HPE Community
HPE Nimble Storage Solution Specialists
1754444 Members
2875 Online
108814 Solutions
New Discussion юеВ

2fa not working

 
ronniekilel
Occasional Visitor

тАО03-28-2024 09:30 AM - last edited a month ago by

тАО03-28-2024 09:30 AM - last edited a month ago by

2fa not working

I have enabled 2fa on a user but unable to login

0 Kudos
Reply
3 REPLIES 3
Satish04
HPE Pro

a month ago

a month ago

Re: 2fa not working

Hi ronniekilel,

If a user cannot log in after enabling two-factor authentication, ensure that they have entered both their password and second factor correctly.
Make sure the authentication method for 2FA is set up correctly. After validationg the setting, if the issue persists consider resetting the user's 2FA settings.


Hope this helps.!


Regards,
Satish

I work for HPE.
Any personal opinions expressed are mine, and not official statements on behalf of Hewlett Packard Enterprise.

Accept or Kudo

0 Kudos
Reply
shuff
Advisor

4 weeks ago

4 weeks ago

Re: 2fa not working

To use two-factor authentication (2FA) with Nimble Storage, you need to ensure that certain prerequisites are met. These include having a Service Account, which is a proxy user that authenticates and authorizes LDAP users. The Service Account LDAP username is the full bind DN and it requires read permission for the user and group subtrees. The parameters ldap-service-account and ldap-service-account-password must be set to configure the Service Account. The ldap-2FA-cert-field setauthparam parameter should point to where the UserтАЩs Id lives in their certificate. It can either be in the Subject or Subject Alternative Name field. The ldap-2FA-object-attr setauthparam parameter points to where the Users's Id lives in their LDAP Object. The Root CA and Intermediate Root CA certificates for CACs must be imported to the storage system. The storage system administrators with the super role can import certificate with the CLI command: importcert cac -ca stdin. The user computers must have a CAC reader, such as an external USB smart card reader or an internal reader. A CAC reader driver or middleware must be present. OpenSC Libraries and utilities must be present. Linux distribution comes with OpenSC libraries installed by default. For Windows distribution, install OpenSC libraries and utilities from https://github.com/OpenSC/OpenSC/releases. The user must have their CAC physically available when logging in to the storage system and must know the PIN for their CAC.

0 Kudos
Reply
DaveOb
HPE Pro

a week ago

a week ago

Re: 2fa not working

Check the time is not skewed on the array.Your phone is most likely using the carrier to keep time in sync if the array is not syncing with ntp time drift will effect logon.

 


I am an HPE employee
[Any personal opinions expressed are mine, and not official statements on behalf of Hewlett Packard Enterprise]
Accept or Kudo
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.