Steps to fix two factor auth setup error: Difference between revisions

No edit summary
No edit summary
 
(5 intermediate revisions by 2 users not shown)
Line 1: Line 1:
=== <h1>Steps to fix two factor auth setup error</h1> ===
{{BC|Certified}}
__FORCETOC__
<div class="col-md-12 ibox-content">
=Two factor auth error due to mismatched codes=  
<hr>
<hr>
<br>
{{KB|{{ZC}}|{{ZCS 8.8}}|{{ZCS 8.7}}||}}


<h2>Problem: </h2>
Unable to configure two factor auth for the user and getting following error while entering 6 digit code during setup. 


<code>"Error! Enter code again to confirm setup"</code>
====Problem====
Unable to configure two factor authentication for the user because of the following error when entering 6 digit code during setup


[[File:2FA_Error.PNG]]


<h2>Solution: </h2>
We need to increase time windows offset limit for two factor authentication. 


====Solution====
We need to increase time windows offset limit for two factor authentication
  su - zimbra
  su - zimbra
  zmprov mcf zimbraTwoFactorTimeWindowOffset 15   
  zmprov mcf zimbraTwoFactorTimeWindowOffset 15   
Line 17: Line 20:


'''Note: '''  
'''Note: '''  
If you still get same error with 15 then increase offset upto 30.  30 is maximum limit.
If you still get same error with 15 then increase offset upto 30.   




Line 45: Line 48:
               since : 8.7.0,9.0.0
               since : 8.7.0,9.0.0
     deprecatedSince :
     deprecatedSince :
{| class="wikitable" style="background-color:#d0f0c0;" cellpadding="10"
|'''Submitted by''':  Heera Singh Koranga
|}
{{Article Footer|ZCS 8.8, 8.7 |2017-08-23}}

Latest revision as of 14:13, 31 August 2018

Two factor auth error due to mismatched codes


   KB 23359        Last updated on 2018-08-31  




0.00
(0 votes)


Problem

Unable to configure two factor authentication for the user because of the following error when entering 6 digit code during setup.

2FA Error.PNG


Solution

We need to increase time windows offset limit for two factor authentication

su - zimbra
zmprov mcf zimbraTwoFactorTimeWindowOffset 15   
zmprov fc -a all

Note: If you still get same error with 15 then increase offset upto 30.


Attribute Description:
zmprov desc -a zimbraTwoFactorTimeWindowOffset

   Determines the number of windows to check when trying to validate a
   TOTP code (NOW-n through NOW+n). This number should typically be
   small, but a minimum value of 1 is usually necessary to account for
   network latency and clock drift. See also:
   zimbraTwoFactorTimeWindowLength and
   https://tools.ietf.org/html/rfc6238#section-5.2

              type : integer
             value :
          callback :
         immutable : false
       cardinality : single
        requiredIn :
        optionalIn : globalConfig
             flags :
          defaults : 1
               min : 1
               max :
                id : 1830
   requiresRestart :
             since : 8.7.0,9.0.0
   deprecatedSince :


Submitted by: Heera Singh Koranga
Verified Against: ZCS 8.8, 8.7 Date Created: 2017-08-23
Article ID: https://wiki.zimbra.com/index.php?title=Steps_to_fix_two_factor_auth_setup_error Date Modified: 2018-08-31



Try Zimbra

Try Zimbra Collaboration with a 60-day free trial.
Get it now »

Want to get involved?

You can contribute in the Community, Wiki, Code, or development of Zimlets.
Find out more. »

Looking for a Video?

Visit our YouTube channel to get the latest webinars, technology news, product overviews, and so much more.
Go to the YouTube channel »


Jump to: navigation, search