Secure your SuiteCRM password and account data by implementing two-factor authentication with Google Authenticator.
#3881 - Enabling 2fa disables System Administrator User access
SuiteCRM Version 7.11.22 Sugar Version 6.5.25 (Build 344) Mariadb 10.6.4 CentOS 7.9.2009 php remi 7.4.24
If the user is a System Administrator User in suitecrm and 2FA is enabled, the user is demoted to a regular user on next login. The database table 'users' is changing the 'is_admin' value of 1 to 0. This occurs right after the QRcode value is entered. This is a fresh install and was not upgraded from a previous version. Forcing the database change using the following command is the current work around for the issue after the user logs in and refreshes the browser.
update users SET is_admin=1 WHERE user_name='admin';
The value is not staying set.
3 years ago
Hi Brian,
We thoroughly investigated and reviewed our code as well but we couldn't see the mentioned bug in our package. We also searched for code setting is_admin=0 bit and couldn't find anywhere in our plugin code.
Can you please give this one more try and let us know. If you still facing the issue, can you please forward system details at info@helfertech.com so that we could look into it.
Thank you.
3 years ago
I can confirm this bug on fresh installation of SuiteCRM-7.11.22. There is nothing in plugin code that can make this change so there must be something in SuiteCRM logic.
3 years ago
Do you have an escalation process through them? I know that they were initially pointing to possibly the MariaDB version. I have 10.6 and they are back on 10.3 for the supported database version. I didn't go digging into the differences, but that seems like it is a minor update. Not sure if that is the issue or not. However that does mean that it is a reproducible bug.
3 years ago
Hi Brian,
It seems bug with SuiteCRM 7.11.22 version but we adjusted our plugin code to avoid the issue. We uploaded the new version(V4) to store. Can you please install latest verion(V4) for two factor authentication and check this. We tested this on our end and it is now working poperly for admin users as well.
Let me know if you still see any issue. Thank you.
3 years ago
That worked. If you have the V3 installed, use the Module Loader to do the upgrade and not the Upgrade Wizard. Thanks for the patch.
3 years ago
I'm install V4 and now I lose my administrator, fix it pls.
3 years ago
I think when choose the option "Required for all users" your code automatic update set isadmin = 0 for all user, fix check.
3 years ago
Hi Hoang,
We are not using any query related to setting is_admin=0. There is some default suitecrm code which reverts admin status while we save any user bean. We updated most of code in version 4 to avoid that issue but there was still a conflicting code in our plugin which was causing stated issue. We fixed the issue for all scenarios and tested. Please download V5 and install that patch after uninstalling currently installed V4. It would start working then. Please let us know if there is any feedback.
Thank you.