Steps to fix two factor auth setup error: Difference between revisions

No edit summary
No edit summary
 
(2 intermediate revisions by 2 users not shown)
Line 2: Line 2:
__FORCETOC__
__FORCETOC__
<div class="col-md-12 ibox-content">
<div class="col-md-12 ibox-content">
===Steps to fix two factor auth setup error===
=Two factor auth error due to mismatched codes=  
{{WIP}}
<hr>
{{KB|{{ZC}}|{{ZCS 8.8}}|{{ZCS 8.7}}||}}
 


====Problem====
====Problem====
Unable to configure two factor auth for the user and getting following error while entering 6 digit code during setup.   
Unable to configure two factor authentication for the user because of the following error when entering 6 digit code during setup.   


<code>"Error! Enter code again to confirm setup"</code>
[[File:2FA_Error.PNG]]




====Solution====
====Solution====
We need to increase time windows offset limit for two factor authentication
We need to increase time windows offset limit for two factor authentication
 
  su - zimbra
  su - zimbra
  zmprov mcf zimbraTwoFactorTimeWindowOffset 15   
  zmprov mcf zimbraTwoFactorTimeWindowOffset 15   
Line 49: Line 50:




This [https://www.mediawiki.org/wiki/Help:Formatting external link] contains more information about formatting.


Submitted by:  Heera Singh Koranga
{| class="wikitable" style="background-color:#d0f0c0;" cellpadding="10"
|'''Submitted by''':  Heera Singh Koranga
|}
 
{{Article Footer|ZCS 8.8, 8.7 |2017-08-23}}

Latest revision as of 14:13, 31 August 2018

Two factor auth error due to mismatched codes


   KB 23359        Last updated on 2018-08-31  




0.00
(0 votes)


Problem

Unable to configure two factor authentication for the user because of the following error when entering 6 digit code during setup.

2FA Error.PNG


Solution

We need to increase time windows offset limit for two factor authentication

su - zimbra
zmprov mcf zimbraTwoFactorTimeWindowOffset 15   
zmprov fc -a all

Note: If you still get same error with 15 then increase offset upto 30.


Attribute Description:
zmprov desc -a zimbraTwoFactorTimeWindowOffset

   Determines the number of windows to check when trying to validate a
   TOTP code (NOW-n through NOW+n). This number should typically be
   small, but a minimum value of 1 is usually necessary to account for
   network latency and clock drift. See also:
   zimbraTwoFactorTimeWindowLength and
   https://tools.ietf.org/html/rfc6238#section-5.2

              type : integer
             value :
          callback :
         immutable : false
       cardinality : single
        requiredIn :
        optionalIn : globalConfig
             flags :
          defaults : 1
               min : 1
               max :
                id : 1830
   requiresRestart :
             since : 8.7.0,9.0.0
   deprecatedSince :


Submitted by: Heera Singh Koranga
Verified Against: ZCS 8.8, 8.7 Date Created: 2017-08-23
Article ID: https://wiki.zimbra.com/index.php?title=Steps_to_fix_two_factor_auth_setup_error Date Modified: 2018-08-31



Try Zimbra

Try Zimbra Collaboration with a 60-day free trial.
Get it now »

Want to get involved?

You can contribute in the Community, Wiki, Code, or development of Zimlets.
Find out more. »

Looking for a Video?

Visit our YouTube channel to get the latest webinars, technology news, product overviews, and so much more.
Go to the YouTube channel »


Jump to: navigation, search