Hello Commvault Community!
I would like to ask you about the topic of Multi-factor authentication Commvault.
First Question:
Is it possible in MFA to block the sending of e-mails with one-time codes, apart from sending the first e-mail with the code to the authentication application?
I guess the solution to the problem should be to disable MFA for specific users, but then that user won't be protected anymore, right? In the case of MFA, it is not possible to send the authentication code once, and then it would not be needed again to log in correctly, I think right?
Second Question:
The client has two accounts in Active Directory:
- One - regular user, with a mailbox (adam_johnson@abc.com.pl) - logging in via MFA works fine
- The second - which has administrator permissions (also in Commvault) - this account hasn’t mailbox (however, it has the email address adm.ajohson@abc.com.pl). An alias has been set up in Exchange and e-mails sent to adm.ajohnson@abc.com.pl are forwarded to adam.johnson@abc.com.pl. The test e-mail sent from Commvault to the address adm.ajohnson@abc.com.pl reaches correctly to the e-mail adam_johnson@abc.com.pl. After enabling MFA in CommCell and trying to log in to the account with the alias adm.ajohnson@abc.com.pl, I have an error as in the attachment.
If there is an e-mail address in the usera field (e.g. xxx@abc.pl), everything is fine. However, when the User Mail field contains an address that is an alias to the mailbox (i.e. the address alias.xxx@abc.pl, which is forwarded to xxx@abc.pl), Commvault throws an error message when sending an email with authentication codes. I would like to add that messages delivered to an alias address work without any problems.
I am asking for help and for information whether this is the correct behavior or should give MFA access to the account with the alias without any problems.
Thanks&Regards,
Kamil