PhoneFactor移动应用程序激活代码URL不正确 [英] PhoneFactor mobile app activation code URL incorrect

问题描述

Posted elsewhere but was advised to post here instead;

我有多个站点(都独立于各自的域)，并且都具有运行正常的Multi Factor Authentication Server.我正在使移动应用程序正常运行，并且除一个网站外，其他所有网站均已成功.

I have multiple sites (all independent with their own domains) with functioning Multi Factor Authentication Server. I'm in the process of getting the mobile app working and have been successful on all but one site.

移动应用程序可以进行身份​​验证，与此无关.问题是在用户门户中生成激活码会生成错误的URL，从而生成错误的QR码.生成激活代码时，我期望这样的事情: https://co1pfpad03.phonefactor.net/pad/113237222

The mobile apps works to authenticate, there are no issues with this. The issue is generating an activation code in the user portal produces the wrong URL and hence the wrong QR code. When generating the activation code, I would expect something like this: https://co1pfpad03.phonefactor.net/pad/113237222

除此以外，我得到了这个:https://server.mydomainname.com/MultiFactorAuth/

Except, I'm getting this: https://server.mydomainname.com/MultiFactorAuth/

该URL正确显示在MFA服务器应用程序上，并且该URL可以正常工作.显然，门户网站没有从MFA服务器提取URL.唯一值得一提的是，用户门户网站与MFA不在同一服务器上.

The URL appears correctly on the MFA server application and the URL works as it should. Clearly the portal isn't pulling the URL from the MFA server. The only thing that may be worth mentioning is that the user portal is not on the same server as MFA.

推荐答案

1.通过打开移动设备上的浏览器并导航到生成QR码时出现的URL，确保可以访问Mobile App Web服务.确保带有Web服务操作的页面在没有任何证书的情况下成功加载 错误或警告.这样可以确保您可以从移动设备访问激活服务.

1. Ensure you can reach the Mobile App Web Service by opening a browser on your mobile device and navigating to the URL that appears when you generate the QR code. Ensure that the page with the web service operations loads successfully without any certificate errors or warnings. This ensures that you can reach the activation service from your mobile device.

2.在托管Mobile App Web服务的服务器上，使用https://localhost URL导航到该服务.忽略证书错误.调用TestSecurity和TestPfWsSdkConnection操作，并确保两者均成功. TestSecurity确保您 在移动应用Web服务和MFA服务器的Web服务SDK之间具有有效的SSL连接. TestPfWsSdkConnection还将确保您与Web Service SDK的连接良好，并且可以成功对其进行身份验证.

2. On the server hosting Mobile App Web Service, navigate to the service using a https://localhost URL. Ignore the certificate errors. Invoke the TestSecurity and TestPfWsSdkConnection operations and ensure both are successful. TestSecurity ensures that you have a valid SSL connection between the Mobile App Web Service and the MFA Server's Web Service SDK. TestPfWsSdkConnection will additionally ensure you have a good connection to the Web Service SDK and can successfully authenticate to it.

3.检查C:\ Program Files \ Multi-Factor Authentication Server \ Logs \ MultiFactorAuthSvc.log文件.您应该看到生成激活码的日志条目.再往下看，您应该看到一行显示激活码已被使用的行.你应该 然后看到MFA服务器连接到云服务的地方发生PfAuth，该服务会向您的移动应用程序发出静默推送通知，以验证它可以接收推送通知，并且该应用程序当前正在激活过程中.正确/错误结果 将被退回.如果结果为False，则您可能未在设备上为Azure Authenticator应用程序启用推送通知.最后，您将看到确认激活码的日志条目.查看日志中出现了哪些内容，然后 缺少哪些内容将有助于缩小激活过程中发生故障的位置.

3. Check the C:\Program Files\Multi-Factor Authentication Server\Logs\MultiFactorAuthSvc.log file. You should see a log entry for when the activation code is generated. Further down, you should see a line showing the activation code getting consumed. You should then see a PfAuth occur where the MFA Server connects to the cloud service, which does a silent push notification to your mobile app to verify that it can receive push notifications and that the app is currently in the process of activation. A True/False result will be returned. If the result is False, then you may not have push notifications enabled for the Azure Authenticator app on your device. Last, you will see a log entry for the activation code getting confirmed. See which of things appears in the log and which things are missing will help narrow down where the breakdown in the activation process is occurring.

您必须检查网络服务正确安装在初始服务器上，可能使用域管理员帐户并以 结果您需要正确配置PFUP_帐户.经过一番结合，Iit应该可以工作了.查看链接

You have to check whether, the web service  installed correctly on the initial server, possibly install it with a domain admin account and as a result the PFUP_ accounts you need to configure properly.  After a combination of things Iit should work. see the link

https://s4erka.wordpress.com/2018/01/24/mobile-app-authentication-with-azure-multi-factor-身份验证服务器错误调用本地身份验证服务故障排除/

https://s4erka.wordpress.com/2018/01/24/mobile-app-authentication-with-azure-multi-factor-authentication-server-error-calling-the-local-authentication-service-troubleshooting/

https://www.jasonsamuel.com/2017/03/06/how-to-deploy-microsoft-azure-mfa-user- dmz中的单独服务器门户/

https://www.jasonsamuel.com/2017/03/06/how-to-deploy-microsoft-azure-mfa-user-portal-on-separate-servers-in-the-dmz/

这篇关于PhoneFactor移动应用程序激活代码URL不正确的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！