"Neos.IdentityServer.Console.NativeResources.ProjectPath=C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.Console.NativeResources\Win32Project1.vcxproj" -d"Neos.IdentityServer.Console.NativeResources.TargetDir=C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.Console.NativeResources\Debug\" -dNeos.IdentityServer.Console.NativeResources.TargetExt=.dll -dNeos.IdentityServer.Console.NativeResources.TargetFileName=Neos.IdentityServer.Console.NativeResources.dll -dNeos.IdentityServer.Console.NativeResources.TargetName=Neos.IdentityServer.Console.NativeResources -d"Neos.IdentityServer.Console.NativeResources.TargetPath=C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.Console.NativeResources\Debug\Neos.IdentityServer.Console.NativeResources.dll" -dNeos.IdentityServer.MultiFactor.Administration.Configuration=Debug -d"Neos.IdentityServer.MultiFactor.Administration.FullConfiguration=Debug|AnyCPU" -dNeos.IdentityServer.MultiFactor.Administration.Platform=AnyCPU -d"Neos.IdentityServer.MultiFactor.Administration.ProjectDir=C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.Common.Admin\" -dNeos.IdentityServer.MultiFactor.Administration.ProjectExt=.csproj -dNeos.IdentityServer.MultiFactor.Administration.ProjectFileName=Neos.IdentityServer.MultiFactor.Administration.csproj -dNeos.IdentityServer.MultiFactor.Administration.ProjectName=Neos.IdentityServer.MultiFactor.Administration -d"Neos.IdentityServer.MultiFactor.Administration.ProjectPath=C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.Common.Admin\Neos.IdentityServer.MultiFactor.Administration.csproj" -d"Neos.IdentityServer.MultiFactor.Administration.TargetDir=C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.Common.Admin\bin\Debug\" -dNeos.IdentityServer.MultiFactor.Administration.TargetExt=.dll -dNeos.IdentityServer.MultiFactor.Administration.TargetFileName=Neos.IdentityServer.MultiFactor.Administration.dll -dNeos.IdentityServer.MultiFactor.Administration.TargetName=Neos.IdentityServer.MultiFactor.Administration -d"Neos.IdentityServer.MultiFactor.Administration.TargetPath=C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.Common.Admin\bin\Debug\Neos.IdentityServer.MultiFactor.Administration.dll" -dNeos.IdentityServer.MultiFactor.Common.Configuration=Debug -d"Neos.IdentityServer.MultiFactor.Common.FullConfiguration=Debug|AnyCPU" -dNeos.IdentityServer.MultiFactor.Common.Platform=AnyCPU -d"Neos.IdentityServer.MultiFactor.Common.ProjectDir=C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.Common\" -dNeos.IdentityServer.MultiFactor.Common.ProjectExt=.csproj -dNeos.IdentityServer.MultiFactor.Common.ProjectFileName=Neos.IdentityServer.MultiFactor.Common.csproj -dNeos.IdentityServer.MultiFactor.Common.ProjectName=Neos.IdentityServer.MultiFactor.Common -d"Neos.IdentityServer.MultiFactor.Common.ProjectPath=C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.Common\Neos.IdentityServer.MultiFactor.Common.csproj" -d"Neos.IdentityServer.MultiFactor.Common.TargetDir=C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.Common\bin\Debug\" -dNeos.IdentityServer.MultiFactor.Common.TargetExt=.dll -dNeos.IdentityServer.MultiFactor.Common.TargetFileName=Neos.IdentityServer.MultiFactor.Common.dll -dNeos.IdentityServer.MultiFactor.Common.TargetName=Neos.IdentityServer.MultiFactor.Common -d"Neos.IdentityServer.MultiFactor.Common.TargetPath=C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.Common\bin\Debug\Neos.IdentityServer.MultiFactor.Common.dll" -dNeos.IdentityServer.Console.Configuration=Debug -d"Neos.IdentityServer.Console.FullConfiguration=Debug|AnyCPU" -dNeos.IdentityServer.Console.Platform=AnyCPU -d"Neos.IdentityServer.Console.ProjectDir=C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.Console\" -dNeos.IdentityServer.Console.ProjectExt=.csproj -dNeos.IdentityServer.Console.ProjectFileName=Neos.IdentityServer.Console.csproj -dNeos.IdentityServer.Console.ProjectName=Neos.IdentityServer.Console -d"Neos.IdentityServer.Console.ProjectPath=C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.Console\Neos.IdentityServer.Console.csproj" -d"Neos.IdentityServer.Console.TargetDir=C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.Console\bin\Debug\" -dNeos.IdentityServer.Console.TargetExt=.dll -dNeos.IdentityServer.Console.TargetFileName=Neos.IdentityServer.Console.dll -dNeos.IdentityServer.Console.TargetName=Neos.IdentityServer.Console -d"Neos.IdentityServer.Console.TargetPath=C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.Console\bin\Debug\Neos.IdentityServer.Console.dll" -dNeos.IdentityServer.MultiFactor.Cmdlets.Configuration=Debug -d"Neos.IdentityServer.MultiFactor.Cmdlets.FullConfiguration=Debug|AnyCPU" -dNeos.IdentityServer.MultiFactor.Cmdlets.Platform=AnyCPU -d"Neos.IdentityServer.MultiFactor.Cmdlets.ProjectDir=C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.MultiFactor.Cmdlets\" -dNeos.IdentityServer.MultiFactor.Cmdlets.ProjectExt=.csproj -dNeos.IdentityServer.MultiFactor.Cmdlets.ProjectFileName=Neos.IdentityServer.MultiFactor.Cmdlets.csproj -dNeos.IdentityServer.MultiFactor.Cmdlets.ProjectName=Neos.IdentityServer.MultiFactor.Cmdlets -d"Neos.IdentityServer.MultiFactor.Cmdlets.ProjectPath=C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.MultiFactor.Cmdlets\Neos.IdentityServer.MultiFactor.Cmdlets.csproj" -d"Neos.IdentityServer.MultiFactor.Cmdlets.TargetDir=C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.MultiFactor.Cmdlets\bin\Debug\" -dNeos.IdentityServer.MultiFactor.Cmdlets.TargetExt=.dll -dNeos.IdentityServer.MultiFactor.Cmdlets.TargetFileName=Neos.IdentityServer.MultiFactor.Cmdlets.dll -dNeos.IdentityServer.MultiFactor.Cmdlets.TargetName=Neos.IdentityServer.MultiFactor.Cmdlets -d"Neos.IdentityServer.MultiFactor.Cmdlets.TargetPath=C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.MultiFactor.Cmdlets\bin\Debug\Neos.IdentityServer.MultiFactor.Cmdlets.dll" -dNeos.IdentityServer.MultiFactor.DataTypes.Configuration=Debug -d"Neos.IdentityServer.MultiFactor.DataTypes.FullConfiguration=Debug|AnyCPU" -dNeos.IdentityServer.MultiFactor.DataTypes.Platform=AnyCPU -d"Neos.IdentityServer.MultiFactor.DataTypes.ProjectDir=C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.MultiFactor.DataTypes\" -dNeos.IdentityServer.MultiFactor.DataTypes.ProjectExt=.csproj -dNeos.IdentityServer.MultiFactor.DataTypes.ProjectFileName=Neos.IdentityServer.MultiFactor.DataTypes.csproj -dNeos.IdentityServer.MultiFactor.DataTypes.ProjectName=Neos.IdentityServer.MultiFactor.DataTypes -d"Neos.IdentityServer.MultiFactor.DataTypes.ProjectPath=C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.MultiFactor.DataTypes\Neos.IdentityServer.MultiFactor.DataTypes.csproj" -d"Neos.IdentityServer.MultiFactor.DataTypes.TargetDir=C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.MultiFactor.DataTypes\bin\Debug\" -dNeos.IdentityServer.MultiFactor.DataTypes.TargetExt=.dll -dNeos.IdentityServer.MultiFactor.DataTypes.TargetFileName=Neos.IdentityServer.MultiFactor.DataTypes.dll -dNeos.IdentityServer.MultiFactor.DataTypes.TargetName=Neos.IdentityServer.MultiFactor.DataTypes -d"Neos.IdentityServer.MultiFactor.DataTypes.TargetPath=C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.MultiFactor.DataTypes\bin\Debug\Neos.IdentityServer.MultiFactor.DataTypes.dll" -dNeos.IdentityServer.Multifactor.Keys.Sample.Configuration=Debug -d"Neos.IdentityServer.Multifactor.Keys.Sample.FullConfiguration=Debug|AnyCPU" -dNeos.IdentityServer.Multifactor.Keys.Sample.Platform=AnyCPU -d"Neos.IdentityServer.Multifactor.Keys.Sample.ProjectDir=C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.Multifactor.Keys.Sample\" -dNeos.IdentityServer.Multifactor.Keys.Sample.ProjectExt=.csproj -dNeos.IdentityServer.Multifactor.Keys.Sample.ProjectFileName=Neos.IdentityServer.Multifactor.Keys.Sample.csproj -dNeos.IdentityServer.Multifactor.Keys.Sample.ProjectName=Neos.IdentityServer.Multifactor.Keys.Sample -d"Neos.IdentityServer.Multifactor.Keys.Sample.ProjectPath=C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.Multifactor.Keys.Sample\Neos.IdentityServer.Multifactor.Keys.Sample.csproj" -d"Neos.IdentityServer.Multifactor.Keys.Sample.TargetDir=C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.Multifactor.Keys.Sample\bin\Debug\" -dNeos.IdentityServer.Multifactor.Keys.Sample.TargetExt=.dll -dNeos.IdentityServer.Multifactor.Keys.Sample.TargetFileName=Neos.IdentityServer.Multifactor.Keys.Sample.dll -dNeos.IdentityServer.Multifactor.Keys.Sample.TargetName=Neos.IdentityServer.Multifactor.Keys.Sample -d"Neos.IdentityServer.Multifactor.Keys.Sample.TargetPath=C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.Multifactor.Keys.Sample\bin\Debug\Neos.IdentityServer.Multifactor.Keys.Sample.dll" -dNeos.IdentityServer.MultiFactor.NotificationHub.Configuration=Debug -d"Neos.IdentityServer.MultiFactor.NotificationHub.FullConfiguration=Debug|AnyCPU" -dNeos.IdentityServer.MultiFactor.NotificationHub.Platform=AnyCPU -d"Neos.IdentityServer.MultiFactor.NotificationHub.ProjectDir=C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.MultiFactor.NotificationHub\" -dNeos.IdentityServer.MultiFactor.NotificationHub.ProjectExt=.csproj -dNeos.IdentityServer.MultiFactor.NotificationHub.ProjectFileName=Neos.IdentityServer.MultiFactor.NotificationHub.csproj -dNeos.IdentityServer.MultiFactor.NotificationHub.ProjectName=Neos.IdentityServer.MultiFactor.NotificationHub -d"Neos.IdentityServer.MultiFactor.NotificationHub.ProjectPath=C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.MultiFactor.NotificationHub\Neos.IdentityServer.MultiFactor.NotificationHub.csproj" -d"Neos.IdentityServer.MultiFactor.NotificationHub.TargetDir=C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.MultiFactor.NotificationHub\bin\Debug\" -dNeos.IdentityServer.MultiFactor.NotificationHub.TargetExt=.exe -dNeos.IdentityServer.MultiFactor.NotificationHub.TargetFileName=Neos.IdentityServer.MultiFactor.NotificationHub.exe -dNeos.IdentityServer.MultiFactor.NotificationHub.TargetName=Neos.IdentityServer.MultiFactor.NotificationHub -d"Neos.IdentityServer.MultiFactor.NotificationHub.TargetPath=C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.MultiFactor.NotificationHub\bin\Debug\Neos.IdentityServer.MultiFactor.NotificationHub.exe" -dNeos.IdentityServer.MultiFactor.Notifications.Configuration=Debug -d"Neos.IdentityServer.MultiFactor.Notifications.FullConfiguration=Debug|AnyCPU" -dNeos.IdentityServer.MultiFactor.Notifications.Platform=AnyCPU -d"Neos.IdentityServer.MultiFactor.Notifications.ProjectDir=C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.MultiFactor.Notifications\" -dNeos.IdentityServer.MultiFactor.Notifications.ProjectExt=.csproj -dNeos.IdentityServer.MultiFactor.Notifications.ProjectFileName=Neos.IdentityServer.MultiFactor.Notifications.csproj -dNeos.IdentityServer.MultiFactor.Notifications.ProjectName=Neos.IdentityServer.MultiFactor.Notifications -d"Neos.IdentityServer.MultiFactor.Notifications.ProjectPath=C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.MultiFactor.Notifications\Neos.IdentityServer.MultiFactor.Notifications.csproj" -d"Neos.IdentityServer.MultiFactor.Notifications.TargetDir=C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.MultiFactor.Notifications\bin\Debug\" -dNeos.IdentityServer.MultiFactor.Notifications.TargetExt=.dll -dNeos.IdentityServer.MultiFactor.Notifications.TargetFileName=Neos.IdentityServer.MultiFactor.Notifications.dll -dNeos.IdentityServer.MultiFactor.Notifications.TargetName=Neos.IdentityServer.MultiFactor.Notifications -d"Neos.IdentityServer.MultiFactor.Notifications.TargetPath=C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.MultiFactor.Notifications\bin\Debug\Neos.IdentityServer.MultiFactor.Notifications.dll" -dNeos.IdentityServer.MultiFactor.SMS.Azure.Configuration=Debug -d"Neos.IdentityServer.MultiFactor.SMS.Azure.FullConfiguration=Debug|AnyCPU" -dNeos.IdentityServer.MultiFactor.SMS.Azure.Platform=AnyCPU -d"Neos.IdentityServer.MultiFactor.SMS.Azure.ProjectDir=C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.MultiFactor.SMS.Azure\" -dNeos.IdentityServer.MultiFactor.SMS.Azure.ProjectExt=.csproj -dNeos.IdentityServer.MultiFactor.SMS.Azure.ProjectFileName=Neos.IdentityServer.MultiFactor.SMS.Azure.csproj -dNeos.IdentityServer.MultiFactor.SMS.Azure.ProjectName=Neos.IdentityServer.MultiFactor.SMS.Azure -d"Neos.IdentityServer.MultiFactor.SMS.Azure.ProjectPath=C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.MultiFactor.SMS.Azure\Neos.IdentityServer.MultiFactor.SMS.Azure.csproj" -d"Neos.IdentityServer.MultiFactor.SMS.Azure.TargetDir=C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.MultiFactor.SMS.Azure\bin\Debug\" -dNeos.IdentityServer.MultiFactor.SMS.Azure.TargetExt=.dll -dNeos.IdentityServer.MultiFactor.SMS.Azure.TargetFileName=Neos.IdentityServer.MultiFactor.SMS.Azure.dll -dNeos.IdentityServer.MultiFactor.SMS.Azure.TargetName=Neos.IdentityServer.MultiFactor.SMS.Azure -d"Neos.IdentityServer.MultiFactor.SMS.Azure.TargetPath=C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.MultiFactor.SMS.Azure\bin\Debug\Neos.IdentityServer.MultiFactor.SMS.Azure.dll" -dNeos.IdentityServer.MultiFactor.SMS.Sample.Configuration=Debug -d"Neos.IdentityServer.MultiFactor.SMS.Sample.FullConfiguration=Debug|AnyCPU" -dNeos.IdentityServer.MultiFactor.SMS.Sample.Platform=AnyCPU -d"Neos.IdentityServer.MultiFactor.SMS.Sample.ProjectDir=C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.Multifactor.SMS.Sample\" -dNeos.IdentityServer.MultiFactor.SMS.Sample.ProjectExt=.csproj -dNeos.IdentityServer.MultiFactor.SMS.Sample.ProjectFileName=Neos.IdentityServer.MultiFactor.SMS.Sample.csproj -dNeos.IdentityServer.MultiFactor.SMS.Sample.ProjectName=Neos.IdentityServer.MultiFactor.SMS.Sample -d"Neos.IdentityServer.MultiFactor.SMS.Sample.ProjectPath=C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.Multifactor.SMS.Sample\Neos.IdentityServer.MultiFactor.SMS.Sample.csproj" -d"Neos.IdentityServer.MultiFactor.SMS.Sample.TargetDir=C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.Multifactor.SMS.Sample\bin\Debug\" -dNeos.IdentityServer.MultiFactor.SMS.Sample.TargetExt=.dll -dNeos.IdentityServer.MultiFactor.SMS.Sample.TargetFileName=Neos.IdentityServer.Multifactor.SMS.Sample.dll -dNeos.IdentityServer.MultiFactor.SMS.Sample.TargetName=Neos.IdentityServer.Multifactor.SMS.Sample -d"Neos.IdentityServer.MultiFactor.SMS.Sample.TargetPath=C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.Multifactor.SMS.Sample\bin\Debug\Neos.IdentityServer.Multifactor.SMS.Sample.dll" -dNeos.IdentityServer.MultiFactor.Configuration=Debug -d"Neos.IdentityServer.MultiFactor.FullConfiguration=Debug|AnyCPU" -dNeos.IdentityServer.MultiFactor.Platform=AnyCPU -d"Neos.IdentityServer.MultiFactor.ProjectDir=C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.MultiFactor\" -dNeos.IdentityServer.MultiFactor.ProjectExt=.csproj -dNeos.IdentityServer.MultiFactor.ProjectFileName=Neos.IdentityServer.MultiFactor.csproj -dNeos.IdentityServer.MultiFactor.ProjectName=Neos.IdentityServer.MultiFactor -d"Neos.IdentityServer.MultiFactor.ProjectPath=C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.MultiFactor\Neos.IdentityServer.MultiFactor.csproj" -d"Neos.IdentityServer.MultiFactor.TargetDir=C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.MultiFactor\bin\Debug\" -dNeos.IdentityServer.MultiFactor.TargetExt=.dll -dNeos.IdentityServer.MultiFactor.TargetFileName=Neos.IdentityServer.MultiFactor.dll -dNeos.IdentityServer.MultiFactor.TargetName=Neos.IdentityServer.MultiFactor -d"Neos.IdentityServer.MultiFactor.TargetPath=C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.MultiFactor\bin\Debug\Neos.IdentityServer.MultiFactor.dll" -dNeos.IdentityServer.MultiFactor.Data.Configuration=Debug -d"Neos.IdentityServer.MultiFactor.Data.FullConfiguration=Debug|AnyCPU" -dNeos.IdentityServer.MultiFactor.Data.Platform=AnyCPU -d"Neos.IdentityServer.MultiFactor.Data.ProjectDir=C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.MutltiFactor.Data\" -dNeos.IdentityServer.MultiFactor.Data.ProjectExt=.csproj -dNeos.IdentityServer.MultiFactor.Data.ProjectFileName=Neos.IdentityServer.MultiFactor.Data.csproj -dNeos.IdentityServer.MultiFactor.Data.ProjectName=Neos.IdentityServer.MultiFactor.Data -d"Neos.IdentityServer.MultiFactor.Data.ProjectPath=C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.MutltiFactor.Data\Neos.IdentityServer.MultiFactor.Data.csproj" -d"Neos.IdentityServer.MultiFactor.Data.TargetDir=C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.MutltiFactor.Data\bin\Debug\" -dNeos.IdentityServer.MultiFactor.Data.TargetExt=.dll -dNeos.IdentityServer.MultiFactor.Data.TargetFileName=Neos.IdentityServer.MultiFactor.Data.dll -dNeos.IdentityServer.MultiFactor.Data.TargetName=Neos.IdentityServer.MultiFactor.Data -d"Neos.IdentityServer.MultiFactor.Data.TargetPath=C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.MutltiFactor.Data\bin\Debug\Neos.IdentityServer.MultiFactor.Data.dll" -dNeos.IdentityServer.MultiFactor.QRCodeNet.Configuration=Debug -d"Neos.IdentityServer.MultiFactor.QRCodeNet.FullConfiguration=Debug|AnyCPU" -dNeos.IdentityServer.MultiFactor.QRCodeNet.Platform=AnyCPU -d"Neos.IdentityServer.MultiFactor.QRCodeNet.ProjectDir=C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.QrCodeNet\" -dNeos.IdentityServer.MultiFactor.QRCodeNet.ProjectExt=.csproj -dNeos.IdentityServer.MultiFactor.QRCodeNet.ProjectFileName=Neos.IdentityServer.MultiFactor.QRCodeNet.csproj -dNeos.IdentityServer.MultiFactor.QRCodeNet.ProjectName=Neos.IdentityServer.MultiFactor.QRCodeNet -d"Neos.IdentityServer.MultiFactor.QRCodeNet.ProjectPath=C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.QrCodeNet\Neos.IdentityServer.MultiFactor.QRCodeNet.csproj" -d"Neos.IdentityServer.MultiFactor.QRCodeNet.TargetDir=C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.QrCodeNet\bin\Debug\" -dNeos.IdentityServer.MultiFactor.QRCodeNet.TargetExt=.dll -dNeos.IdentityServer.MultiFactor.QRCodeNet.TargetFileName=Neos.IdentityServer.Multifactor.QrCodeNet.dll -dNeos.IdentityServer.MultiFactor.QRCodeNet.TargetName=Neos.IdentityServer.Multifactor.QrCodeNet -d"Neos.IdentityServer.MultiFactor.QRCodeNet.TargetPath=C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.QrCodeNet\bin\Debug\Neos.IdentityServer.Multifactor.QrCodeNet.dll" -dNeos.IdentityServer.Deployment.Configuration=Debug -d"Neos.IdentityServer.Deployment.FullConfiguration=Debug|x86" -dNeos.IdentityServer.Deployment.Platform=x86 -d"Neos.IdentityServer.Deployment.ProjectDir=C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.Deployment\" -dNeos.IdentityServer.Deployment.ProjectExt=.csproj -dNeos.IdentityServer.Deployment.ProjectFileName=Neos.IdentityServer.Deployment.csproj -dNeos.IdentityServer.Deployment.ProjectName=Neos.IdentityServer.Deployment -d"Neos.IdentityServer.Deployment.ProjectPath=C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.Deployment\Neos.IdentityServer.Deployment.csproj" -d"Neos.IdentityServer.Deployment.TargetDir=C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.Deployment\bin\Debug\" -dNeos.IdentityServer.Deployment.TargetExt=.dll -dNeos.IdentityServer.Deployment.TargetFileName=Neos.IdentityServer.Deployment.dll -dNeos.IdentityServer.Deployment.TargetName=Neos.IdentityServer.Deployment -d"Neos.IdentityServer.Deployment.TargetPath=C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.Deployment\bin\Debug\Neos.IdentityServer.Deployment.dll" -out obj\Debug\ -arch x86 Product.wxs
9> C:\Program Files (x86)\WiX Toolset v3.11\bin\Light.exe -out "C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.MultiFactor.WixSetup\bin\Debug\adfsmfa.msi" -pdbout "C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.MultiFactor.WixSetup\bin\Debug\adfsmfa.wixpdb" -cultures:null -notidy -spdb -contentsfile obj\Debug\Neos.IdentityServer.MultiFactor.WixSetup.wixproj.BindContentsFileListnull.txt -outputsfile obj\Debug\Neos.IdentityServer.MultiFactor.WixSetup.wixproj.BindOutputsFileListnull.txt -builtoutputsfile obj\Debug\Neos.IdentityServer.MultiFactor.WixSetup.wixproj.BindBuiltOutputsFileListnull.txt -wixprojectfile "C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.MultiFactor.WixSetup\Neos.IdentityServer.MultiFactor.WixSetup.wixproj" obj\Debug\Product.wixobj
9>C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.MultiFactor.WixSetup\Product.wxs(119,0): error LGHT0103: The system cannot find the file 'C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.MultiFactor\bin\Debug\Neos.IdentityServer.MultiFactor.dll'.
9>C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.MultiFactor.WixSetup\Product.wxs(122,0): error LGHT0103: The system cannot find the file 'C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.MultiFactor\bin\Debug\es\Neos.IdentityServer.MultiFactor.resources.dll'.
9>C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.MultiFactor.WixSetup\Product.wxs(125,0): error LGHT0103: The system cannot find the file 'C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.MultiFactor\bin\Debug\fr\Neos.IdentityServer.MultiFactor.resources.dll'.
9>C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.MultiFactor.WixSetup\Product.wxs(134,0): error LGHT0103: The system cannot find the file 'C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.Common\bin\Debug\Neos.IdentityServer.MultiFactor.Common.dll'.
9>C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.MultiFactor.WixSetup\Product.wxs(137,0): error LGHT0103: The system cannot find the file 'C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.Common\bin\Debug\es\Neos.IdentityServer.MultiFactor.Common.resources.dll'.
9>C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.MultiFactor.WixSetup\Product.wxs(140,0): error LGHT0103: The system cannot find the file 'C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.Common\bin\Debug\fr\Neos.IdentityServer.MultiFactor.Common.resources.dll'.
9>C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.MultiFactor.WixSetup\Product.wxs(162,0): error LGHT0103: The system cannot find the file 'C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.Common.Admin\bin\Debug\Neos.IdentityServer.MultiFactor.Administration.dll'.
9>C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.MultiFactor.WixSetup\Product.wxs(165,0): error LGHT0103: The system cannot find the file 'C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.Common.Admin\bin\Debug\es\Neos.IdentityServer.MultiFactor.Administration.resources.dll'.
9>C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.MultiFactor.WixSetup\Product.wxs(168,0): error LGHT0103: The system cannot find the file 'C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.Common.Admin\bin\Debug\fr\Neos.IdentityServer.MultiFactor.Administration.resources.dll'.
9>C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.MultiFactor.WixSetup\Product.wxs(221,0): error LGHT0103: The system cannot find the file 'C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.Console\bin\Debug\Neos.IdentityServer.Console.dll'.
9>C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.MultiFactor.WixSetup\Product.wxs(226,0): error LGHT0103: The system cannot find the file 'C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.Console\bin\Debug\fr\Neos.IdentityServer.Console.resources.dll'.
9>C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.MultiFactor.WixSetup\Product.wxs(229,0): error LGHT0103: The system cannot find the file 'C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.Console\bin\Debug\es\Neos.IdentityServer.Console.resources.dll'.
9>C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.MultiFactor.WixSetup\Product.wxs(206,0): error LGHT0103: The system cannot find the file 'C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.MultiFactor.Cmdlets\bin\Debug\Neos.IdentityServer.MultiFactor.Cmdlets.dll'.
9>C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.MultiFactor.WixSetup\Product.wxs(207,0): error LGHT0103: The system cannot find the file 'C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.MultiFactor.Cmdlets\bin\Debug\Neos.IdentityServer.MultiFactor.Cmdlets.dll-Help.xml'.
9>C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.MultiFactor.WixSetup\Product.wxs(210,0): error LGHT0103: The system cannot find the file 'C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.MultiFactor.Cmdlets\bin\Debug\es\Neos.IdentityServer.MultiFactor.Cmdlets.resources.dll'.
9>C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.MultiFactor.WixSetup\Product.wxs(213,0): error LGHT0103: The system cannot find the file 'C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.MultiFactor.Cmdlets\bin\Debug\fr\Neos.IdentityServer.MultiFactor.Cmdlets.resources.dll'.
9>C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.MultiFactor.WixSetup\Product.wxs(176,0): error LGHT0103: The system cannot find the file 'C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.Multifactor.SMS.Sample\bin\Debug\Neos.IdentityServer.Multifactor.SMS.Sample.dll'.
9>C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.MultiFactor.WixSetup\Product.wxs(180,0): error LGHT0103: The system cannot find the file 'C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.MultiFactor.SMS.Azure\bin\Debug\Neos.IdentityServer.MultiFactor.SMS.Azure.dll'.
9>C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.MultiFactor.WixSetup\Product.wxs(183,0): error LGHT0103: The system cannot find the file 'C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.MultiFactor.SMS.Azure\bin\Debug\es\Neos.IdentityServer.MultiFactor.SMS.Azure.resources.dll'.
9>C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.MultiFactor.WixSetup\Product.wxs(186,0): error LGHT0103: The system cannot find the file 'C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.MultiFactor.SMS.Azure\bin\Debug\fr\Neos.IdentityServer.MultiFactor.SMS.Azure.resources.dll'.
9>C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.MultiFactor.WixSetup\Product.wxs(190,0): error LGHT0103: The system cannot find the file 'C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.MultiFactor.SMS.Azure\bin\Debug\libphonenumber_csharp_portable.dll'.
9>C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.MultiFactor.WixSetup\Product.wxs(237,0): error LGHT0103: The system cannot find the file 'C:\temp\adfsmfa-git\Neos.IdentityServer 2.0\Neos.IdentityServer.Multifactor.Keys.Sample\bin\Debug\Neos.IdentityServer.Multifactor.Keys.Sample.dll'.
9>Done building project "Neos.IdentityServer.MultiFactor.WixSetup.wixproj" -- FAILED.
9>
9>Build FAILED.
========== Build: 0 succeeded, 9 failed, 7 up-to-date, 0 skipped ==========
Currently, if
a) Users are required to have MFA configured
b) On the first registration user mistypes his phone number and does not enter e-mail as an alternative contact
as a result the user will be locked out of the system, and can only log in if site administrator resets his MFA data to allow re-registration.
It would be great if some future version of ADFS MFA would perform validation of user input by actually sending SMS to user-entered number and confirming that the user actually received it before completing the registration and requiring SMS on the next log in.
Same can be true for e-mail based access - if user enters e-mail which he can not access, he will be locked out.
Hi!
QR codes generated by requests doesn't recognize on IOs on Iphones (7,8,10,10S max etc).
Apps say that barcodes is Invalid (Google, Microsoft and so on)
It's ok on Android.
adfsmfa 2.2.0.41
Windows Server 2012R2
When a user provides an incorrect token, currently the user is required to close their browser session and go to the whole process again, which is not user friendly.
Would it be possible to allow the user to retry providing the code by either letting them go back (with a button) or even show the token field again with a message that the code was incorrect?
If the concern is that it allows someone to brute force the token, you could limit it the amount of tries after which they do have to go through process again.
Thanks, Kevin
Hello,
I have a new problem (promise its the last)
When I configure the SQL connexion to use many directory I have this error
With the Principal AD or a LDAP account :
Encountered error during federation passive request.
Additional Data
Protocol Name:
wsfed
Relying Party:
Exception details:
Microsoft.IdentityServer.Web.CookieManagers.InvalidContextException: MSIS7001: The passive protocol context was not found or not valid. If the context was stored in cookies, the cookies that were presented by the client were not valid. Ensure that the client browser is configured to accept cookies from this website and retry this request.
at Microsoft.IdentityServer.Web.Protocols.GenericProtocolRequest.ParseEncodedRequestParts(String[] encodedRequestParts)
at Microsoft.IdentityServer.Web.Protocols.GenericProtocolRequest..ctor(String encodedGenericRequest)
at Microsoft.IdentityServer.Web.Protocols.WSFederation.WSFederationProtocolHandler.GetOriginalRequestFromResponse(ProtocolContext context)
at Microsoft.IdentityServer.Web.PassiveProtocolListener.ProcessProtocolRequest(ProtocolContext protocolContext, PassiveProtocolHandler protocolHandler)
at Microsoft.IdentityServer.Web.PassiveProtocolListener.OnGetContext(WrappedHttpListenerContext context)
Hi,
Thank you for 2.2.0.20, we like the new wizard option and the wizard works well.
But we don't get TOTP code to work in version 2.2.0.20. We can enroll the TOTP App, and also on the Code Verification page the code is confirmed successfully. But the TOTP code is not working when we try a regular login after that, it just says "An error occurred".
Event Log logs:
Exception details:
Microsoft.IdentityServer.Web.Authentication.External.ExternalAuthenticationException: [email protected] : Object reference not set to an instance of an object.
at Neos.IdentityServer.MultiFactor.AuthenticationProvider.TryIdentification(AuthenticationContext usercontext, IAuthenticationContext context, IProofData proofData, HttpListenerRequest request, Claim[]& claims)
at Neos.IdentityServer.MultiFactor.AuthenticationProvider.TryEndAuthentication(IAuthenticationContext context, IProofData proofData, HttpListenerRequest request, Claim[]& claims)
at Microsoft.IdentityServer.Web.Authentication.External.ExternalAuthenticationHandlerBase.TryEndAuthentication(IAuthenticationContext authContext, IProofData proofData, HttpListenerRequest request, Claim[]& adapterClaims)
at Microsoft.IdentityServer.Web.Authentication.External.ExternalAuthenticationHandler.Process(ProtocolContext context)
at Microsoft.IdentityServer.Web.Authentication.AuthenticationOptionsHandler.Process(ProtocolContext context)
at Microsoft.IdentityServer.Web.PassiveProtocolListener.OnGetContext(WrappedHttpListenerContext context)
We tried to unregister and reregister MFA adapter, both with RSA and RNG. Also tried to unregister, uninstall completely and install and register again, but same issue.
Any ideas?
Thanks,
Andreas
It seems the newest release msi cannot be installed, it will be rolled back during the installation.
Attached the install log file and installed Windows roles and feature list.
I can install 2.0 version https://github.com/neos-sdi/adfsmfa/releases/download/2.0.1.112/adfsmfa.msi.zip successfully.
Hello,
When you open the MFA MMC, the root element is called 'Racine de la console'. Would it be possible to get that translated? When you import it as a snapp-in, it's called 'Console Root'.
Thanks, Kevin.
Hello
Thank you for your great tool!
I am storing the information in ActiveDirectory, activated Registration Wizard and activated TOTP with Enrollment Wizard and tried to setup selfregistration.
Every time the user klicks on "Register a new Key" an error occures.
I already tried different configurations without success, always the same error.
Thanks for new versions, I will test after my vacation.
One more thing came to my mind. Would it be possible to have options on which TOTP Apps that are displayed in the TOTP enrollment wizard? (Maybe you want to direct your users to only use the Microsoft App for example.)
Andreas
Hello
I don't have problème with 2012 r2, I check in internal et external the MFA and its ok in the ADFS console
With 2016 is différent, In authentification Method I have checked the Multifactor Authentification Extension But when I try to log the MFA is not required
I dont understand in 2016 how do it
On the TOTP enrollment page, where the QR code is shown, there is also the gray field that says "(truncated for security reasons)". What is that used for? Is the field needed?
We tested v2.2.0.25, which fixed #29 nicely. We noticed however that when a user is on a secondary ADFS server, and they fill in an incorrect code, they are still get the message:
Invalid identification, please restart your session
Without an option to enter another code.
The ADFS servers are behind a load balancer, so the user can either reach the primary ADFS server or a secondary ADFS server.
A possible cause might be that ADFSMFA tries to update the amount of failed attempts, but that fails because a secondary ADFS server is read-only.
We also tested against v2.2.0.34, but that doesn't fix the issue either.
OS: Windows Server 2016 ver. 1607, previously installed v. 2.0 of ADFS MFA.
Steps to reproduce:
As a result, the following message appears trying to load the MMC snap-in:
Full text below:
Could not load file or assembly 'Neos.IdentityServer.Console, Version=2.0.0.0, Culture=neutral, PublicKeyToken=175aa5ee756d2aa2' or one of its dependencies. The located assembly's manifest definition does not match the assembly reference. (Exception from HRESULT: 0x80131040)
System.IO.FileLoadException
at System.Reflection.RuntimeAssembly._nLoad(AssemblyName fileName, String codeBase, Evidence assemblySecurity, RuntimeAssembly locationHint, StackCrawlMark& stackMark, IntPtr pPrivHostBinder, Boolean throwOnFileNotFound, Boolean forIntrospection, Boolean suppressSecurityChecks)
at System.Reflection.RuntimeAssembly.InternalLoadAssemblyName(AssemblyName assemblyRef, Evidence assemblySecurity, RuntimeAssembly reqAssembly, StackCrawlMark& stackMark, IntPtr pPrivHostBinder, Boolean throwOnFileNotFound, Boolean forIntrospection, Boolean suppressSecurityChecks)
at System.Activator.CreateInstance(String assemblyString, String typeName, Boolean ignoreCase, BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes, Evidence securityInfo, StackCrawlMark& stackMark)
at System.Activator.CreateInstance(String assemblyName, String typeName)
at System.AppDomain.CreateInstance(String assemblyName, String typeName)
at System.AppDomain.CreateInstanceAndUnwrap(String assemblyName, String typeName)
at Microsoft.ManagementConsole.Internal.SnapInClient.CreateSnapIn(String assemblyName, String typeName)
at Microsoft.ManagementConsole.Internal.ClassLibraryServices.Microsoft.ManagementConsole.Internal.IClassLibraryServices.CreateSnapIn(String assemblyName, String typeName)
at Microsoft.ManagementConsole.Executive.SnapInInitializationOperation.OnStart()
at Microsoft.ManagementConsole.Executive.RunningOperationsTable.EnqueueOperation(Operation operation)
at Microsoft.ManagementConsole.Advanced.FrameworkSnapInFactory.Microsoft.ManagementConsole.Advanced.ISnapInFactory.CreateSnapIn(Int32 bookkeepingId, String snapInKey, Object& snapIn)
Hi All,
We will be on vacation until August 29
Regards
Regarding the new feature "Localizing MFA Web parts", where you can edit the resources.
Is it also possible to use this is you want to change some text in the English resource file?
I tested in our lab, followed the procedure and tried to change the text in the TOTP enrollment in SHtml.resx and changed the text for HtmlLabelWREGOTP and HtmlUIMRecordNewKey.
I got a Neos.IdentityServer.MultiFactor.Resources.SHtml.resources file that a copied to the ADFS server and restarted, but it didn't get the customized text.
Should this work?
Kind regards,
Andreas
Hi,
We've started to test this ADFS MFA solution in our ADFS environment.
We downloaded the latest .msi, adfsmfa 2.0.2.966.msi, installed it and run:
Register-MFASystem -Activate -RestartFarm -Verbose
The MFA module seems to get registered and enabled (we can see it is added in ADFS under MFA Methods). But when the registration process is restarting the farm, we get the error:
"Register-MFASystem : The specified network name is no longer available"
Also when we try to start the MFA mmc from the desktop icon, we get "The specified network name is no longer available".
Kind Regards,
Andreas
Hi,
We are testing using the latest 2.0.2.967 version.
Server is a Windows 2012R2 edition, the plugin itself is working when configured through Powershell.
We have an issue with the MMC console which gives an error "MMC could not create the snap-in".
Are we missing any prerequisites?
Regards,
AJ
Hi,
Thank you for the feature "Disallow manage my options". We like that!
One more small thing on that. Would it be possible to also remove the option "Remember my selection" (on the "How do you want to receive you code?" page) when you select "Disallow manage my options" (or an additional check box)? Users could by mistake click that one, and will then be prompted for a code from email instead of TOTP.
Thank you for your nice work!
Andreas
Hi,
I think the closed Pull Request #36 made by @Ikke should be merged and included in the release.
Tested the changes, and when running the Microsoft Centered UI experience, these changes fix issues in the TOTP enrollment pages.
Besides that 2.2.0.39 worked nicely!
Kind Regards,
Andreas
In the Help of the powershell command Register-MFASystem and in the Wiki the parameter is named -KeyFormat. But by using the command I found tha it is named -KeysFormat. (additional "s")
Hello
We have many users without an company mobile phone, so i want to test also hardware token generators like Feitian C200
Do you have experience with them instead of using token apps on mobile phones?
in Feitian store there are different models 30/60sec and 6/8 digits, which one should i try?
Thank you. Günther
Can you improve the feature to change default language and titles without project build in VS? It's may be separate XML files and etc? I want to translate to cyrilic.
Other things work great for now.
Hi,
We are testing and are using the latest 2.0.2.966.
We tried to the reset/generate new keys for users.
It works well when we do it from the MMC GUI, User Management - User - Key Tab - New Key. But it does not seem to work from PowerShell, or we do something wrong. We tried this:
set-MFAUsers -Identity [email protected] -ResetKey
Should that be the same as running New Key from the GUI? We get no error, but nothing happens to the key, and the current key is still valid. We've tried it with both RNG and RSA.
A question on this topic too. If we run RSA, is there any other way for us to generate (with code) the encrypted string and put it directly into the attribute in Active Directory (without using the MFA PS cmdlets)?
Kind Regards,
Andreas
Hello
I did a clean install of version 2.3.0.1000.
Like with the previos 2.2 version i activated RSA mode and the config saved in ActiveDirectory.
When creating a new user in the MMC i get the following error message.
Creating a user in powershell does not show a error, but the secret key in the attributes is also missing.
When using RNG mode everything is working without problems.
In TOTP config i can see a certificate thumbprint, so the certificate was created, but maybe not correctly?
Günther
Anwendung: mmc.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.NullReferenceException
bei Neos.IdentityServer.MultiFactor.RSAKeyManager.EncodedKey(String upn)
bei Neos.IdentityServer.MultiFactor.KeysManager.EncodedKey(String upn)
bei Neos.IdentityServer.MultiFactor.RuntimeRepository.GetEncodedUserKey(MFAConfig config, String upn)
bei Neos.IdentityServer.MultiFactor.Administration.ManagementService.GetEncodedUserKey(String upn)
bei Neos.IdentityServer.Console.MMCService.GetEncodedUserKey(String upn)
bei Neos.IdentityServer.Console.UserPropertyPage.CanApplyDataChanges(Registration registration)
bei Neos.IdentityServer.Console.UserPropertyPage.OnApply()
bei Neos.IdentityServer.Console.UserPropertyPage.OnOK()
bei Microsoft.ManagementConsole.PropertySheet.ProcessRequestMessage(PropertyPageMessageRequestInfo requestInfo)
bei Microsoft.ManagementConsole.PropertySheetManager.ProcessRequestMessage(PropertyPageMessageRequestInfo requestInfo, IRequestStatus requestStatus)
bei Microsoft.ManagementConsole.SnapInBase.ProcessRequest(Request request)
bei Microsoft.ManagementConsole.NamespaceSnapInBase.ProcessRequest(Request request)
bei Microsoft.ManagementConsole.SnapIn.ProcessRequest(Request request)
bei Microsoft.ManagementConsole.Internal.SnapInClient.Microsoft.ManagementConsole.Internal.IMessageClient.ProcessRequest(Request request)
bei Microsoft.ManagementConsole.Internal.IMessageClient.ProcessRequest(Request request)
bei Microsoft.ManagementConsole.Executive.RequestStatus.BeginRequest(IMessageClient messageClient, RequestInfo requestInfo)
bei Microsoft.ManagementConsole.Executive.SnapInRequestOperation.ProcessRequest()
bei Microsoft.ManagementConsole.Executive.Operation.OnThreadTransfer(SimpleOperationCallback callback)
Ausnahmeinformationen: System.Reflection.TargetInvocationException
bei Microsoft.ManagementConsole.Executive.MmcThreadMessageWindow.OnThreadException(Exception e)
bei System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)
bei System.Windows.Forms.UnsafeNativeMethods.DispatchMessageW(MSG& msg)
bei System.Windows.Forms.Application.ComponentManager.System.Windows.Forms.UnsafeNativeMethods.IMsoComponentManager.FPushMessageLoop(IntPtr dwComponentID, Int32 reason, Int32 pvLoopData)
bei System.Windows.Forms.Application.ThreadContext.RunMessageLoopInner(Int32 reason, ApplicationContext context)
bei System.Windows.Forms.Application.ThreadContext.RunMessageLoop(Int32 reason, ApplicationContext context)
bei System.Windows.Forms.Application.Run()
bei Microsoft.ManagementConsole.Internal.SnapInMessagePumpProxy.Microsoft.ManagementConsole.Internal.ISnapInMessagePumpProxy.Run()
bei Microsoft.ManagementConsole.Internal.ISnapInMessagePumpProxy.Run()
bei Microsoft.ManagementConsole.Executive.SnapInThread.OnThreadStart()
bei System.Threading.ThreadHelper.ThreadStart_Context(System.Object)
bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
bei System.Threading.ThreadHelper.ThreadStart()
We are testing the implementation of ADFSMFA tool in our ADFS 4.0 2016 installation. The installation was easy and also configuration works just fine. After enabling the Access Policy for ADFS to also require MFA we get correctly redirected to the next step after authentication with AD credentials work. However when we should receive a box to fill in our TOTP code we get a message saying "An error occurred. Contact your administrator for more information." I enabled Authenticator and Email options and tried with the setting of being able to choose between these two. Again I get nicely prompted which one I want but as soon as I choose send code (should send me to the page where I can fill in the code) I get the error.
So both with forcing to use TOTP authenticator app or Email or letting user choose, results is the same error. What are we missing in our conifuguration?
The event viewer shows the following information which doesn't help me. I'm hoping this information is more clear to you guys and that we can get this tool to work as it looks really nice.
Encountered error during federation passive request.
Additional Data
Protocol Name:
wsfed
Relying Party:
http://azureservices/TenantSite
Exception details:
Microsoft.IdentityServer.Web.Authentication.External.ExternalAuthenticationException: <TRUNCATED-FOR-PRIVACY-SHOWED-EMAIL_ADDRESS> : The type initializer for 'Neos.IdentityServer.MultiFactor.Data.DataLog' threw an exception.
at Neos.IdentityServer.MultiFactor.AuthenticationProvider.TryChooseMethod(AuthenticationContext usercontext, IAuthenticationContext context, IProofData proofData, HttpListenerRequest request, Claim[]& claims)
at Neos.IdentityServer.MultiFactor.AuthenticationProvider.TryEndAuthentication(IAuthenticationContext context, IProofData proofData, HttpListenerRequest request, Claim[]& claims)
at Microsoft.IdentityServer.Web.Authentication.External.ExternalAuthenticationHandlerBase.TryEndAuthentication(IAuthenticationContext authContext, IProofData proofData, HttpListenerRequest request, Claim[]& adapterClaims)
at Microsoft.IdentityServer.Web.Authentication.External.ExternalAuthenticationHandler.Process(ProtocolContext context)
at Microsoft.IdentityServer.Web.Authentication.AuthenticationOptionsHandler.Process(ProtocolContext context)
at Microsoft.IdentityServer.Web.PassiveProtocolListener.OnGetContext(WrappedHttpListenerContext context)
[edit 1]
I have verified that the settings in ADDS are stored on the user in the correct places on the attribute tab. We are using ADFSMFA version 2.0.2.968.
[/edit 1]
Hi Redhook,
Is this solution working with ADFS 2019?
Thank you in advance!
Just did a fresh install from the .MSI. No matter which KeyFormat I use, MFA fails and I get NULLReferenceExceptions in the ADFS Debug Log. With RNG selected, I get the following:
System.NullReferenceException: Object reference not set to an instance of an object. at Neos.IdentityServer.MultiFactor.AdapterPresentation.StripDisplayKey(String dkey) at Neos.IdentityServer.MultiFactor.AdapterPresentation.GetFormHtmlRegistration(AuthenticationContext usercontext) at Neos.IdentityServer.MultiFactor.AdapterPresentation.GetFormHtml(Int32 lcid) at Microsoft.IdentityServer.Web.Authentication.External.AdapterPresentationWrapper.GetFormHtml(Int32 lcid) at Microsoft.IdentityServer.Web.UI.CustomAuthenticationPage.get_PageTemplate() at Microsoft.IdentityServer.Web.UI.PageBase.Render() at Microsoft.IdentityServer.Web.Authentication.External.ExternalAuthenticationHandler.Process(ProtocolContext context) at Microsoft.IdentityServer.Web.Authentication.AuthenticationOptionsHandler.Process(ProtocolContext context) at Microsoft.IdentityServer.Web.PassiveProtocolListener.OnGetContext(WrappedHttpListenerContext context)
If I change the config to RSA, I get the following:
ExternalAuthenticationHandler.Process() exception: System.NullReferenceException: Object reference not set to an instance of an object. at Neos.IdentityServer.MultiFactor.RSAKeyManager.EncodedKey(String upn) at Neos.IdentityServer.MultiFactor.KeysManager.EncodedKey(String upn) at Neos.IdentityServer.MultiFactor.AdapterPresentation.GetFormHtmlRegistration(AuthenticationContext usercontext) at Neos.IdentityServer.MultiFactor.AdapterPresentation.GetFormHtml(Int32 lcid) at Microsoft.IdentityServer.Web.Authentication.External.AdapterPresentationWrapper.GetFormHtml(Int32 lcid) at Microsoft.IdentityServer.Web.UI.CustomAuthenticationPage.get_PageTemplate() at Microsoft.IdentityServer.Web.UI.PageBase.Render() at Microsoft.IdentityServer.Web.Authentication.External.ExternalAuthenticationHandler.Process(ProtocolContext context) Identifier: MultifactorAuthenticationProvider, ContextId: fddae7d8-cda8-4aed-acff-f8cae7cd01bc | ExternalAuthenticationHandler.Process() exception
This is installed on Windows Server 2016 with the latest ADFS, using ADDS and not SQL.
Any insight would be appreciated.
Hi,
Is it possible to add a filter list to block some domain (email suffixes) in the email enrollment process ? The reason to do so is that our Exchange server uses ADFS for authentication, so I want to make sure users are using their personal/external email address instead of my domain's email addresses to receive token, otherwise it may cause a dead loop.
Thanks a lot.
Hi,
We upgraded from 2.2.0.41 to 2.2.0.1000 in our lab environment, but ran into an issue.
(We've upgraded to newer versions several times before, and followed the same procedure, but it didn't work this time. )
Logging in with an already enrolled user does not work.
Enroll a new user does not work. Add-MFAUsers gives the error
Error adding user "User" \r User "User" not found !
Get-MFAUsers does not work, but gives the error
The user name or password is incorrect.
All these events gives in the event log the error (Application Event Log):
Source: ADFS MFA DataService
Event ID: 5000
Message: The user name or password is incorrect.
We have the following settings:
Active Directory mode
RSA 1024
ADFS service account is member of Domain Admins
The account we install with and are running PS commands with is member of Domain Admins
We upgraded in the following way:
We've done the following troubleshooting:
$keys = Get-MFAConfigKeys
$keys.CertificateThumbprint = "<Thumbprint>"
Set-MFAConfigKeys $keys
Do you know what the problem could be?
Kind Regards,
Andreas
Hello
We have 2 ADFS server in our cluster. MFA is configured for RSA mode.
On the main server everything works fine, on the backup server i am not able to login with MFA
I always get the message "Invalid identification, please restart your session"
In Eventviewer i get the following error message:
Error on authentication process !
Invalid decryption certificate !
Is it necessary to copy the certificate from one ADFS server to the other one?
If yes, what should i do?
When executing Register-MFASystem i can see that MFA was inizialized on both machines correctly.
Hi, i am trying to get this working in my lab environment but am getting an error when attempting to log on to a web site through the ADFS
the event log says the following
Error on authentication process !
The type initializer for 'Neos.IdentityServer.MultiFactor.Data.DataLog' threw an exception.
ADFS Web page gives the following error
For security reasons, we require additional information to verify your account ([email protected])
An error occurred
An error occurred. Contact your administrator for more information.
ADFS is runing on Server 2016 (all updates applied)
the config for the MFA is:
RefreshScan : 3000
DeliveryWindow : 300
TOTPShadows : 2
MailEnabled : False
SMSEnabled : False
AppsEnabled : True
Algorithm : SHA1
Issuer : xxxxx Corp
UseActiveDirectory : True
CustomUpdatePassword : True
DefaultCountryCode : gb
AdminContact : [email protected]
UserFeatures : AllowUnRegistered, AllowDisabled, AllowChangePassword, AllowManageOptions
AdvertisingDays : Neos.IdentityServer.MultiFactor.ConfigAdvertising
i have a user registered in the system
ID : 4befb94e-4da6-4772-8826-9900cf4aaa
UPN : [email protected]
MailAddress : [email protected]
PhoneNumber : 1234
Enabled : True
CreationDate : 13/07/2018 12:00:40
PreferredMethod : Code
Are you able to give me some pointers on where to look to find out whats wrong
thanks in advance
Andy
MFA setup:
When new user registers for MFA, the following happens:
If you check SQL data at this point, it can be seen that "OVERRIDE" column is set to NULL value, which is (probably) not expected by other parts of the app:
It may be related to the following code:
Hi,
We're running the MFA adapter in ADDS mode, in two different domains.
We've given the ADFS service account R/W permissions to the msDS-cloudExtensionAttribute10-18 in both domains.
In one domain everything works fine. In the other domain the users can enroll with the TOTP wizard fine (I checked so that a new TOTP string is written to the Secret Key attribute., so the service account has permission to the attributes.)
But when the users go to Configuration Update, change Default Access Method (drop-down) and then click save the users get an error. The event log also gives an error that indicates a permission problem:
Microsoft.IdentityServer.Web.Authentication.External.ExternalAuthenticationException: [email protected] : Access is denied.
Exactly what AD permissions are needed in AD for the ADFS service account?
Thanks,
Andreas
Hi,
There are a few different ways to configure the MFA adapter, which is really nice! Different configurations gives different user experiences. We recognized that sometimes the text on the some pages, during TOTP enrollment for example, does not makes sense because of my configuration.
Would it be possible to enable customization of theses texts? In that way you could tailor it to your needs.
Kind Regards,
Andreas
Hi,
Have tested the new version with RSA and ADDS mode, and it works fine when we re-register the MFA adapter (Register-MFASystem –Activate –RestartFarm –KeysFormat RSA -RSACertificateDuration 10, which generates a new certificate), and then enable new users for MFA.
Tested also to upgrade a current installation with RSA and ADDS, but that seems to break it:
Maybe this is expected in this beta version?
Or is there a way to get the current certificate working with the new version, instead of generating a new certificate by re-register the MFA adapter?
Thanks,
Andreas
Hello!
First of all I think this is a great adapter and most of it is really nice. We needed a new and improved on-prem mfa for our federation service and this seems to do the job for us
I have an issue before launching this in the company and that is with some of the texts. I have read issue #39 but maybe I am just missing something. If this has already been answered I apologize.
The main problem is with the error_strings.resx for ErrorAccountAuthorized
"Access allowed ! but your account is not enabled ! it is recommanded that you provide now all required informations or contact your administartors, they will notify you about the activation process"
The text is confusing for the small group that we have tried this on so far. We would like to change it. Is there anyway to change this text without recompiling the whole project? From what I have read so far it seems not.
What we would like for it to say would be something like
"Access to this application requires additional authentication. To initate additional authentication setup press '"Change my options"
Or something similar
Thanks in advance!
I cant autentification by mail (other methods i' cant tested). I have two 2016 ADFS and two 2016 Application proxy with HAProxy.
ADFS servers in failover mode, but now only one in use (by DNS record).
What I've done:
Setup adfsmfa.2.2.0.25.msi on both ADFS servers.
Run:
Register-MFASystem –Activate –RestartFarm –KeyFormat CUSTOM –RSACertificatDuration 2 –Verbose
New-MFADatabase -ServerName acod-msdb-cl -DatabaseName MFADatabase -UserName company\svc_adfs
New-MFASecretKeysDatabase -ServerName acod-msdb-cl -DatabaseName MFAKeysDatabase -UserName company\svc_adfs
All databases created successfully
Account svc_adfs member of domain admins group and in local admin group on ADFS server for testing.
Setup global and SMTP properties.
Change Access Control Policy to MFA for my application.
Then, i'm create user in MMC MFA console with UPN [email protected] and email [email protected].
When i go to https://myapplication.company.com i'm redirection to page with "Access code received by email :" and paste my code from mail. But when i'm push "Sign In" i see message "Invalid identification, please restart your session."
What did I miss in the setup and what am I doing wrong?
trying to implement adfsmfa and when I attempt to configure the parameters, MMC generates an unhandled exception. The logs show two errors:
This is an evaluation lab setup with two Windows 2012R2 servers
The Device Registration Service doesn't start, all other services are running error free.
I am able to complete the installation and Registration steps without incident. When I try to do the Post Configuration steps using the MMC Snap-in, clicking on Service Status and Global Parameters seems to work correctly. In the main configuration I've disabled SMTP and Phone, I'm using AD not SQL.
Clicking on the "Service Status", "Global Parameters", SQLServer configuration, SMTP configuration, Phone configuration and Security configuration menu item works.
Clicking on the "Active Directory Configuration" or "User Management" generates an error: MMC has detected an error in a snap-in and will unload it.
Application Error ID #1000
Faulting application name: mmc.exe, version: 6.3.9600.18910, time stamp: 0x5a57a503
Faulting module name: KERNELBASE.dll, version: 6.3.9600.18938, time stamp: 0x5a7ddf0a
Exception code: 0xe0434352
Fault offset: 0x0000000000008eac
Faulting process id: 0x970
Faulting application start time: 0x01d417976acbc7ed
Faulting application path: C:\Windows\system32\mmc.exe
Faulting module path: C:\Windows\system32\KERNELBASE.dll
Report Id: b688ae7d-838a-11e8-80c7-0800276d4153
Faulting package full name:
Faulting package-relative application ID:
.NET Runtime ID #1026
Application: mmc.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.Runtime.InteropServices.COMException
at System.DirectoryServices.DirectoryEntry.Bind(Boolean throwIfFail)
at System.DirectoryServices.DirectoryEntry.Bind()
at System.DirectoryServices.DirectoryEntry.RefreshCache()
at System.DirectoryServices.DirectoryEntry.FillCache(String propertyName)
at System.DirectoryServices.DirectoryEntry.get_NativeGuid()
at System.DirectoryServices.DirectoryEntry.get_Guid()
at Neos.IdentityServer.MultiFactor.Data.ADDSDataRepositoryService.CheckRepositoryAttribute(String attributename)
at Neos.IdentityServer.MultiFactor.RuntimeRepository.CheckRepositoryAttribute(MFAConfig cfg, String attributename, Int32 choice)
at Neos.IdentityServer.MultiFactor.Administration.ManagementService.CheckRepositoryAttribute(String attributename, Int32 choice)
at Neos.IdentityServer.Console.Controls.ADDSConfigurationControl.IsValidData()
at Neos.IdentityServer.Console.Controls.ADDSConfigurationControl.UpdateLayoutConfigStatus(ConfigOperationStatus status)
at Neos.IdentityServer.Console.Controls.ADDSConfigurationControl.DoCreateControls()
at Neos.IdentityServer.Console.Controls.ADDSConfigurationControl.OnCreateControl()
at System.Windows.Forms.Control.CreateControl(Boolean fIgnoreVisible)
at System.Windows.Forms.Control.CreateControl(Boolean fIgnoreVisible)
at System.Windows.Forms.Control.CreateControl(Boolean fIgnoreVisible)
at System.Windows.Forms.Control.CreateControl()
at System.Windows.Forms.Control.ControlCollection.Add(Control value)
at Microsoft.ManagementConsole.View.HandleInitializationRequest(IRequestStatus requestStatus)
at Microsoft.ManagementConsole.View.ProcessRequest(Request request)
at Microsoft.ManagementConsole.ViewMessageClient.ProcessRequest(Request request)
at Microsoft.ManagementConsole.Internal.IMessageClient.ProcessRequest(Request request)
at Microsoft.ManagementConsole.Executive.RequestStatus.BeginRequest(IMessageClient messageClient, RequestInfo requestInfo)
at Microsoft.ManagementConsole.Executive.SnapInRequestOperation.ProcessRequest()
at Microsoft.ManagementConsole.Executive.Operation.OnThreadTransfer(SimpleOperationCallback callback)
Exception Info: System.Reflection.TargetInvocationException
at Microsoft.ManagementConsole.Executive.MmcThreadMessageWindow.OnThreadException(Exception e)
at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)
at System.Windows.Forms.UnsafeNativeMethods.DispatchMessageW(MSG& msg)
at System.Windows.Forms.Application.ComponentManager.System.Windows.Forms.UnsafeNativeMethods.IMsoComponentManager.FPushMessageLoop(IntPtr dwComponentID, Int32 reason, Int32 pvLoopData)
at System.Windows.Forms.Application.ThreadContext.RunMessageLoopInner(Int32 reason, ApplicationContext context)
at System.Windows.Forms.Application.ThreadContext.RunMessageLoop(Int32 reason, ApplicationContext context)
at Microsoft.ManagementConsole.Internal.SnapInMessagePumpProxy.Microsoft.ManagementConsole.Internal.ISnapInMessagePumpProxy.Run()
at Microsoft.ManagementConsole.Internal.ISnapInMessagePumpProxy.Run()
at Microsoft.ManagementConsole.Executive.SnapInThread.OnThreadStart()
at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
at System.Threading.ThreadHelper.ThreadStart()
It seems that in your implementation the user secret can be displayed without regenerating it.
In other application you can only regenerate a new secret to link to a new phone. That seems a bit more secure. At this time the user cannot be sure the secret isn't linked to an other phone.
Ps. Are you guys moving from codeplex to github or is this an archived copy? Since codeplex is going to be read-only in the near future.
hello
When I try to scan the qrcode i have the message Qr code invalide
Do you have an idea ?
thx
it will reset to [email protected] after save.
Hello,
We notice our users are struggling to get through the enrollment process. Together with #32, we try to streamline this process.
When a new user tries to sign in, they first have to click the 'I do not have the code' link:
Then they will reach the following screen, which has several options:
We feel that option marked as 1 is confusing in this case, because the user already expressed that they do not have the code. Perhaps this could be hidden when the user does not have a code yet, or came at this page after clicking on that link.
The option marked as 2 could perhaps be replaced by a cancel button, because it would end up at an error message.
By making this form a little simpler, we believe it would be less confusing for end-users.
Thanks in advance, Kevin.
Hi,
We are testing and are using the latest 2.0.2.967.
We have a desired scenario that kind of works now, but it would have been nice to extend this feature a little bit.
MFA Status: Must be in the mode “Mandatory – MFA cannot be disabled”
User Registration: Should be in the mode “Administrative - Registration made by the support”
Options Management: Would be nice with a new option here, Enroll Authenticator App. This option would add a link on the OTP page. Clicking the link take you to a page where you are first prompted to enter OTP code (gets it from email or SMS), and then guides you through the Authenticator App Enrollment with the QR code. Something like this:
We’re doing kind of this now in our testing by enabling, under Options Management, “User Management Options”, and then in the ADFS onload.js hide/change certain things on the pages. But it does not look so nice since that gives you some extra pages that are not necessary. And the process is a bit confusing for the user.
What do you think, would it be something you would like to add?
Thank you for your nice work on this!
Andreas
Hello
I am not really sure if it is a bug or planned in this way.
I am testing version 2.2.0.1002.
After deactivation of a user the user disappears completely in the gui and also in PowerShell.
Reactivation is only possible with changing the field msDS-cloudExtensionAttribute18 back to true with the attribute editor.
Thank you.
Hi All,
Feel free to post you remarks and bug found.
We are working with you !
Regards
Hello
It would be nice to have German text in the Webinterface
I can offer you to translate the Text patterns from English to German.
Günther
Hi,
I get a Warning when I install a certificate for RSA encryption.
Both the command:
Install-MFACertificate -RSACertificateDuration 5 -RestartFarm -Verbose
and the command :
Register-MFASystem –Activate –RestartFarm -KeysFormat RSA -RSACertificateDuration 5 –Verbose
gives the warning:
WARNING: 4:23:05 AM Error adding certificate "0A2B697C59C4C42EF595D34F91DB0FA666455E1F" to ADFS Decrypting Certificates list, your must do it manually !
Everything seems to work though.
What manual process is the message referring to?
Or could this message be ignored?
Kind Regards,
Andreas
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.