You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
We had an instance of DavMail working perfectly on a server, connecting to https://outlook.office365.com/EWS/Exchange.asmx using davmail.mode=O365Modern. This worked with no issues for many months.
Recently it seems O365 is enforcing phone checks, etc. during logins. Since this happened, we get the following error trying to use DavMail:
Authentication failed: invalid user or password
Obviously this seems tied to the O365 changes.
We tried the suggested workaround:
davmail.oauth.clientId=d3590ed6-52b3-4102-aeff-aad2292ab01c
davmail.oauth.redirectUri=urn:ietf:wg:oauth:2.0:oob
...but this achieved the same result.
Is there any current workaround in this situation, where we need DavMail to run on a server with no manual interaction?
The text was updated successfully, but these errors were encountered:
boldcompany
changed the title
(O365Modern quit working) questions
(O365Modern quit working) question
Aug 28, 2023
Phone checks means you have MFA enabled, I would strongly suggest you add Microsoft Authenticator as an authentication factor on your account, SMS by phone is not secure enough.
Then switch to O365Interactive or O365Manual to validate you can authenticate with MFA
I also need to simplify the authentication modes:
EWS: for on prem Exchange
O365: EWS on O365, may have to deprecate this one, basic authentication is now disabled on (almost ?) all tenants
O365Modern: fully automated OIDC authentication, working when MFA is not enabled and used to work with MS Authenticator... however now that number matching is enforced fully transparent auth with MFA is no longer an option. You may be able to grab the number matching number in logs but this in not practical
O365Interactive: O365 authentication with embedded browser, will work with most MFAs but not when workplace join is enforced
O365Manual: Fallback for interactive authentication, use your own browser to authenticate
Phone checks means you have MFA enabled, I would strongly suggest you add Microsoft Authenticator as an authentication factor on your account, SMS by phone is not secure enough.
Isn't Microsoft Authenticator a proprietary application? I think many users are using DavMail precisely to limit their use of proprietary software.
O365Modern: fully automated OIDC authentication, working when MFA is not enabled
Do you mean that O365Modern doesn't work with MFA? Because this is contradicted by the "Is Office 365 modern authentication / MFA supported ?" section of the FAQ, which says, "O365Modern: same logic as O365Interactive, but use client provided credentials for Oauth negotiation, trigger PhoneApp MFA check transparently".
We had an instance of DavMail working perfectly on a server, connecting to https://outlook.office365.com/EWS/Exchange.asmx using davmail.mode=O365Modern. This worked with no issues for many months.
Recently it seems O365 is enforcing phone checks, etc. during logins. Since this happened, we get the following error trying to use DavMail:
Authentication failed: invalid user or password
Obviously this seems tied to the O365 changes.
We tried the suggested workaround:
davmail.oauth.clientId=d3590ed6-52b3-4102-aeff-aad2292ab01c
davmail.oauth.redirectUri=urn:ietf:wg:oauth:2.0:oob
...but this achieved the same result.
Is there any current workaround in this situation, where we need DavMail to run on a server with no manual interaction?
The text was updated successfully, but these errors were encountered: