How can I avoid 2FA login from intern Office location.
Can you be a bit more specific about login to where?
privacyIDEA can define policies based on the client IP. A plugin (actually RADIUS does, and SAML does) can forward the originial clients IP to the privacyIDEA server.
However, the owncloud plugin does not forward the client IP and also the way, ownCloud allows to add 2FA, does not allow to do this decision in the backend.
I think such logic would have to be implemented in the privacyIDEA ownCloud plugin.
Would you mind open a feature request issue here?