No, rather not. I’d suggest to wipe the codes from the DB, since we’ve deactivated all twofactor modules and also have set your account to not have any backup_codes enabled, but they’re there anyway.
So… go ahead and remove them from the table using this query:
delete from oc_twofactor_backupcodes where user_id=‘MarkB’;
I’d say, it cannot hurt - we’re already so deep into the weeds here.
And no worry about myself, although I actually thought, that this issue would be easier to tackle. Is this your personal instance? I am asking, because we might hit a point, where you will have to face a re-install of NC. You would not use any actual data, but this step would cause some real work on the database, but it is possible.
ok ill do it.
it is my personal instance. my last resort…
i did one thing right (i suppose) and i duplicated the entire nextcloud folder and labled it as running config.
would i be shooting myself in the foot if i just rename the file to nextcloud, log in, and go about my business?
i dup’ed this a while ago and the data directory is inside of it as well
ok we are getting somewhere…
i have my code but now for some reason nextcloud login page says Could not load at least one of your enabled two-factor auth methods. Please contact your admin. Two-factor authentication is enforced but has not been configured on your account. Contact your admin for assistance.
i have enabled the totp app
gives same error on logon
disabled and then re-enabled all other twofactor apps
still same message on login
no im trying to figure out why it wont say “use backup codes” anymore
i created an admin account to try and solve this. should i delete that and try and create another?
Ok so a little update…
i ran
root@ADELL nextcloud]# sudo -u apache php occ twofactorauth:enable MarkB totp
The provider does not support this operation.
finally got fed up and created an account called admin
granted admin access to this account…and logged in!
i see now i have all access to nextcloud from the account however…
i navigated to the security settings and removed the admin group from the enforced group settings
added it to not enforced groups
unchecked the enforce 2FA box
tried logging in with MY admin account aaaaaaaaand nothing. it still says 2FA not configured
going back to admin user account i check the log when i try and log in on another computer and 4 errors pop up immediately
[core] Error: 1 two-factor auth providers failed to load
GET /index.php/login/selectchallenge
from xxx.xxx.x.xxx by MarkB at 2019-03-30T22:17:27+00:00
[core] Error: two-factor auth provider ‘admin’ failed to load
GET /index.php/login/selectchallenge
from xxx.xxx.x.xxx by MarkB at 2019-03-30T22:17:27+00:00
[core] Error: 1 two-factor auth providers failed to load
POST /index.php/login
from xxx.xxx.x.xxx by MarkB at 2019-03-30T22:17:27+00:00
[core] Error: two-factor auth provider ‘admin’ failed to load
POST /index.php/login
from xxx.xxx.x.xxx by MarkB at 2019-03-30T22:17:27+00:00
Well… this is why I asked about your instance and it’s importance. As it seems to be right now, I’d go for a new installation and keep the data folder, if there’s data on it, which you don’t have anywhere else.
Do you have your data folder inside your NC instance folder - this is the usual setup, but it needn’t to be this way.
SIDENOTE* you need direct database access to the nextcloud instance to repair this issue!
So after much work and sweating and pondering and trial and error…i got in!!
also with the help of my boss who got me in to nextcloud and knows it alot better than me.
SO… i will do my best to elaborate so that whoever has a similar issue in the future may stumble on this thread and hopefully fix it.
At the end of the day there seemed to be an issue with the database.
If there is ever an issue with 2FA do NOT do what i did and install more apps as it will clutter up the database. Also there is no need to create new users in hopes of getting rid of 2FA that way.
For some reason there was an entry in the database tables under oc_twofactor_providers set as enabled here…
for the life of me I could not change any twofactor app settings no matter what OCC commands i ran
so i changed it back to “0” with… update oc_twofactor_providers set enabled = '0';
now one thing to note…this command sets 2FA for ALL users to inactive
if you want to disable 2FA for the given user run this… update oc_twofactor_providers set enabled = '0' and uid = 'userID';
So…to recap…
when you have enabled twofactor and you dont have the backup codes for a particular user you can see what user has 2FA enabled from the database and proceed to deactivate to regain access
log in to your database and select the nextcloud database
then issue… show tables;
on that list you will see alot of tables but you are only interested in oc_twofactor_providers
to view the current state of the providers issue… select * from oc_twofactor_providers;
it will return to you a table of all the providers and what users have them enabled just like the above example provided by my database.
then issue… update oc_twofactor_providers set enabled = '0' and uid = 'userID';
Boom. That should do it. try logging in again with the user in question.
ALSO REMEMBER
if you are copying and pasting the commands here in this thread be sure to retype the single quotations as they will change when making this thread.