Differences

This shows you the differences between two versions of the page.

--- 2fa_nextcloud_adjustments [2021/07/13 17:45] – created chris
+++ 2fa_nextcloud_adjustments [2021/07/13 18:45] (current) – chris
@@ Line 1: / Line 1: @@
 ** DISABLE 2FA IN NEXTCLOUD **
+If you cannot login or lost your back-up codes for TOTP in Nextcloud, you can disable it by editing the SQL database.
+Follow these steps:
+   mysql -u root -p
+Enter your passsword and list the database you have nextcloud installed in with
+   show databases;
+Go into your database name (in this case nextclouddb) by typing:
+   use nextclouddb;
+Find the table with passwords for TOTP with:
+   select * from oc_twofactor_providers;
+It will show a the table like this:
+   +----------------------------------+-------------+---------+
+  | provider_id                      | uid         | enabled |
+  +----------------------------------+-------------+---------+
+  | backup_codes                     | user1       |       0 |
+  | backup_codes                     | user2       |       1 |
+  | ...                              | ...         |     ... |
+  | totp                             | user1       |       1 |
+  | totp                             | user2       |       1 |
+  | ...                              | ...         |     ... |
+  | twofactor_nextcloud_notification | user1       |       0 |
+  | twofactor_nextcloud_notification | user2       |       0 |
+  | ...                              | ...         |     ... |
+  | u2f                              | user1       |       0 |
+  | u2f                              | user2       |       0 |
+  | ...                              | ...         |     ... |
+  +----------------------------------+-------------+---------+
+Change the value in "enabled" of a user you want in "uid" of the "provider_id" "totp" from 1 to 0 to disable the TOTP authentication in Nextcloud by typing:
+   update oc_twofactor_providers set enabled='0' where uid='user2' and provider_id='totp';
+After this change your good to login without 2FA for that selected user. If you like to enable 2FA again for a particular user just enable the value with '1' by typing:
+   update oc_twofactor_providers set enabled='1' where uid='user2' and provider_id='totp';
+Tip:
+you also can change the secrets are make it a identical code for all users in this table:
+  +----+---------+----------------------------------------+-------+--------------+
+  | id | user_id | secret                                 | state | last_counter |
+  +----+---------+----------------------------------------+-------+--------------+
+  |  1 | user1   | WQSXCDEOTKGVMB                         |     2 |     34321134 |
+  |  2 | user2   | POIJELKAJSDIFJ                         |     2 |     34321134 |
+  |  3 | user3   | LKAJDFOIJEJLKL                         |     2 |     34321134 |
+  |  4 | user4   | ALSKDJFIKOEJLF                         |     2 |     34321134 |
+  |  5 | user5   | KJALKENEODKJLK                         |     2 |     34321134 |
+  +----+---------+----------------------------------------+-------+--------------+
+List the table by typing
+  select * from oc_twofactor)totp_secrets;
+Update the users with a particular code of another user by typing:
+  insert into oc_twofactor_totp_secrets (id, user_id, secret, stat, last_counter (values(2,'user2,'POIJELKAJSDIFJ',2,34321134;
+\\
+\\
+Enjoy,
+**Your ArtIT Team**
+\\
+\\
+**[[applications|BACK]]**