Difference between revisions of "Steps to fix two factor auth setup error"
(Created page with "=== <h1>Steps_to_fix_two_factor_auth_setup_error</h1> === <hr> <br> <h2>Problem: </h2> Unable to configure two factor auth for the user and getting following error while ente...") |
|||
| Line 1: | Line 1: | ||
| − | === <h1> | + | === <h1>Steps to fix two factor auth setup error</h1> === |
<hr> | <hr> | ||
<br> | <br> | ||
| Line 6: | Line 6: | ||
Unable to configure two factor auth for the user and getting following error while entering 6 digit code during setup. | Unable to configure two factor auth for the user and getting following error while entering 6 digit code during setup. | ||
| − | "Error! Enter code again to confirm setup" | + | <code>"Error! Enter code again to confirm setup"</code> |
| Line 12: | Line 12: | ||
We need to increase time windows offset limit for two factor authentication. | We need to increase time windows offset limit for two factor authentication. | ||
| − | + | su - zimbra | |
| − | zmprov mcf zimbraTwoFactorTimeWindowOffset 15 | + | zmprov mcf zimbraTwoFactorTimeWindowOffset 15 |
| − | zmprov fc -a all | + | zmprov fc -a all |
| − | |||
'''Note: ''' | '''Note: ''' | ||
If you still get same error with 15 then increase offset upto 30. 30 is maximum limit. | If you still get same error with 15 then increase offset upto 30. 30 is maximum limit. | ||
| + | |||
| + | |||
| + | ===== Attribute Description: ===== | ||
| + | zmprov desc -a zimbraTwoFactorTimeWindowOffset | ||
| + | |||
| + | Determines the number of windows to check when trying to validate a | ||
| + | TOTP code (NOW-n through NOW+n). This number should typically be | ||
| + | small, but a minimum value of 1 is usually necessary to account for | ||
| + | network latency and clock drift. See also: | ||
| + | zimbraTwoFactorTimeWindowLength and | ||
| + | https://tools.ietf.org/html/rfc6238#section-5.2 | ||
| + | |||
| + | type : integer | ||
| + | value : | ||
| + | callback : | ||
| + | immutable : false | ||
| + | cardinality : single | ||
| + | requiredIn : | ||
| + | optionalIn : globalConfig | ||
| + | flags : | ||
| + | defaults : 1 | ||
| + | min : 1 | ||
| + | max : | ||
| + | id : 1830 | ||
| + | requiresRestart : | ||
| + | since : 8.7.0,9.0.0 | ||
| + | deprecatedSince : | ||
Revision as of 05:51, 19 August 2017
Contents
Steps to fix two factor auth setup error
Problem:
Unable to configure two factor auth for the user and getting following error while entering 6 digit code during setup.
"Error! Enter code again to confirm setup"
Solution:
We need to increase time windows offset limit for two factor authentication.
su - zimbra zmprov mcf zimbraTwoFactorTimeWindowOffset 15 zmprov fc -a all
Note: If you still get same error with 15 then increase offset upto 30. 30 is maximum limit.
Attribute Description:
zmprov desc -a zimbraTwoFactorTimeWindowOffset Determines the number of windows to check when trying to validate a TOTP code (NOW-n through NOW+n). This number should typically be small, but a minimum value of 1 is usually necessary to account for network latency and clock drift. See also: zimbraTwoFactorTimeWindowLength and https://tools.ietf.org/html/rfc6238#section-5.2 type : integer value : callback : immutable : false cardinality : single requiredIn : optionalIn : globalConfig flags : defaults : 1 min : 1 max : id : 1830 requiresRestart : since : 8.7.0,9.0.0 deprecatedSince :
