Error using FIDO U2F: MetadataService must be initialized #114
Comments
|
Hi @gtbuchanan Yes, this is a bug! and since version 2.5 ... Regards |
|
@redhook62 Thank you! The device is a Yubico Security Key NFC and I'm running ADFS on Windows Server 2019. |
|
Ok, a small build today just adding initialization Metadata service... Regards |
|
Hi @gtbuchanan Correctly initialized in version 3.0.2008.2 Regards |
|
@redhook62 I'm happy to report I'm now able to successfully authenticate with my Yubikeys in ADFS! I can't thank you all enough for the work you've done on this project. I just came across it this week and It's exciting to be able to use passwordless authentication without a paid service like Azure. I'll be submitting a few more issues about some other things I've noticed but they're very minor. Hopefully, I can become familiar enough with the code to be able to submit some PRs myself. I'm very interested in ultimately using username-less authentication as well. As an aside, the MMC snap-in now refuses to load after upgrading from 3.0.2008.1 to 3.0.2008.2. It seems to be hanging at "Adding snap-in to console". I've tried reinstalling, restarting, and unregistering but I still can't get it to load and there aren't any errors I can find (unlike #20). Any ideas? |
|
Hi, @gtbuchanan We haven't touched the MMC at all; it's exactly the same code as the previous one. For username-less, you must register your device on an MDM. It is also one of our future projects on Git (write an MDM for ADFS and Others) We are very happy that your key is working correctly, before with many Yubico keys we have never been able to register them correctly in Windows (for Windows Hello). Regards |
I'm not sure what's going on either but 3.0.2008.2 just doesn't let me load the MMC module (seems to hang on load indefinitely). I reverted back to 3.0.2008.1 and it started working. Just tried upgrading to 3.0.2008.2 again and the MMC module stopped working again. I've tried a full uninstall/reinstall and the upgrade steps. Is there any adfsmfa data I need to remove manually that isn't handled by
Excellent! I look forward to it. This would be a game-changer for self-hosted solutions.
I had already gotten this working on 3.0.2008.1 with regular biometrics (facial recognition). It works great.
I haven't actually figured out how to register it with Windows Hello yet. I don't think you can with domain accounts (without Azure AD) based on everything I've read. I tried seeing if Microsoft was considering adding FIDO2 support to ADDS but they don't seem to care. For now, I'll just be using it with ADFS.
My personal computers are all on Windows 10 Enterprise 2004 and I use Firefox as my primary browser. |
|
Thanks We will test again tomorrow, |
|
Hi @gtbuchanan MMC bug confirmed ! A new release today Regards |
|
@redhook62 The issue has been resolved. Thank you! |
I receive the following error in Event Log when attempting to authenticate with a Yubikey Security Key NFC (FIDO U2F):
There is no other information in the log. I couldn't find anywhere in the source code where
IMetadataService.Initializeis called so I assume that is the issue whenIMetadataService.GetEntryis called later.Here's my WebAuthN security config:
Here's my Biometrics provider config:
The text was updated successfully, but these errors were encountered: