You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@guacamole.apache.org by "Joonas Tuomisto (Jira)" <ji...@apache.org> on 2020/12/07 16:44:00 UTC
[jira] [Created] (GUACAMOLE-1233) Add UI support for TOTP resets
Joonas Tuomisto created GUACAMOLE-1233:
------------------------------------------
Summary: Add UI support for TOTP resets
Key: GUACAMOLE-1233
URL: https://issues.apache.org/jira/browse/GUACAMOLE-1233
Project: Guacamole
Issue Type: Improvement
Components: guacamole-auth-totp, guacamole-client
Affects Versions: 1.2.0, 1.1.0
Reporter: Joonas Tuomisto
Currently there is no functionality in the UI to reset a user's TOTP enrollment. If a user changes devices or uninstalls the TOTP application from their phone etc., Guacamole administrators have no UI for clearing the TOTP secret from the database so users can re-enroll. In a larger deployment this is of course a significant support scenario and a supportability concern as no UI for it exists.
Ideally the "edit user" page should contain a button such as "Reset TOTP" that would allow an administrator to clear the user's TOTP enrollment from the guacamole_user_attribute table.
My personal solution to this issue was a bash script that directly executes SQL against the Guacamole database (which obviously requires shell access to the database server) and a custom web server/-ice that provides a web interface to do the same with LDAP (AD) integrated login (as I can't write Java I couldn't implement this directly into Guacamole).
--
This message was sent by Atlassian Jira
(v8.3.4#803005)