HI,
I have 4 node DirectAccess cluster runing WIndows Server 2012R2. all working fine. but now we need to add OTP to the authentication.
Aftre much frustration I managed to find an article that detailed how to configure the certificates, this was the LAB how to.
I have managed to configure the DA servers with powershell to specify the CA server and logon and Siging Request certificates.
When I update the policy on a client and then disconnect it from the network we successfully get a prompt for a OTP.
However when the OTP code from the token is entered I get the error:
Authentication failed due to an internal error (error code: 0x80040002). Try again, or ask your administrator for help.
The OTPCredentialProvider log shows:
Event ID: 10004
SOurce OtpCredentialProvider
A certificate for OTP authentication cannot be created code: 0x80040002
A search of the web does not bring anything up on this error.
Any suggestions really appreciated.