You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@guacamole.apache.org by "Joonas Tuomisto (Jira)" <ji...@apache.org> on 2020/12/07 16:44:00 UTC

[jira] [Created] (GUACAMOLE-1233) Add UI support for TOTP resets

Joonas Tuomisto created GUACAMOLE-1233:
------------------------------------------

             Summary: Add UI support for TOTP resets
                 Key: GUACAMOLE-1233
                 URL: https://issues.apache.org/jira/browse/GUACAMOLE-1233
             Project: Guacamole
          Issue Type: Improvement
          Components: guacamole-auth-totp, guacamole-client
    Affects Versions: 1.2.0, 1.1.0
            Reporter: Joonas Tuomisto


Currently there is no functionality in the UI to reset a user's TOTP enrollment. If a user changes devices or uninstalls the TOTP application from their phone etc., Guacamole administrators have no UI for clearing the TOTP secret from the database so users can re-enroll. In a larger deployment this is of course a significant support scenario and a supportability concern as no UI for it exists.

 

Ideally the "edit user" page should contain a button such as "Reset TOTP" that would allow an administrator to clear the user's TOTP enrollment from the guacamole_user_attribute table.

 

My personal solution to this issue was a bash script that directly executes SQL against the Guacamole database (which obviously requires shell access to the database server) and a custom web server/-ice that provides a web interface to do the same with LDAP (AD) integrated login (as I can't write Java I couldn't implement this directly into Guacamole).



--
This message was sent by Atlassian Jira
(v8.3.4#803005)