Environment
- Carbon Black Cloud console: January '24 Release (1.22) and lower
- Duo Security Two Factor Authentication/Multi-Factor Authentication (2FA/MFA)
- Google Authenticator (2FA/MFA)
- MSSP org
Symptoms
- Attempts to disable 2FA/MFA fail, resulting in error
There was an error disabling authentication.
Request failed with status code 400
- Details of error in Developer Tools or Web Inspector
{
"success" : false,
"message" : "MSSP orgs are not allowed to disable 2fa"
}
Cause
Previously, once 2FA/MFA has been enabled on an MSSP organization, it could not be disabled without the assistance of VMware Carbon Black Support.
Resolution
This is has been reported to have been resolved in EA-18840/DSER-34761 which was released with the February '24 console release (1.23)
Additional Notes
- See more details in the console release notes under DSER-34761
- Best practice is to open a secondary browser window when enabling either 2FA/MFA or SAML/SSO to allow for changes to be made to those settings until login is successful
Related Content