Cant' connect to Exchange (federate adfs)

[ermurenz]

Hi guys,
Hope someone can help me.
Since yesterday two mail accounts configured in my otrs instance, fail to download email.
Both accounts use outlook.office365.com as their imaps address.
The username and password are correct: access is allowed via the web and the password has not expired.
Other than is microsoft related, I don't know the infrastructure where these two accounts reside but by logging in from the web https : //outlook.office365.com/mail/, a redirect is performed to another url (like adfs.sitename.com) where you insert username and password, and after that, come back to again https : //outlook.office365.com/mail/.
(Seems some sort of sso or adfs is configured)

This is the error:

ERROR: OTRS-otrs.Console.pl-Maint::PostMaster::MailAccountFetch-10 Perl: 5.16.3 OS: linux Time: Sat Oct 22 05:53:26 2022
Message: CommunicationLog(ID:5191441,AccountType:-,AccountID:-,Direction:Incoming,Transport:Email,ObjectLogType:Connection,ObjectLogID:5849514)::Kernel::System::MailAccount::IMAP => IMAPS: Auth for user username@xxxxx.xx.xx/outlook.office365.com failed!

DEBUG:
[...System/MailAccount/IMAPS.pm line 40 in sub new] got a greeting: * OK The Microsoft Exchange IMAP4 service is ready. [WgBSADAAUAAyADcAOABDAEEQATABPAE8ASwAuAEMATwBNAA==]\r\n
[...cpan-lib/Net/IMAP/Simple.pm line 1251 in sub _send_cmd] 0 LOGIN username@xxxxx.xx.xx "xxxxxxxxx"\r\n
[...cpan-lib/Net/IMAP/Simple.pm line 265 in sub _process_cmd] 0 NO LOGIN failed.\r\n
[...cpan-lib/Net/IMAP/Simple.pm line 1276 in sub _cmd_ok] 0 NO LOGIN failed.\r\n


Our cooperative has Exchange online too (without any sort of adfs) so I added my own account for a test and had no problems (with literally the same parameters , outlook.office365.com port 993 etc).
Is there anyone who has been in a similar situation with ADFS authentication involved?

I hope I have explained.
My english sucks.

Thanks in advanced anyway.

[Bernie]

Same problem here... we are not able to receive mails via office365.com with OTRS - sending on the other side, still works. But here we tried other users but without any luck

Regards Bernie

[root]

Hi,

To both of you, check if your Office365 tenant and the used protocol basic authentication (username+password) is used and enabled. Microsoft announced the change already for a long time. There is the word that you can reenable this once per protocol, but it will be permanently disabled within the next year (January 1st, 2023).
The solution is to use modern authentication (OAuth 2), which is integrated into Znuny 6.4. If you can't upgrade for whatever reason, there is the possibility of obtaining an add-on from Znuny (for support subscribers). I do not know about other options for OTRS/Znuny.

- Roy