Cannot Disable MFA for Admin access to Admin Panel

I can see that an admin account but not disable it with Very Confused.

Sorry if I’m misunderstanding something basic - I’ve read the posts available but I think there is something gone Tango Uniform on my MiaB:

-  Phone was authenticator - but crashed and died. Thus lost authenticator.
-  Can view that the account has MFA registered with the admin user.
-  Trying to disable reports that user doesn't exist or have MFA registered
-  Confusion Reigns

Can show that user has MFA registered:

./ user mfa show
1,totp,S22 Ultra

When I try to disable it tells me it doesn’t exist. Um, huh?

./ user mfa disable
Invalid user or MFA id.

I have no clue other than to start fishing through the code to see what it would have done. But I have better plans for my night and am facing project deadlines. Can someone throw me a clue?

Ok found the answer after digging through the code - you need the mfa token id. In this case it was 1 (one):

./ user mfa show
1,totp,S22 Ultra

So the command should have been:

./ user mfa disable 1

Misread the post as, at least for me, the 1 (one) appeared on a new line and discounted it as line noise. Oops!

My trials and misfortunes are documented here should anyone else run into the same problem and need a solution.

Mischief Managed.

1 Like

Yes, you can see all of the available options and their syntax with:

$  mailinabox/management/ 
  management/ user                                     (lists users)
  management/ user add [password]
  management/ user password [password]
  management/ user remove
  management/ user make-admin
  management/ user remove-admin
  management/ user admins                              (lists admins)
  management/ user mfa show            (shows MFA devices for user, if any)
  management/ user mfa disable [id]    (disables MFA for user)
  management/ alias                                    (lists aliases)
  management/ alias add
  management/ alias add ','
  management/ alias remove

Removing a mail user does not delete their mail folders on disk. It only prevents IMAP/SMTP login.

Ah, thanks for that. I have one small caveat: square brackets around a parameter usually means that it’s optional. It isn’t optional, you need to supply the token [id].

1 Like

This topic was automatically closed 40 days after the last reply. New replies are no longer allowed.