VM 19.0.4 2FA no longer working

Greetings all…

I wonder if anyone can advise?

My reliable NC 19.0.3 VM did another auto-update to 19/4. What I have found is that I can no longer log in using a web browser. I get the attached screenshot. I have tried to use one of my codes but that too gets rejected. :roll_eyes:

I have been using 2FA for a long time without any issues…

The mobile and desktop apps all work fine, in fact, any app that used a Nextcloud account to login works, however any app that requires a password setup in settings/security no longer works?

I have tried to OCC to disable 2FA, such as:

sudo nextcloud.occ twofactorauth:disable myusername

but I get

nextcloud.occ command not found. The same with

sudo occ twofactorauth:disable myusername

I run this command in /var/www/nextcloud

I’ve always found that OCC thing tricky to use…

Can anyone please give some guidance? I have rebooted a couple of times with no change. Also, my instance uses “Splash” but that has also gone away to a nextcloud blue background.

Any help would be appreciated.

Del J

but I get

nextcloud.occ command not found. The same with

sudo occ twofactorauth:disable myusername

If you don’t provide a path to the occ command, how should your server know where the program is located? The program is usually being located in the Nextcloud document root directory :wink:

BTW, do you know the nice little search function of this forum in the upper right corner of the screen? It provides many answers, especially on this kind of question :sunglasses:

been there. done that :wink:

Correct in the Nextcloud VM appliance should be:

sudo -i
nextcloud_occ twofactorauth:disable myusername twofactorauthprovider

@deljones
You might have to add php into the command

sudo php /var/www/nextcloud/occ twofactorauth:disable myusername

@szaimen thanks for this. I got “twofactorauthprovider does not exist” in a red box. Can you help me to determine provider by any chance?

Thanks

Dj

The occ command provides a help screen for all commands

occ twofactorauth:state --help
occ twofactorauth:disable --help

@OliverV thanks so much for your help. I got he following form this…

root@digitalcarnage:~# sudo -u www-data php /var/www/nextcloud/occ twofactorauth:disable root

returns: Missing “provider-id”

sudo php /var/www/nextcloud/occ twofactorauth:disable myusername

Returns the same.

Yes I have changed the myusername for the correct username with the problem.

Thanks again

dj

The command is incomplete, because you haven’t entered the provider_id which is essential to disable it. Use the :state command to get all active ids displayed fo a user.

@j-ed Thank very much. Can you help with the syntax please.

Dj

find out enabled twofactorauthproviders for your root user by running
sudo -i
nextcloud_occ twofactorauth:state root
This command should return the name of enabled twofactorauthproviders

Then you can take one enabled twofactorauthprovider and disable it by running
sudo -i
nextcloud_occ twofactorauth:disable root twofactorauthprovider
Pleae don’t forget to substitute twofactorauthprovider with the correct name that you got from the first command.

@szaimen Again thanks for your help.

So I ran

sudo -i
nextcloud_occ twofactorauth:state username

which returned the following:

Enabled providers:

  • backup_codes
  • twofactor_nextcloud_notification
  • totp

I followed this with

nextcloud_occ twofactorauth:disable username totp

nextcloud_occ twofactorauth:disable username backup_codes

nextcloud_occ twofactorauth:disable username twofactor_nextcloud_notification

…and got the following for each

In ProviderManager.php line 53:
The provider ‘totp’ does not exist’
twofactorauth:disable [–output [OUTPUT]] [–] <provider_id>

I replaced username with the correct username on the system
and the non existant provider was replaced with the providers name from the :state command.

I think I’m going to cry

Dj

Maybe try

sudo -i
nextcloud_occ config:system:set twofactor_enforced --type=bool --value=false

@szaimen

Returned:

System config value twofactor_enforced set to boolean false

But I still get the attached photo…

oops_NO2fa

When I run :state it returns the providers still as enabled

Dj

OK here is what I did…

using OCC I added a redundant user to the admins group who I know did not have 2FA. Once in as an admin user I found that the upgrade from 19.3 to 19.4 has removed all of my installed apps except the Nextcloud default ones!!! This means that 2FA is no longer available. My NEWS, RADIO, MAPS, DECK, NOTES everything has gone! So now I’m stuck.

Thanks, guys though for your help so far. I appreciate it. Looks like I have to put all my apps back, reinstall 2FA, generate new codes, etc, and see how I go.

I though that something odd was going on when I went to my instance and saw that there were no Splash backgrounds.

Thx

Dj

1 Like

FIXED.

I have had to reinstall the Two-Factor Authentication via Nextcloud notification app as the new admin user from my previous post here and now all is well again however the update has certainly fried all of my apps!!! They are no longer there…!!

I have a list of apps that I had installed so I have done a “download and enable” on them. Fortunately, the config files for the apps are still intact so they all work as before. Whew!!

I think I’ll turn off Auto-update for a while… :smirk:

Again thanks for your time. I have learnt some more stuff today!

Dj

1 Like

Good idea…

Another one: before embarking on a major update make a backup/snapshot.
Rolling back to a snapshot on VMware takes minutes, even on ancient hardware…

I understand how blah-blah-blah this advice feels.
To everyone except the ones that paid the price of lost data…

yep… :wink: :wink: