Threat Report: Exposing Malware in Linux-Based Multi-Cloud Environments | Download Now

Carbon Black Cloud: MSSP org unable to disable Duo or Google 2FA/MFA

Carbon Black Cloud: MSSP org unable to disable Duo or Google 2FA/MFA

Environment

  • Carbon Black Cloud console: January '24 Release (1.22) and lower
  • Duo Security Two Factor Authentication/Multi-Factor Authentication (2FA/MFA)
  • Google Authenticator (2FA/MFA)
  • MSSP org

Symptoms

  • Attempts to disable 2FA/MFA fail, resulting in error
    There was an error disabling authentication.
    Request failed with status code 400
  • Details of error in Developer Tools or Web Inspector
    {
      "success" : false,
      "message" : "MSSP orgs are not allowed to disable 2fa"
    }

Cause

Previously, once 2FA/MFA has been enabled on an MSSP organization, it could not be disabled without the assistance of VMware Carbon Black Support.

Resolution

This is has been reported to have been resolved in EA-18840/DSER-34761 which was released with the February '24 console release (1.23)

Additional Notes

  • See more details in the console release notes under DSER-34761
  • Best practice is to open a secondary browser window when enabling either 2FA/MFA or SAML/SSO to allow for changes to be made to those settings until login is successful

Related Content


Was this article helpful? Yes No
100% helpful (1/1)
Article Information
Author:
Creation Date:
‎09-09-2020
Views:
1144
Contributors