I started looking at the MFA on Command Centre and baffled as it is flawed. If my domain account has been compromised, I would be expecting the second factor to be the 2nd line of defence. But no, you can request a new pin that gets sent to your compromised domain account e-mail address. I then looked to see if I can amend my account by adding an external e-mail address, but LDAP pulls this from the domain and can not be edited. By editing the e-mail script we can omit the pin, but I think this hasn’t been thought through by Commvault, considering that backups are supposed to be the last line of defence against a cyber attack the two factor serves only to delay the time it takes for SMTP to deliver a new pin.
Page 2 / 2
Already did few months back they don't have any way apart from modifying the email template .
TFA email can be disabled using this Additional settings. If set at commcell level, it will disable for all the users that belongs to the commcell.
Name: DisableTFAEmail
Category: CommServDB.Console
Type: Boolean
value: true
TFA email can be disabled using this Additional settings. If set at commcell level, it will disable for all the users that belongs to the commcell.
Name: DisableTFAEmail
Category: CommServDB.Console
Type: Boolean
value: true
Thank you . This is working.
Reply
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.