Closed SurtursRevenge closed 2 years ago
rcdevs
commented
2 years ago Hello,
Is it still an issue for your setup ? We need to check if we can distinguish between local and LDAP accounts somehow and then improve our app with such a setting.
Best regards
SurtursRevenge
commented
2 years ago Hello,
yes this is still an issue and it would realy help if this would get implemented.
Best regards
rcdevs
commented
2 years ago Hello,
We started to investigate. Can you confirm, on your setup, that only the local users are listed when you issue this SQL request on the database :
SELECT uid FROM oc_users
If so, and before we integrate it in our app (I will try right now), you can run this SQL request to exclude them from MFA authentication :
UPDATE oc_twofactor_providers SET enabled=0 WHERE uid IN (SELECT uid FROM oc_users)
rcdevs
commented
2 years ago Hello,
The feature you requested can be implemented. We should release a new version of the application today or tomorrow that will add this new setting.
Best regards
rcdevs
commented
2 years ago Hello,
We just released the version 1.4.0 that adds the setting to disable OpenOTP authentication for local users.
Best regards
Hello,
we are using the OpenOTP Plugin for Nextcloud for a long time and are very happy with it. I need to enforce MFA for all LDAP Users, so we enabled the option "Two-Factor authentication (Enable OpenOTP for all user)" and disabled the option "Allow users to administer Two-factor on their profile settings page".
The problem we now have is, that this breaks local nextcloud users. So the local admin is now broken. Also we want to create local account for external partners which don't have an ldap account. So we are now looking for an option to enforce MFA for all LDAP users, but to exclude local nextcloud users from OpenOTP MFA.
Unfortunately i was not able to find any option for this.
So now i am looking for some suggestions how to solve this isse.
Best regards