Hi,
we are alos having the problem with OAuth2 and Office365.
We always get 2 BAD User is authenticated but not connected
We have configured everythin in Znuny and in Azure.
@Roy you wrote that the solution is to authenticate the token with user credentials and password.
Can you tell us how this can be done?
We are unsing Znuny v6.4.3
Problem connecting to O365 / Exchange /Azure
Moderator: crythias
-
- Moderator
- Posts: 393
- Joined: 30 Jan 2008, 02:26
- Znuny Version: All of them ^^
- Real Name: Hannes
- Company: Znuny|OTTERHUB
Re: Problem connecting to O365 / Exchange /Azure
Hi,
I split the topic from: viewtopic.php?t=41126
please post some information about what you have done and how.
As detailed as possible.
- What permission did you set in Azure
- Is the user, you use to authenticate allowed to read the mailbox
- What is the log error message in Znuny
...
Regards
I split the topic from: viewtopic.php?t=41126
please post some information about what you have done and how.
As detailed as possible.
- What permission did you set in Azure
- Is the user, you use to authenticate allowed to read the mailbox
- What is the log error message in Znuny
...
Regards
Re: Problem connecting to O365 / Exchange /Azure
Hi,
here are some more information what we did so far.
We testet everything with a user mail account and with a functional mail account.
- registered an application in Azure portal.
- granted the rights:
- https://outlook.office.com/IMAP.AccessAsUser.All
- https://outlook.office.com/POP.AccessAsUser.All
- https://outlook.office.com/SMTP.Send offline_access
- added an OAuth2 token configuration in Znuny
- added client-id, client-secred and all needed URLs for authentication code and refresh token
- created an PostMaster Mail account in Znuny
- Type: IMAPS
- Authentication type: OAuht2 token
- Host: outlook.office365.com
- IMAP Folder: INBOX
We get the following error message in Znuny:
If you need more information pleas let me know.
- Robert
here are some more information what we did so far.
We testet everything with a user mail account and with a functional mail account.
- registered an application in Azure portal.
- granted the rights:
- https://outlook.office.com/IMAP.AccessAsUser.All
- https://outlook.office.com/POP.AccessAsUser.All
- https://outlook.office.com/SMTP.Send offline_access
- added an OAuth2 token configuration in Znuny
- added client-id, client-secred and all needed URLs for authentication code and refresh token
- created an PostMaster Mail account in Znuny
- Type: IMAPS
- Authentication type: OAuht2 token
- Host: outlook.office365.com
- IMAP Folder: INBOX
We get the following error message in Znuny:
Code: Select all
[root]# su -c "./otrs.Console.pl Maint::PostMaster::MailAccountFetch --debug --mail-account-id 22" -s /bin/bash otrs
Spawning child process to fetch incoming messages from mail accounts...
outlook.office365.com (IMAPS)...
IMAPS: Connection to outlook.office365.com closed.
Started at Tue Sep 27 06:54:01 2022
Using Mail::IMAPClient version 3.37 on perl 5.016003
Connecting with IO::Socket::SSL PeerAddr outlook.office365.com PeerPort 993 Proto tcp Timeout 600 Debug 1 SSL_verify_mode 0
Connected to outlook.office365.com
Read: * OK The Microsoft Exchange IMAP4 service is ready. [XYZ]
Sending: 1 AUTHENTICATE XOAUTH2
Sent 24 bytes
Read: +
Sending: xzy
Sent 3138 bytes
Read: 1 OK AUTHENTICATE completed.
Sending: 2 SELECT Inbox
Sent 16 bytes
Read: 2 BAD User is authenticated but not connected.
ERROR: 2 BAD User is authenticated but not connected. at /usr/share/perl5/vendor_perl/Mail/IMAPClient.pm line 1364.
Mail::IMAPClient::__ANON__('2 BAD User is authenticated but not connected.\x{d}\x{a}') called at /usr/share/perl5/vendor_perl/Mail/IMAPClient.pm line 1400
Mail::IMAPClient::_get_response('Mail::IMAPClient=HASH(0x45a27f0)', 2, undef) called at /usr/share/perl5/vendor_perl/Mail/IMAPClient.pm line 1326
Mail::IMAPClient::_imap_command_do('Mail::IMAPClient=HASH(0x45a27f0)', 'SELECT Inbox') called at /usr/share/perl5/vendor_perl/Mail/IMAPClient.pm line 1225
Mail::IMAPClient::_imap_command('Mail::IMAPClient=HASH(0x45a27f0)', 'SELECT Inbox') called at /usr/share/perl5/vendor_perl/Mail/IMAPClient.pm line 845
Mail::IMAPClient::select('Mail::IMAPClient=HASH(0x45a27f0)', 'Inbox') called at /opt/otrs/Kernel/System/MailAccount/IMAP.pm line 301
eval {...} called at /opt/otrs/Kernel/System/MailAccount/IMAP.pm line 305
Kernel::System::MailAccount::IMAP::__ANON__('select', 'Inbox') called at /opt/otrs/Kernel/System/MailAccount/IMAP.pm line 331
eval {...} called at /opt/otrs/Kernel/System/MailAccount/IMAP.pm line 345
Kernel::System::MailAccount::IMAP::_Fetch('Kernel::System::MailAccount::IMAPS=HASH(0x371fad8)', 'ID', 22, 'ValidID', 1, 'UserID', 1, 'QueueID', 25, ...) called at /opt/otrs/Kernel/System/MailAccount/IMAP.pm line 157
Kernel::System::MailAccount::IMAP::Fetch('Kernel::System::MailAccount::IMAPS=HASH(0x371fad8)', 'ID', 22, 'ValidID', 1, 'UserID', 1, 'QueueID', 25, ...) called at /opt/otrs/Kernel/System/MailAccount.pm line 649
Kernel::System::MailAccount::MailAccountFetch('Kernel::System::MailAccount=HASH(0x365c6d8)', 'ChangeTime', '2022-09-26 16:03:08', 'ID', 22, 'ValidID', 1, 'CreateTime', '2022-09-15 09:14:48', ...) called at /opt/otrs/Kernel/System/Console/Command/Maint/PostMaster/MailAccountFetch.pm line 170
eval {...} called at /opt/otrs/Kernel/System/Console/Command/Maint/PostMaster/MailAccountFetch.pm line 162
Kernel::System::Console::Command::Maint::PostMaster::MailAccountFetch::Run('Kernel::System::Console::Command::Maint::PostMaster::MailAcco...') called at /opt/otrs/Kernel/System/Console/BaseCommand.pm line 460
eval {...} called at /opt/otrs/Kernel/System/Console/BaseCommand.pm line 454
Kernel::System::Console::BaseCommand::Execute('Kernel::System::Console::Command::Maint::PostMaster::MailAcco...', '--debug', '--mail-account-id', 22) called at /opt/otrs/Kernel/System/Console/InterfaceConsole.pm line 81
Kernel::System::Console::InterfaceConsole::Run('Kernel::System::Console::InterfaceConsole=HASH(0xcea1a8)', 'Maint::PostMaster::MailAccountFetch', '--debug', '--mail-account-id', 22) called at ./otrs.Console.pl line 37
ERROR: 2 BAD User is authenticated but not connected. at /usr/share/perl5/vendor_perl/Mail/IMAPClient.pm line 1274.
Mail::IMAPClient::_imap_command('Mail::IMAPClient=HASH(0x45a27f0)', 'SELECT Inbox') called at /usr/share/perl5/vendor_perl/Mail/IMAPClient.pm line 845
Mail::IMAPClient::select('Mail::IMAPClient=HASH(0x45a27f0)', 'Inbox') called at /opt/otrs/Kernel/System/MailAccount/IMAP.pm line 301
eval {...} called at /opt/otrs/Kernel/System/MailAccount/IMAP.pm line 305
Kernel::System::MailAccount::IMAP::__ANON__('select', 'Inbox') called at /opt/otrs/Kernel/System/MailAccount/IMAP.pm line 331
eval {...} called at /opt/otrs/Kernel/System/MailAccount/IMAP.pm line 345
Kernel::System::MailAccount::IMAP::_Fetch('Kernel::System::MailAccount::IMAPS=HASH(0x371fad8)', 'ID', 22, 'ValidID', 1, 'UserID', 1, 'QueueID', 25, ...) called at /opt/otrs/Kernel/System/MailAccount/IMAP.pm line 157
Kernel::System::MailAccount::IMAP::Fetch('Kernel::System::MailAccount::IMAPS=HASH(0x371fad8)', 'ID', 22, 'ValidID', 1, 'UserID', 1, 'QueueID', 25, ...) called at /opt/otrs/Kernel/System/MailAccount.pm line 649
Kernel::System::MailAccount::MailAccountFetch('Kernel::System::MailAccount=HASH(0x365c6d8)', 'ChangeTime', '2022-09-26 16:03:08', 'ID', 22, 'ValidID', 1, 'CreateTime', '2022-09-15 09:14:48', ...) called at /opt/otrs/Kernel/System/Console/Command/Maint/PostMaster/MailAccountFetch.pm line 170
eval {...} called at /opt/otrs/Kernel/System/Console/Command/Maint/PostMaster/MailAccountFetch.pm line 162
Kernel::System::Console::Command::Maint::PostMaster::MailAccountFetch::Run('Kernel::System::Console::Command::Maint::PostMaster::MailAcco...') called at /opt/otrs/Kernel/System/Console/BaseCommand.pm line 460
eval {...} called at /opt/otrs/Kernel/System/Console/BaseCommand.pm line 454
Kernel::System::Console::BaseCommand::Execute('Kernel::System::Console::Command::Maint::PostMaster::MailAcco...', '--debug', '--mail-account-id', 22) called at /opt/otrs/Kernel/System/Console/InterfaceConsole.pm line 81
Kernel::System::Console::InterfaceConsole::Run('Kernel::System::Console::InterfaceConsole=HASH(0xcea1a8)', 'Maint::PostMaster::MailAccountFetch', '--debug', '--mail-account-id', 22) called at ./otrs.Console.pl line 37
ERROR: OTRS-otrs.Console.pl-Maint::PostMaster::MailAccountFetch-10 Perl: 5.16.3 OS: linux Time: Tue Sep 27 08:54:02 2022
Message: Error while retrieving the messages 'IMAPS': Could not select:
Traceback (7348):
Module: Kernel::System::MailAccount::IMAP::_Fetch Line: 347
Module: Kernel::System::MailAccount::IMAP::Fetch Line: 157
Module: Kernel::System::MailAccount::MailAccountFetch Line: 649
Module: (eval) Line: 170
Module: Kernel::System::Console::Command::Maint::PostMaster::MailAccountFetch::Run Line: 162
Module: (eval) Line: 460
Module: Kernel::System::Console::BaseCommand::Execute Line: 454
Module: Kernel::System::Console::InterfaceConsole::Run Line: 81
Module: ./otrs.Console.pl Line: 37
Sending: 3 CLOSE
Sent 9 bytes
Read: 3 BAD User is authenticated but not connected.
* BYE Connection closed. 14
ERROR: 3 BAD User is authenticated but not connected. at /usr/share/perl5/vendor_perl/Mail/IMAPClient.pm line 1364.
Mail::IMAPClient::__ANON__('3 BAD User is authenticated but not connected.\x{d}\x{a}') called at /usr/share/perl5/vendor_perl/Mail/IMAPClient.pm line 1400
Mail::IMAPClient::_get_response('Mail::IMAPClient=HASH(0x45a27f0)', 3, undef) called at /usr/share/perl5/vendor_perl/Mail/IMAPClient.pm line 1326
Mail::IMAPClient::_imap_command_do('Mail::IMAPClient=HASH(0x45a27f0)', 'CLOSE') called at /usr/share/perl5/vendor_perl/Mail/IMAPClient.pm line 1225
Mail::IMAPClient::_imap_command('Mail::IMAPClient=HASH(0x45a27f0)', 'CLOSE') called at /usr/share/perl5/vendor_perl/Mail/IMAPClient.pm line 2289
Mail::IMAPClient::close('Mail::IMAPClient=HASH(0x45a27f0)') called at /opt/otrs/Kernel/System/MailAccount/IMAP.pm line 301
eval {...} called at /opt/otrs/Kernel/System/MailAccount/IMAP.pm line 305
Kernel::System::MailAccount::IMAP::__ANON__('close') called at /opt/otrs/Kernel/System/MailAccount/IMAP.pm line 521
Kernel::System::MailAccount::IMAP::_Fetch('Kernel::System::MailAccount::IMAPS=HASH(0x371fad8)', 'ID', 22, 'ValidID', 1, 'UserID', 1, 'QueueID', 25, ...) called at /opt/otrs/Kernel/System/MailAccount/IMAP.pm line 157
Kernel::System::MailAccount::IMAP::Fetch('Kernel::System::MailAccount::IMAPS=HASH(0x371fad8)', 'ID', 22, 'ValidID', 1, 'UserID', 1, 'QueueID', 25, ...) called at /opt/otrs/Kernel/System/MailAccount.pm line 649
Kernel::System::MailAccount::MailAccountFetch('Kernel::System::MailAccount=HASH(0x365c6d8)', 'ChangeTime', '2022-09-26 16:03:08', 'ID', 22, 'ValidID', 1, 'CreateTime', '2022-09-15 09:14:48', ...) called at /opt/otrs/Kernel/System/Console/Command/Maint/PostMaster/MailAccountFetch.pm line 170
eval {...} called at /opt/otrs/Kernel/System/Console/Command/Maint/PostMaster/MailAccountFetch.pm line 162
Kernel::System::Console::Command::Maint::PostMaster::MailAccountFetch::Run('Kernel::System::Console::Command::Maint::PostMaster::MailAcco...') called at /opt/otrs/Kernel/System/Console/BaseCommand.pm line 460
eval {...} called at /opt/otrs/Kernel/System/Console/BaseCommand.pm line 454
Kernel::System::Console::BaseCommand::Execute('Kernel::System::Console::Command::Maint::PostMaster::MailAcco...', '--debug', '--mail-account-id', 22) called at /opt/otrs/Kernel/System/Console/InterfaceConsole.pm line 81
Kernel::System::Console::InterfaceConsole::Run('Kernel::System::Console::InterfaceConsole=HASH(0xcea1a8)', 'Maint::PostMaster::MailAccountFetch', '--debug', '--mail-account-id', 22) called at ./otrs.Console.pl line 37
ERROR: * BYE Connection closed. 14 at /usr/share/perl5/vendor_perl/Mail/IMAPClient.pm line 1415.
Mail::IMAPClient::_get_response('Mail::IMAPClient=HASH(0x45a27f0)', 3, undef) called at /usr/share/perl5/vendor_perl/Mail/IMAPClient.pm line 1326
Mail::IMAPClient::_imap_command_do('Mail::IMAPClient=HASH(0x45a27f0)', 'CLOSE') called at /usr/share/perl5/vendor_perl/Mail/IMAPClient.pm line 1225
Mail::IMAPClient::_imap_command('Mail::IMAPClient=HASH(0x45a27f0)', 'CLOSE') called at /usr/share/perl5/vendor_perl/Mail/IMAPClient.pm line 2289
Mail::IMAPClient::close('Mail::IMAPClient=HASH(0x45a27f0)') called at /opt/otrs/Kernel/System/MailAccount/IMAP.pm line 301
eval {...} called at /opt/otrs/Kernel/System/MailAccount/IMAP.pm line 305
Kernel::System::MailAccount::IMAP::__ANON__('close') called at /opt/otrs/Kernel/System/MailAccount/IMAP.pm line 521
Kernel::System::MailAccount::IMAP::_Fetch('Kernel::System::MailAccount::IMAPS=HASH(0x371fad8)', 'ID', 22, 'ValidID', 1, 'UserID', 1, 'QueueID', 25, ...) called at /opt/otrs/Kernel/System/MailAccount/IMAP.pm line 157
Kernel::System::MailAccount::IMAP::Fetch('Kernel::System::MailAccount::IMAPS=HASH(0x371fad8)', 'ID', 22, 'ValidID', 1, 'UserID', 1, 'QueueID', 25, ...) called at /opt/otrs/Kernel/System/MailAccount.pm line 649
Kernel::System::MailAccount::MailAccountFetch('Kernel::System::MailAccount=HASH(0x365c6d8)', 'ChangeTime', '2022-09-26 16:03:08', 'ID', 22, 'ValidID', 1, 'CreateTime', '2022-09-15 09:14:48', ...) called at /opt/otrs/Kernel/System/Console/Command/Maint/PostMaster/MailAccountFetch.pm line 170
eval {...} called at /opt/otrs/Kernel/System/Console/Command/Maint/PostMaster/MailAccountFetch.pm line 162
Kernel::System::Console::Command::Maint::PostMaster::MailAccountFetch::Run('Kernel::System::Console::Command::Maint::PostMaster::MailAcco...') called at /opt/otrs/Kernel/System/Console/BaseCommand.pm line 460
eval {...} called at /opt/otrs/Kernel/System/Console/BaseCommand.pm line 454
Kernel::System::Console::BaseCommand::Execute('Kernel::System::Console::Command::Maint::PostMaster::MailAcco...', '--debug', '--mail-account-id', 22) called at /opt/otrs/Kernel/System/Console/InterfaceConsole.pm line 81
Kernel::System::Console::InterfaceConsole::Run('Kernel::System::Console::InterfaceConsole=HASH(0xcea1a8)', 'Maint::PostMaster::MailAccountFetch', '--debug', '--mail-account-id', 22) called at ./otrs.Console.pl line 37
ERROR: * BYE Connection closed. 14 at /usr/share/perl5/vendor_perl/Mail/IMAPClient.pm line 1274.
Mail::IMAPClient::_imap_command('Mail::IMAPClient=HASH(0x45a27f0)', 'CLOSE') called at /usr/share/perl5/vendor_perl/Mail/IMAPClient.pm line 2289
Mail::IMAPClient::close('Mail::IMAPClient=HASH(0x45a27f0)') called at /opt/otrs/Kernel/System/MailAccount/IMAP.pm line 301
eval {...} called at /opt/otrs/Kernel/System/MailAccount/IMAP.pm line 305
Kernel::System::MailAccount::IMAP::__ANON__('close') called at /opt/otrs/Kernel/System/MailAccount/IMAP.pm line 521
Kernel::System::MailAccount::IMAP::_Fetch('Kernel::System::MailAccount::IMAPS=HASH(0x371fad8)', 'ID', 22, 'ValidID', 1, 'UserID', 1, 'QueueID', 25, ...) called at /opt/otrs/Kernel/System/MailAccount/IMAP.pm line 157
Kernel::System::MailAccount::IMAP::Fetch('Kernel::System::MailAccount::IMAPS=HASH(0x371fad8)', 'ID', 22, 'ValidID', 1, 'UserID', 1, 'QueueID', 25, ...) called at /opt/otrs/Kernel/System/MailAccount.pm line 649
Kernel::System::MailAccount::MailAccountFetch('Kernel::System::MailAccount=HASH(0x365c6d8)', 'ChangeTime', '2022-09-26 16:03:08', 'ID', 22, 'ValidID', 1, 'CreateTime', '2022-09-15 09:14:48', ...) called at /opt/otrs/Kernel/System/Console/Command/Maint/PostMaster/MailAccountFetch.pm line 170
eval {...} called at /opt/otrs/Kernel/System/Console/Command/Maint/PostMaster/MailAccountFetch.pm line 162
Kernel::System::Console::Command::Maint::PostMaster::MailAccountFetch::Run('Kernel::System::Console::Command::Maint::PostMaster::MailAcco...') called at /opt/otrs/Kernel/System/Console/BaseCommand.pm line 460
eval {...} called at /opt/otrs/Kernel/System/Console/BaseCommand.pm line 454
Kernel::System::Console::BaseCommand::Execute('Kernel::System::Console::Command::Maint::PostMaster::MailAcco...', '--debug', '--mail-account-id', 22) called at /opt/otrs/Kernel/System/Console/InterfaceConsole.pm line 81
Kernel::System::Console::InterfaceConsole::Run('Kernel::System::Console::InterfaceConsole=HASH(0xcea1a8)', 'Maint::PostMaster::MailAccountFetch', '--debug', '--mail-account-id', 22) called at ./otrs.Console.pl line 37
Done.
- Robert
-
- Moderator
- Posts: 393
- Joined: 30 Jan 2008, 02:26
- Znuny Version: All of them ^^
- Real Name: Hannes
- Company: Znuny|OTTERHUB
Re: Problem connecting to O365 / Exchange /Azure
Hi Robert,
my guess is that the user, which authenticates in Znuny is not allowed to access the mailbox.
First: Please check if IMAP is enabled for the mailbox you want to fetch.
Second: The user which provides the consent -> The popup you get when requesting a new token, does not have the needed permission to access the mailbox.
It often happens that the user from your current windows login is used (which might be yours). But the user is not allowed to access the actual mailbox content. If your user does not have the proper permissions you need to switch or use the "private mode" and use your "technical" user in your browser.
Third: We recommend to use the GRAPH API not the old ones Regards
my guess is that the user, which authenticates in Znuny is not allowed to access the mailbox.
First: Please check if IMAP is enabled for the mailbox you want to fetch.
Second: The user which provides the consent -> The popup you get when requesting a new token, does not have the needed permission to access the mailbox.
It often happens that the user from your current windows login is used (which might be yours). But the user is not allowed to access the actual mailbox content. If your user does not have the proper permissions you need to switch or use the "private mode" and use your "technical" user in your browser.
Third: We recommend to use the GRAPH API not the old ones Regards
You do not have the required permissions to view the files attached to this post.
Re: Problem connecting to O365 / Exchange /Azure
Hi Johannes,
thanks for your reply.
The only difference is, that we are using Type Delegated and not Type Application.
When we want to use Application it says that this is not allowed in our company.
Could this be the problem, that we must use Type Application?
- Robert
thanks for your reply.
I will chek that IMAP is enabled for our mailbox but i must wait on a colleague to do this.First: Please check if IMAP is enabled for the mailbox you want to fetch.
I use the correct user and i also tried it in "private mode". When the login form shows up I am logging in with the correct user and then it asks me if it is ok to give permission to the IMAP.AccessAsUser.ALL, etc rights.Second: The user which provides the consent -> The popup you get when...
We are using the GRAPH API.Third: We recommend to use the GRAPH API not the old ones
The only difference is, that we are using Type Delegated and not Type Application.
When we want to use Application it says that this is not allowed in our company.
Could this be the problem, that we must use Type Application?
- Robert
Re: Problem connecting to O365 / Exchange /Azure
Hi,
sorry for my late post. I was bussy the last few days.
We solved our problem.
As you already mentioned the problem was that IMAP was not enabled for that mailbox.
sorry for my late post. I was bussy the last few days.
We solved our problem.
As you already mentioned the problem was that IMAP was not enabled for that mailbox.
-
- Znuny newbie
- Posts: 10
- Joined: 16 Aug 2022, 15:38
- Znuny Version: 6.3
- Real Name: Werner Murnau
Re: Problem connecting to O365 / Exchange /Azure
Hi,
what is the minimum version which provides the usage of Graph API? We do not want to use IMAPS anymore.
Thanks.
what is the minimum version which provides the usage of Graph API? We do not want to use IMAPS anymore.
Thanks.
-
- Administrator
- Posts: 4002
- Joined: 18 Dec 2007, 12:23
- Znuny Version: Znuny and Znuny LTS
- Real Name: Roy Kaldung
- Company: Znuny
- Contact:
Re: Problem connecting to O365 / Exchange /Azure
Hi,
Only POP3 and IMAP (and their variants) are available to fetch e-mails. Fetching with the Graph API is not implemented yet and not planned.
- Roy
Znuny and Znuny LTS running on CentOS / RHEL / Debian / SLES / MySQL / PostgreSQL / Oracle / OpenLDAP / Active Directory / SSO
Use a test system - always.
Do you need professional services? Check out https://www.znuny.com/
Do you want to contribute or want to know where it goes ?
Use a test system - always.
Do you need professional services? Check out https://www.znuny.com/
Do you want to contribute or want to know where it goes ?