Zimbra 10 OSE, 2FA 0.8.0 Not show QR code when setup.

[ngvannguyen]

I have try test install 2fa on zimbra 10.0.7. But not show QR code. How to fix it? Thank author!

[adriangibanelbtactic]

I have try test install 2fa on zimbra 10.0.7. But not show QR code. How to fix it? Thank author!

1) Assuming you have already tried another web browser (for avoiding cache issues)... can you please share the:

zmcontrol -v

so that we know, more or less where this Foss build has come from?

2) Also... are you using any custom or non standard theme? Does the QR work if you use the standard/default theme?

3) Maybe you are using a javascript blocker?

4) Do you see any error on the browser console (Developer tools) ?

5) Is this a new install or an update? If it is an update... Did you use the update instructions instead of just running the installer?

Thank you.

[ngvannguyen]

I have checked again according to your suggestion. It's true that my browser has a problem. I think the block ad free addon blocked it,. When I open incognito mode, everything works normally and the qr code is displayed. Thank you for your help.

[ngvannguyen]

My zimbra version zmcontrol -v Release 10.0.7_GA_0124.RHEL7_64_20240312183207 RHEL7_64 FOSS edition. thanks

[ngvannguyen]

Hi Adrian. When I try to log in after turning on 2-step authentication, it gives me this error "Two factor code cannot be initialized. Please try to login with username and password again". But if I get the authentication code, I can still log in.

[adriangibanelbtactic]

Well, your installation seems to be a custom built tgz based on the ianw1974 zimbra-build-scripts. Isn't it?

That reads from develop branches by default which had some 2FA stuff updated recently. That 2FA development work is supposed to land on Zimbra 10.1.x not in Zimbra 10.0.x.

Whenever there is an official release of Zimbra 10.1.0 or whatever version it gets it's when I will be able to test or upgrade this extension to the new Zimbra 10.1.0 and see if everything works as expected or not.

So I am afraid I cannot support ianw1974 zimbra-build-scripts builds done after, let's say, 2024 02.

If this is a test machine that you upgraded from 8.8.15p45 or similar and you want to really check if it's something that affects Zimbra 10.0.x (against the current hypothesis which involves ianw1974 build problems) please upgrade to Zimbra Foss 10.0.8 from maldua which I know it has been properly built against the 10.0.8 tag from 8.8.15p45 and report back if you find the same problems or not.

[ngvannguyen]

It's true that I built from ianw1974 zimbra-build-scripts. My zimbra version 10.0.7 was upgraded from version 8.8.15p45. I will try with the zimbra 10.0.8 version you provided. and will respond. Thank.

[adriangibanelbtactic]

It's true that I built from ianw1974 zimbra-build-scripts. My zimbra version 10.0.7 was upgraded from version 8.8.15p45. I will try with the zimbra 10.0.8 version you provided. and will respond. Thank.

Just in case it's not clear you need to upgrade from 8.8.15p45 to Maldua's 10.0.8.

Upgrading from ianw1974's 10.0.7 to Maldua's 10.0.8 is known not to work because some additional ldap attributes that ianw1974 build has that should not be there.

[ngvannguyen]

Upgrading from ianw1974's 10.0.7 to Maldua's 10.0.8 is known not to work because some additional ldap attributes that ianw1974 build has that should not be there.

Our prod server has been upgraded to ver 10.0.7. I will look into the link you sent.

[adriangibanelbtactic]

Upgrading from ianw1974's 10.0.7 to Maldua's 10.0.8 is known not to work because some additional ldap attributes that ianw1974 build has that should not be there.

Our prod server has been upgraded to ver 10.0.7. I will look into the link you sent.

Ok, if you document your ldap attributes removal in depth please share it here or in the forum thread because I might want to automate that process in the future.

Thank you.

[ngvannguyen]

#################
source ~/bin/zmshutil
zmsetvars
ldapmodify -x -H $ldap_master_url -D "uid=zimbra,cn=admins,cn=zimbra" -w $zimbra_ldap_password
dn: cn=config,cn=zimbra
changetype: modify
delete: zimbraDomainLoginPageEnabled

###################################
zimbraDomainLoginPageEnabled
zimbraCountAccountsEnabled
zimbraEventIndexReplicationFactor
zimbraFeatureMailRecallEnabled
zimbraFeatureMailRecallTime
zimbraMaxSolrBatchDeletionSize
zimbraModernWebClientDisabled
zimbraSolrBatchDeletionInterval
zimbraTwoFactorAuthEmailCodeLength

I have removed some attributes. Then I upgraded from build 10.0.7 (ianw1974's) to 10.0.8 (Maldua's) and no errors occurred.

Edited: Code highlight.

[adriangibanelbtactic]

I have removed some attributes. Then I upgraded from build 10.0.7 (ianw1974's) to 10.0.8 (Maldua's) and no errors occurred.

Thank you very much for your code snippet. It's going to be very handy.

As the extension it's working on a 10.0.8 built on tags version I am going to close the issue.