I am looking to assign MFA to the default administrator user (created at installation time I believe), but it is not possible without an assigned email address.
How do you even assign an email address for this user? It does not show up in the User Manager section.
You don’t need to use the Administrators module, you can set Admin GUI access to users in User Management. The Administrators module will be deprecated in the upcoming version and the initial install setup will use User Management when creating the first admin.
Okay, so if I understand correctly, you can give admin privileges to other users. I have done this before.
However, I don’t want a non-MFA protected admin user to exist. How can I delete or disable this user from the Administrators module? Can I use the same user name in the User Manager?
There’s an option to delete the user when editing.
I believe you can, but I wouldn’t recommend it.
In case you get into trouble, know that there is an unlock method to get into the admin GUI without user credentials:
https://wiki.freepbx.org/pages/viewpage.action?pageId=37912685#fwconsolecommands(13+)-Unlock
Thanks for the help, I was able to successfully remove the Admin user form the Administrators module and create a new administrator user using the User Manager.
I enabled MFA using Authenticator apps for the new admin user, but I am not getting an email to set up the OTP, following these instructions.
I logged out and logged back in. I tried disabling and re-enabling MFA without any luck. I’m not sure what I’m missing.
Here’s the setup: please ignore the username and email fields, those are not the real ones, I just hid them for the sake of posting here.
Not enough info to debug. I assume that there are no issues with the PBX delivering email. Your module purchase includes support, I recommend you open a support ticket.
Any issues with using the other forms of MFA, voice or email?
I was able to successfully successfully verity using email and call, but it never asked me for MFA when logging in with the user.
Nor am I getting an email to set up OTP still.
I will open a case.
Thanks.
This topic was automatically closed 31 days after the last reply. New replies are no longer allowed.
