Issues with Synology DSM on latest HassIO 0.117.0?

Hi,

I use to have the integration work without issues, and then recently I noticed that the camera feeds weren’t working, so then I decided to delete and recreate the integration, only to be greeted with more problems (basically zero entities are showing). I know prior to 0.117.0 my synology integration was working and the camera streams were visible to HA and all the relating entities populated.

Also in the logs I get greeted with the errors below:

* Error setting up entry myDSMserver.com for synology_dsm
Traceback (most recent call last):
  File "/usr/src/homeassistant/homeassistant/config_entries.py", line 234, in async_setup
    result = await component.async_setup_entry(hass, self)  # type: ignore
  File "/usr/src/homeassistant/homeassistant/components/synology_dsm/__init__.py", line 168, in async_setup_entry
    await api.async_setup()
  File "/usr/src/homeassistant/homeassistant/components/synology_dsm/__init__.py", line 262, in async_setup
    await self._hass.async_add_executor_job(
  File "/usr/local/lib/python3.8/concurrent/futures/thread.py", line 57, in run
    result = self.fn(*self.args, **self.kwargs)
  File "/usr/local/lib/python3.8/site-packages/synology_dsm/synology_dsm.py", line 160, in login
    raise switcher.get(
synology_dsm.exceptions.SynologyDSMLogin2SAFailedException: {'api': 'SYNO.API.Auth', 'code': 404, 'reason': 'One time password authenticate failed', 'details': 'Two-step authentication failed, retry with a new pass code'}

I’ve tried to recreate the integration a few times with no luck. If anyone has any ideas, that would be great.

Having the same issue - camera streams from Synology are not working post .117 update.

Hi,

I was poking around github for HA, and noticed this:

Do you use 2FA for your DSM?

To be honest, I’ve tested on two systems and all is working as expected.
Do you use two factor authentication? Error above is because of it:

It’s clear to me that it’s a 2FA issue, but I’d rather not have an admin account without 2FA. So the question is why this suddenly stopped working. Any way to enter the 2FA code again? I got prompted the code when I added the integration the first time.

Might not be a Home Assistant issue, but having to re-enter the 2FA code every few days or whatever seem to be a huge flaw.

edit: For now I’ve made a special Home Assistant admin account, and I had to disable the ‘enforce 2FA For admins’ in my DSM config. Doesn’t feel great, but might be the easiest work-around for now.

@Gerben321 glad to hear that it’s just a 2FA issue. The question is how much permissions you provided for that non 2fa account for the entities to properly show up?

Yea I am not too hot about not having 2FA as security these days is sooo important.

Well, it has to be an account in the administrator group, so it has loads of rights. You can take away some apps from the account, but in theory it can still manage your whole NAS as far as I know. So I really don’t like to keep this as a permanent solution.

Thanks for the info, clearly I am in the same boat as you in terms of concern, as setting up an admin account without 2fa is no fun. Let’s hope the devs figure out the issue.

But you did limit access to everything? It’s possible to have admin (group) account and make it so it can’t access and service.

well… In my case I create a specific user which will have no access to anywhere and since my Synology dont have outside access then 2FA should not be implemented.

Exactly what I’ve done with mine too.

Although of course as the account is an admin account, even if you limit/deny access to everything, it has the capability itself to go in and re-enable access again for itself.

So it’s a temporary solution, but 2FA is still needed to work again long-term.

True, that’s why there is issue on GitHub to get this fixed and this is currently workaround.
And if you remember, 2FA was only added recently since it was not supported before new Synology DSM integration (if I remember correctly).

Hi All, the latest 0.117.3 update fixes the 2FA issue. I’ve tested it personally.