Reset MFA-Enabled UDP Console When TOTP is Not Available

Symptom

After the Multi-factor Authentication (MFA) login process is enabled on the UDP console, you may:

• Forget to scan QR code
• Lose your mobile device that contains an authenticator app
• Uninstall the authenticator app

Solution 1

If you are a super admin or an admin or non-admin user, contact your admin or other admin users of UDP to reset the QR code from the UDP Console.

Solution 2

If you are a super admin or admin user, you can scan the QR code image for a new TOTP using the Identity Server dashboard portal.

Follow these steps:

1. Log into the Identity Server dashboard.
2. For example: https://localhost:8012/dashboard
3. The User Portal page appears.
4. 
2. On the User Portal page, click View details.
3. The My Profile page appears.
3. On the My Profile page, under Enable TOTP, click Scan QR code to view a QR code image.
4.  
4. To generate the TOTP, scan the QR code image using an authenticator app.
5. 
5. Go to the UDP console login page, and then log in using newly generated TOTP.

Solution 3

If you are a super admin user, you can remove the existing settings completely.

Follow these steps:

1. Navigate to the …\Program Files\Arcserve\Unified Data Protection\Management\IdentityServer\repository\conf path, and then open the carbon.xml file with an editor.
2. In the carbon.xml file, comment out the HideMenuItemIds XML tags, and then save the file.
3. 
3. Restart the Arcserve UDP Identity Service.
4. Launch the User Management console. For more information, see Launch the Arcserve UDP User Management Console.
5. The Identity Service Console page appears.
5. Go to Home > Identity > Service Providers > List.
6. 
6. On the Service Providers list, for arcserve_service_provider, click Edit.
7. 
7. Expand the Local & Outbound Authentication Configuration drop-down, and then select Advanced Configuration.
8. 
9. The Advanced Configuration for arcserve_service_provider page appears.
8. On the Advanced Configuration for arcserve_service_provider page, under Authentication Step Configuration, to remove step 2, click the Delete icon.
9. 
9. Click Update to save the changes.
10. 
11. The existing settings are removed.
10. Go to the UDP login page, and then log in using the username and password.
11. Go to Settings > User Management.
12. Under the Multi-Factor Authentication section, to disable MFA, turn the Setting OFF.
13. Click Save.
14. The settings for MFA login are removed successfully.