Problem connecting to O365 / Exchange /Azure

Moderator: crythias

Post Reply
rs1
Znuny newbie
Posts: 4
Joined: 26 Sep 2022, 15:16
Znuny Version: 6.4.3
Real Name: Robert

Problem connecting to O365 / Exchange /Azure

Post by rs1 »

Hi,

we are alos having the problem with OAuth2 and Office365.
We always get 2 BAD User is authenticated but not connected
We have configured everythin in Znuny and in Azure.

@Roy you wrote that the solution is to authenticate the token with user credentials and password.
Can you tell us how this can be done?

We are unsing Znuny v6.4.3
Johannes
Moderator
Posts: 391
Joined: 30 Jan 2008, 02:26
Znuny Version: All of them ^^
Real Name: Hannes
Company: Znuny|OTTERHUB

Re: Problem connecting to O365 / Exchange /Azure

Post by Johannes »

Hi,
I split the topic from: viewtopic.php?t=41126

please post some information about what you have done and how.
As detailed as possible.
- What permission did you set in Azure
- Is the user, you use to authenticate allowed to read the mailbox
- What is the log error message in Znuny
...

Regards
rs1
Znuny newbie
Posts: 4
Joined: 26 Sep 2022, 15:16
Znuny Version: 6.4.3
Real Name: Robert

Re: Problem connecting to O365 / Exchange /Azure

Post by rs1 »

Hi,

here are some more information what we did so far.

We testet everything with a user mail account and with a functional mail account.

- registered an application in Azure portal.
- granted the rights:
- https://outlook.office.com/IMAP.AccessAsUser.All
- https://outlook.office.com/POP.AccessAsUser.All
- https://outlook.office.com/SMTP.Send offline_access

- added an OAuth2 token configuration in Znuny
- added client-id, client-secred and all needed URLs for authentication code and refresh token

- created an PostMaster Mail account in Znuny
- Type: IMAPS
- Authentication type: OAuht2 token
- Host: outlook.office365.com
- IMAP Folder: INBOX

We get the following error message in Znuny:

Code: Select all

[root]# su -c "./otrs.Console.pl Maint::PostMaster::MailAccountFetch --debug --mail-account-id 22" -s /bin/bash otrs

Spawning child process to fetch incoming messages from mail accounts...

outlook.office365.com (IMAPS)...
IMAPS: Connection to outlook.office365.com closed.

Started at Tue Sep 27 06:54:01 2022
Using Mail::IMAPClient version 3.37 on perl 5.016003
Connecting with IO::Socket::SSL PeerAddr outlook.office365.com PeerPort 993 Proto tcp Timeout 600 Debug 1 SSL_verify_mode 0
Connected to outlook.office365.com
Read: 	* OK The Microsoft Exchange IMAP4 service is ready. [XYZ]
Sending: 1 AUTHENTICATE XOAUTH2
Sent 24 bytes
Read: 	+
Sending: xzy
Sent 3138 bytes
Read: 	1 OK AUTHENTICATE completed.
Sending: 2 SELECT Inbox
Sent 16 bytes
Read: 	2 BAD User is authenticated but not connected.
ERROR: 2 BAD User is authenticated but not connected. at /usr/share/perl5/vendor_perl/Mail/IMAPClient.pm line 1364.
	Mail::IMAPClient::__ANON__('2 BAD User is authenticated but not connected.\x{d}\x{a}') called at /usr/share/perl5/vendor_perl/Mail/IMAPClient.pm line 1400
	Mail::IMAPClient::_get_response('Mail::IMAPClient=HASH(0x45a27f0)', 2, undef) called at /usr/share/perl5/vendor_perl/Mail/IMAPClient.pm line 1326
	Mail::IMAPClient::_imap_command_do('Mail::IMAPClient=HASH(0x45a27f0)', 'SELECT Inbox') called at /usr/share/perl5/vendor_perl/Mail/IMAPClient.pm line 1225
	Mail::IMAPClient::_imap_command('Mail::IMAPClient=HASH(0x45a27f0)', 'SELECT Inbox') called at /usr/share/perl5/vendor_perl/Mail/IMAPClient.pm line 845
	Mail::IMAPClient::select('Mail::IMAPClient=HASH(0x45a27f0)', 'Inbox') called at /opt/otrs/Kernel/System/MailAccount/IMAP.pm line 301
	eval {...} called at /opt/otrs/Kernel/System/MailAccount/IMAP.pm line 305
	Kernel::System::MailAccount::IMAP::__ANON__('select', 'Inbox') called at /opt/otrs/Kernel/System/MailAccount/IMAP.pm line 331
	eval {...} called at /opt/otrs/Kernel/System/MailAccount/IMAP.pm line 345
	Kernel::System::MailAccount::IMAP::_Fetch('Kernel::System::MailAccount::IMAPS=HASH(0x371fad8)', 'ID', 22, 'ValidID', 1, 'UserID', 1, 'QueueID', 25, ...) called at /opt/otrs/Kernel/System/MailAccount/IMAP.pm line 157
	Kernel::System::MailAccount::IMAP::Fetch('Kernel::System::MailAccount::IMAPS=HASH(0x371fad8)', 'ID', 22, 'ValidID', 1, 'UserID', 1, 'QueueID', 25, ...) called at /opt/otrs/Kernel/System/MailAccount.pm line 649
	Kernel::System::MailAccount::MailAccountFetch('Kernel::System::MailAccount=HASH(0x365c6d8)', 'ChangeTime', '2022-09-26 16:03:08', 'ID', 22, 'ValidID', 1, 'CreateTime', '2022-09-15 09:14:48', ...) called at /opt/otrs/Kernel/System/Console/Command/Maint/PostMaster/MailAccountFetch.pm line 170
	eval {...} called at /opt/otrs/Kernel/System/Console/Command/Maint/PostMaster/MailAccountFetch.pm line 162
	Kernel::System::Console::Command::Maint::PostMaster::MailAccountFetch::Run('Kernel::System::Console::Command::Maint::PostMaster::MailAcco...') called at /opt/otrs/Kernel/System/Console/BaseCommand.pm line 460
	eval {...} called at /opt/otrs/Kernel/System/Console/BaseCommand.pm line 454
	Kernel::System::Console::BaseCommand::Execute('Kernel::System::Console::Command::Maint::PostMaster::MailAcco...', '--debug', '--mail-account-id', 22) called at /opt/otrs/Kernel/System/Console/InterfaceConsole.pm line 81
	Kernel::System::Console::InterfaceConsole::Run('Kernel::System::Console::InterfaceConsole=HASH(0xcea1a8)', 'Maint::PostMaster::MailAccountFetch', '--debug', '--mail-account-id', 22) called at ./otrs.Console.pl line 37
ERROR: 2 BAD User is authenticated but not connected. at /usr/share/perl5/vendor_perl/Mail/IMAPClient.pm line 1274.
	Mail::IMAPClient::_imap_command('Mail::IMAPClient=HASH(0x45a27f0)', 'SELECT Inbox') called at /usr/share/perl5/vendor_perl/Mail/IMAPClient.pm line 845
	Mail::IMAPClient::select('Mail::IMAPClient=HASH(0x45a27f0)', 'Inbox') called at /opt/otrs/Kernel/System/MailAccount/IMAP.pm line 301
	eval {...} called at /opt/otrs/Kernel/System/MailAccount/IMAP.pm line 305
	Kernel::System::MailAccount::IMAP::__ANON__('select', 'Inbox') called at /opt/otrs/Kernel/System/MailAccount/IMAP.pm line 331
	eval {...} called at /opt/otrs/Kernel/System/MailAccount/IMAP.pm line 345
	Kernel::System::MailAccount::IMAP::_Fetch('Kernel::System::MailAccount::IMAPS=HASH(0x371fad8)', 'ID', 22, 'ValidID', 1, 'UserID', 1, 'QueueID', 25, ...) called at /opt/otrs/Kernel/System/MailAccount/IMAP.pm line 157
	Kernel::System::MailAccount::IMAP::Fetch('Kernel::System::MailAccount::IMAPS=HASH(0x371fad8)', 'ID', 22, 'ValidID', 1, 'UserID', 1, 'QueueID', 25, ...) called at /opt/otrs/Kernel/System/MailAccount.pm line 649
	Kernel::System::MailAccount::MailAccountFetch('Kernel::System::MailAccount=HASH(0x365c6d8)', 'ChangeTime', '2022-09-26 16:03:08', 'ID', 22, 'ValidID', 1, 'CreateTime', '2022-09-15 09:14:48', ...) called at /opt/otrs/Kernel/System/Console/Command/Maint/PostMaster/MailAccountFetch.pm line 170
	eval {...} called at /opt/otrs/Kernel/System/Console/Command/Maint/PostMaster/MailAccountFetch.pm line 162
	Kernel::System::Console::Command::Maint::PostMaster::MailAccountFetch::Run('Kernel::System::Console::Command::Maint::PostMaster::MailAcco...') called at /opt/otrs/Kernel/System/Console/BaseCommand.pm line 460
	eval {...} called at /opt/otrs/Kernel/System/Console/BaseCommand.pm line 454
	Kernel::System::Console::BaseCommand::Execute('Kernel::System::Console::Command::Maint::PostMaster::MailAcco...', '--debug', '--mail-account-id', 22) called at /opt/otrs/Kernel/System/Console/InterfaceConsole.pm line 81
	Kernel::System::Console::InterfaceConsole::Run('Kernel::System::Console::InterfaceConsole=HASH(0xcea1a8)', 'Maint::PostMaster::MailAccountFetch', '--debug', '--mail-account-id', 22) called at ./otrs.Console.pl line 37
ERROR: OTRS-otrs.Console.pl-Maint::PostMaster::MailAccountFetch-10 Perl: 5.16.3 OS: linux Time: Tue Sep 27 08:54:02 2022

 Message: Error while retrieving the messages 'IMAPS': Could not select:


 Traceback (7348):
   Module: Kernel::System::MailAccount::IMAP::_Fetch Line: 347
   Module: Kernel::System::MailAccount::IMAP::Fetch Line: 157
   Module: Kernel::System::MailAccount::MailAccountFetch Line: 649
   Module: (eval) Line: 170
   Module: Kernel::System::Console::Command::Maint::PostMaster::MailAccountFetch::Run Line: 162
   Module: (eval) Line: 460
   Module: Kernel::System::Console::BaseCommand::Execute Line: 454
   Module: Kernel::System::Console::InterfaceConsole::Run Line: 81
   Module: ./otrs.Console.pl Line: 37

Sending: 3 CLOSE
Sent 9 bytes
Read: 	3 BAD User is authenticated but not connected.
  	* BYE Connection closed. 14
ERROR: 3 BAD User is authenticated but not connected. at /usr/share/perl5/vendor_perl/Mail/IMAPClient.pm line 1364.
	Mail::IMAPClient::__ANON__('3 BAD User is authenticated but not connected.\x{d}\x{a}') called at /usr/share/perl5/vendor_perl/Mail/IMAPClient.pm line 1400
	Mail::IMAPClient::_get_response('Mail::IMAPClient=HASH(0x45a27f0)', 3, undef) called at /usr/share/perl5/vendor_perl/Mail/IMAPClient.pm line 1326
	Mail::IMAPClient::_imap_command_do('Mail::IMAPClient=HASH(0x45a27f0)', 'CLOSE') called at /usr/share/perl5/vendor_perl/Mail/IMAPClient.pm line 1225
	Mail::IMAPClient::_imap_command('Mail::IMAPClient=HASH(0x45a27f0)', 'CLOSE') called at /usr/share/perl5/vendor_perl/Mail/IMAPClient.pm line 2289
	Mail::IMAPClient::close('Mail::IMAPClient=HASH(0x45a27f0)') called at /opt/otrs/Kernel/System/MailAccount/IMAP.pm line 301
	eval {...} called at /opt/otrs/Kernel/System/MailAccount/IMAP.pm line 305
	Kernel::System::MailAccount::IMAP::__ANON__('close') called at /opt/otrs/Kernel/System/MailAccount/IMAP.pm line 521
	Kernel::System::MailAccount::IMAP::_Fetch('Kernel::System::MailAccount::IMAPS=HASH(0x371fad8)', 'ID', 22, 'ValidID', 1, 'UserID', 1, 'QueueID', 25, ...) called at /opt/otrs/Kernel/System/MailAccount/IMAP.pm line 157
	Kernel::System::MailAccount::IMAP::Fetch('Kernel::System::MailAccount::IMAPS=HASH(0x371fad8)', 'ID', 22, 'ValidID', 1, 'UserID', 1, 'QueueID', 25, ...) called at /opt/otrs/Kernel/System/MailAccount.pm line 649
	Kernel::System::MailAccount::MailAccountFetch('Kernel::System::MailAccount=HASH(0x365c6d8)', 'ChangeTime', '2022-09-26 16:03:08', 'ID', 22, 'ValidID', 1, 'CreateTime', '2022-09-15 09:14:48', ...) called at /opt/otrs/Kernel/System/Console/Command/Maint/PostMaster/MailAccountFetch.pm line 170
	eval {...} called at /opt/otrs/Kernel/System/Console/Command/Maint/PostMaster/MailAccountFetch.pm line 162
	Kernel::System::Console::Command::Maint::PostMaster::MailAccountFetch::Run('Kernel::System::Console::Command::Maint::PostMaster::MailAcco...') called at /opt/otrs/Kernel/System/Console/BaseCommand.pm line 460
	eval {...} called at /opt/otrs/Kernel/System/Console/BaseCommand.pm line 454
	Kernel::System::Console::BaseCommand::Execute('Kernel::System::Console::Command::Maint::PostMaster::MailAcco...', '--debug', '--mail-account-id', 22) called at /opt/otrs/Kernel/System/Console/InterfaceConsole.pm line 81
	Kernel::System::Console::InterfaceConsole::Run('Kernel::System::Console::InterfaceConsole=HASH(0xcea1a8)', 'Maint::PostMaster::MailAccountFetch', '--debug', '--mail-account-id', 22) called at ./otrs.Console.pl line 37
ERROR: * BYE Connection closed. 14 at /usr/share/perl5/vendor_perl/Mail/IMAPClient.pm line 1415.
	Mail::IMAPClient::_get_response('Mail::IMAPClient=HASH(0x45a27f0)', 3, undef) called at /usr/share/perl5/vendor_perl/Mail/IMAPClient.pm line 1326
	Mail::IMAPClient::_imap_command_do('Mail::IMAPClient=HASH(0x45a27f0)', 'CLOSE') called at /usr/share/perl5/vendor_perl/Mail/IMAPClient.pm line 1225
	Mail::IMAPClient::_imap_command('Mail::IMAPClient=HASH(0x45a27f0)', 'CLOSE') called at /usr/share/perl5/vendor_perl/Mail/IMAPClient.pm line 2289
	Mail::IMAPClient::close('Mail::IMAPClient=HASH(0x45a27f0)') called at /opt/otrs/Kernel/System/MailAccount/IMAP.pm line 301
	eval {...} called at /opt/otrs/Kernel/System/MailAccount/IMAP.pm line 305
	Kernel::System::MailAccount::IMAP::__ANON__('close') called at /opt/otrs/Kernel/System/MailAccount/IMAP.pm line 521
	Kernel::System::MailAccount::IMAP::_Fetch('Kernel::System::MailAccount::IMAPS=HASH(0x371fad8)', 'ID', 22, 'ValidID', 1, 'UserID', 1, 'QueueID', 25, ...) called at /opt/otrs/Kernel/System/MailAccount/IMAP.pm line 157
	Kernel::System::MailAccount::IMAP::Fetch('Kernel::System::MailAccount::IMAPS=HASH(0x371fad8)', 'ID', 22, 'ValidID', 1, 'UserID', 1, 'QueueID', 25, ...) called at /opt/otrs/Kernel/System/MailAccount.pm line 649
	Kernel::System::MailAccount::MailAccountFetch('Kernel::System::MailAccount=HASH(0x365c6d8)', 'ChangeTime', '2022-09-26 16:03:08', 'ID', 22, 'ValidID', 1, 'CreateTime', '2022-09-15 09:14:48', ...) called at /opt/otrs/Kernel/System/Console/Command/Maint/PostMaster/MailAccountFetch.pm line 170
	eval {...} called at /opt/otrs/Kernel/System/Console/Command/Maint/PostMaster/MailAccountFetch.pm line 162
	Kernel::System::Console::Command::Maint::PostMaster::MailAccountFetch::Run('Kernel::System::Console::Command::Maint::PostMaster::MailAcco...') called at /opt/otrs/Kernel/System/Console/BaseCommand.pm line 460
	eval {...} called at /opt/otrs/Kernel/System/Console/BaseCommand.pm line 454
	Kernel::System::Console::BaseCommand::Execute('Kernel::System::Console::Command::Maint::PostMaster::MailAcco...', '--debug', '--mail-account-id', 22) called at /opt/otrs/Kernel/System/Console/InterfaceConsole.pm line 81
	Kernel::System::Console::InterfaceConsole::Run('Kernel::System::Console::InterfaceConsole=HASH(0xcea1a8)', 'Maint::PostMaster::MailAccountFetch', '--debug', '--mail-account-id', 22) called at ./otrs.Console.pl line 37
ERROR: * BYE Connection closed. 14 at /usr/share/perl5/vendor_perl/Mail/IMAPClient.pm line 1274.
	Mail::IMAPClient::_imap_command('Mail::IMAPClient=HASH(0x45a27f0)', 'CLOSE') called at /usr/share/perl5/vendor_perl/Mail/IMAPClient.pm line 2289
	Mail::IMAPClient::close('Mail::IMAPClient=HASH(0x45a27f0)') called at /opt/otrs/Kernel/System/MailAccount/IMAP.pm line 301
	eval {...} called at /opt/otrs/Kernel/System/MailAccount/IMAP.pm line 305
	Kernel::System::MailAccount::IMAP::__ANON__('close') called at /opt/otrs/Kernel/System/MailAccount/IMAP.pm line 521
	Kernel::System::MailAccount::IMAP::_Fetch('Kernel::System::MailAccount::IMAPS=HASH(0x371fad8)', 'ID', 22, 'ValidID', 1, 'UserID', 1, 'QueueID', 25, ...) called at /opt/otrs/Kernel/System/MailAccount/IMAP.pm line 157
	Kernel::System::MailAccount::IMAP::Fetch('Kernel::System::MailAccount::IMAPS=HASH(0x371fad8)', 'ID', 22, 'ValidID', 1, 'UserID', 1, 'QueueID', 25, ...) called at /opt/otrs/Kernel/System/MailAccount.pm line 649
	Kernel::System::MailAccount::MailAccountFetch('Kernel::System::MailAccount=HASH(0x365c6d8)', 'ChangeTime', '2022-09-26 16:03:08', 'ID', 22, 'ValidID', 1, 'CreateTime', '2022-09-15 09:14:48', ...) called at /opt/otrs/Kernel/System/Console/Command/Maint/PostMaster/MailAccountFetch.pm line 170
	eval {...} called at /opt/otrs/Kernel/System/Console/Command/Maint/PostMaster/MailAccountFetch.pm line 162
	Kernel::System::Console::Command::Maint::PostMaster::MailAccountFetch::Run('Kernel::System::Console::Command::Maint::PostMaster::MailAcco...') called at /opt/otrs/Kernel/System/Console/BaseCommand.pm line 460
	eval {...} called at /opt/otrs/Kernel/System/Console/BaseCommand.pm line 454
	Kernel::System::Console::BaseCommand::Execute('Kernel::System::Console::Command::Maint::PostMaster::MailAcco...', '--debug', '--mail-account-id', 22) called at /opt/otrs/Kernel/System/Console/InterfaceConsole.pm line 81
	Kernel::System::Console::InterfaceConsole::Run('Kernel::System::Console::InterfaceConsole=HASH(0xcea1a8)', 'Maint::PostMaster::MailAccountFetch', '--debug', '--mail-account-id', 22) called at ./otrs.Console.pl line 37
Done.
If you need more information pleas let me know.

- Robert
Johannes
Moderator
Posts: 391
Joined: 30 Jan 2008, 02:26
Znuny Version: All of them ^^
Real Name: Hannes
Company: Znuny|OTTERHUB

Re: Problem connecting to O365 / Exchange /Azure

Post by Johannes »

Hi Robert,

my guess is that the user, which authenticates in Znuny is not allowed to access the mailbox.

First: Please check if IMAP is enabled for the mailbox you want to fetch.
Second: The user which provides the consent -> The popup you get when requesting a new token, does not have the needed permission to access the mailbox.
It often happens that the user from your current windows login is used (which might be yours). But the user is not allowed to access the actual mailbox content. If your user does not have the proper permissions you need to switch or use the "private mode" and use your "technical" user in your browser.
Third: We recommend to use the GRAPH API not the old ones
Mattermost Desktop App 2022-09-27 17-05-20.png
Regards
You do not have the required permissions to view the files attached to this post.
rs1
Znuny newbie
Posts: 4
Joined: 26 Sep 2022, 15:16
Znuny Version: 6.4.3
Real Name: Robert

Re: Problem connecting to O365 / Exchange /Azure

Post by rs1 »

Hi Johannes,

thanks for your reply.
First: Please check if IMAP is enabled for the mailbox you want to fetch.
I will chek that IMAP is enabled for our mailbox but i must wait on a colleague to do this.
Second: The user which provides the consent -> The popup you get when...
I use the correct user and i also tried it in "private mode". When the login form shows up I am logging in with the correct user and then it asks me if it is ok to give permission to the IMAP.AccessAsUser.ALL, etc rights.
Third: We recommend to use the GRAPH API not the old ones
We are using the GRAPH API.
The only difference is, that we are using Type Delegated and not Type Application.
When we want to use Application it says that this is not allowed in our company.
Could this be the problem, that we must use Type Application?

- Robert
rs1
Znuny newbie
Posts: 4
Joined: 26 Sep 2022, 15:16
Znuny Version: 6.4.3
Real Name: Robert

Re: Problem connecting to O365 / Exchange /Azure

Post by rs1 »

Hi,

sorry for my late post. I was bussy the last few days.

We solved our problem.
As you already mentioned the problem was that IMAP was not enabled for that mailbox.
WernerM
Znuny newbie
Posts: 10
Joined: 16 Aug 2022, 15:38
Znuny Version: 6.3
Real Name: Werner Murnau

Re: Problem connecting to O365 / Exchange /Azure

Post by WernerM »

Hi,

what is the minimum version which provides the usage of Graph API? We do not want to use IMAPS anymore.

Thanks.
root
Administrator
Posts: 3934
Joined: 18 Dec 2007, 12:23
Znuny Version: Znuny and Znuny LTS
Real Name: Roy Kaldung
Company: Znuny
Contact:

Re: Problem connecting to O365 / Exchange /Azure

Post by root »

WernerM wrote: 18 Oct 2022, 18:35 what is the minimum version which provides the usage of Graph API? We do not want to use IMAPS anymore.
Hi,

Only POP3 and IMAP (and their variants) are available to fetch e-mails. Fetching with the Graph API is not implemented yet and not planned.

- Roy
Znuny and Znuny LTS running on CentOS / RHEL / Debian / SLES / MySQL / PostgreSQL / Oracle / OpenLDAP / Active Directory / SSO

Use a test system - always.

Do you need professional services? Check out https://www.znuny.com/

Do you want to contribute or want to know where it goes ?
Post Reply