Steps to fix two factor auth setup error: Difference between revisions
(Created page with "=== <h1>Steps_to_fix_two_factor_auth_setup_error</h1> === <hr> <br> <h2>Problem: </h2> Unable to configure two factor auth for the user and getting following error while ente...") |
No edit summary |
||
Line 1: | Line 1: | ||
=== <h1> | === <h1>Steps to fix two factor auth setup error</h1> === | ||
<hr> | <hr> | ||
<br> | <br> | ||
Line 6: | Line 6: | ||
Unable to configure two factor auth for the user and getting following error while entering 6 digit code during setup. | Unable to configure two factor auth for the user and getting following error while entering 6 digit code during setup. | ||
"Error! Enter code again to confirm setup" | <code>"Error! Enter code again to confirm setup"</code> | ||
Line 12: | Line 12: | ||
We need to increase time windows offset limit for two factor authentication. | We need to increase time windows offset limit for two factor authentication. | ||
su - zimbra | |||
zmprov mcf zimbraTwoFactorTimeWindowOffset 15 | zmprov mcf zimbraTwoFactorTimeWindowOffset 15 | ||
zmprov fc -a all | zmprov fc -a all | ||
'''Note: ''' | '''Note: ''' | ||
If you still get same error with 15 then increase offset upto 30. 30 is maximum limit. | If you still get same error with 15 then increase offset upto 30. 30 is maximum limit. | ||
===== Attribute Description: ===== | |||
zmprov desc -a zimbraTwoFactorTimeWindowOffset | |||
Determines the number of windows to check when trying to validate a | |||
TOTP code (NOW-n through NOW+n). This number should typically be | |||
small, but a minimum value of 1 is usually necessary to account for | |||
network latency and clock drift. See also: | |||
zimbraTwoFactorTimeWindowLength and | |||
https://tools.ietf.org/html/rfc6238#section-5.2 | |||
type : integer | |||
value : | |||
callback : | |||
immutable : false | |||
cardinality : single | |||
requiredIn : | |||
optionalIn : globalConfig | |||
flags : | |||
defaults : 1 | |||
min : 1 | |||
max : | |||
id : 1830 | |||
requiresRestart : | |||
since : 8.7.0,9.0.0 | |||
deprecatedSince : |
Revision as of 05:51, 19 August 2017
Steps to fix two factor auth setup error
Problem:
Unable to configure two factor auth for the user and getting following error while entering 6 digit code during setup.
"Error! Enter code again to confirm setup"
Solution:
We need to increase time windows offset limit for two factor authentication.
su - zimbra zmprov mcf zimbraTwoFactorTimeWindowOffset 15 zmprov fc -a all
Note: If you still get same error with 15 then increase offset upto 30. 30 is maximum limit.
Attribute Description:
zmprov desc -a zimbraTwoFactorTimeWindowOffset Determines the number of windows to check when trying to validate a TOTP code (NOW-n through NOW+n). This number should typically be small, but a minimum value of 1 is usually necessary to account for network latency and clock drift. See also: zimbraTwoFactorTimeWindowLength and https://tools.ietf.org/html/rfc6238#section-5.2 type : integer value : callback : immutable : false cardinality : single requiredIn : optionalIn : globalConfig flags : defaults : 1 min : 1 max : id : 1830 requiresRestart : since : 8.7.0,9.0.0 deprecatedSince :