Jump to content
XPEnology Community
  • 1

How disable 2-factor authentication ? (DSM 7.1.1)


renegadeBE

Question

Hi,

 

After migrating to DSM 7.1.1 (test server) with TCRP v9, the code is refused, DSM asks me to reset the service or dsm.

 

I have acces to the server with ssh, SMB work, files acces OK.

 

In folder "/usr/syno/etc/preference/" or "/usr/syno/etc/preference/(user-admin)" no such file corresponding to google auth.

 

How disable 2-factor authentication ? Thanks :-)

Edited by renegadeBE
Link to comment
Share on other sites

5 answers to this question

Recommended Posts

  • 0

Solved :

 

Enable default admin account and process.

 

SSH :

 

for it -> Synouser tool

 

$ sudo synouser
Password:
Copyright (c) 2003-2022 Synology Inc. All rights reserved.

Usage: synouser
        --help
        --rebuild {all|(domain Force{0|1})|(ldap Force{0|1})}
        --enum {local|domain|ldap|all|domain_used}
        --enumpre {local|domain|all|domain_used} prefix Caseless{0|1}
        --enumsub {local|domain|all|domain_used} substr Caseless{0|1}
        --enum_admin {local|domain|ldap|all}
        --get username
        --getuid UID
        --add [username pwd "full name" expired{0|1} mail privilege]
        --modify username "full name" expired{0|1} mail
        --rename old_username new_username
        --setpw username newpasswd
        --del username1 username2 ...
        --login username pwd
        --dbopen2 username
        --filesetpw
        --create_homes {domain|ldap}

 

Edit admin user status

 

Enable account :

 

sudo synouser --modify admin "System default user" 0 mail@mail.dom

 

Set password :

 

sudo synouser --setpw admin setpassword

 

Check status expired = false :

 

/$ sudo synouser --get admin
User Name   : [admin]
User Type   : [AUTH_LOCAL]
User uid    : [1024]
Primary gid : [100]
Fullname    : [System default user]
User Dir    : [/var/services/homes/admin]
User Shell  : [/bin/sh]
Expired     : [false]
User Mail   : [mail@mail.dom]
Alloc Size  : [125]
Member Of   : [2]
(100) users
(101) administrators

 

Now, go on DSM : identify with the admin account and password.

- Go to control panel / users and

- Edit user to disable 2-step authentification.

- Log out and back in with the correct account

- Don't forget to disable the default admin account.

 

 

Link to comment
Share on other sites

  • 0

The 2-factor authentication does not depend on TC! But on DSM!

You can access the terminal with the serial port.

 

On 9/11/2022 at 5:47 PM, JakeSully said:

i'm still stuck on this issue as well but for me i sadly have not enabled SSH.

 

So i'm stuck where i need to find out where on USB the TC stores DSM. So i can go there and delete the file.

 

 

Link to comment
Share on other sites

  • 0
On 9/13/2022 at 9:46 PM, renegadeBE said:

The 2-factor authentication does not depend on TC! But on DSM!

You can access the terminal with the serial port.

 

I think you missunderstood or i just didn't write it clearly, but what i meant is i had to make new USB with TC 9.0.2 to get DSM 7.1.1 working on my server and now my account is stuck on 2FA miss configuration error and since i couldn't access system files before i was having huge issue.

 

But now i found this guide 

It seems to have given me access to system partition this time so i can browse for file i need to remove. So 2FA becomes disabled. 

 

Update:

 

link i shared sure did the trick, now i also found out actual file to remove to disable 2FA.

Edited by JakeSully
Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
×
×
  • Create New...