Steps to fix two factor auth setup error

The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.

Steps to fix two factor auth setup error


Problem:

Unable to configure two factor auth for the user and getting following error while entering 6 digit code during setup.

"Error! Enter code again to confirm setup"


Solution:

We need to increase time windows offset limit for two factor authentication. 

su - zimbra
zmprov mcf zimbraTwoFactorTimeWindowOffset 15   
zmprov fc -a all

Note: If you still get same error with 15 then increase offset upto 30.


Attribute Description:
zmprov desc -a zimbraTwoFactorTimeWindowOffset

   Determines the number of windows to check when trying to validate a
   TOTP code (NOW-n through NOW+n). This number should typically be
   small, but a minimum value of 1 is usually necessary to account for
   network latency and clock drift. See also:
   zimbraTwoFactorTimeWindowLength and
   https://tools.ietf.org/html/rfc6238#section-5.2

              type : integer
             value :
          callback :
         immutable : false
       cardinality : single
        requiredIn :
        optionalIn : globalConfig
             flags :
          defaults : 1
               min : 1
               max :
                id : 1830
   requiresRestart :
             since : 8.7.0,9.0.0
   deprecatedSince :
Retrieved from "http://wiki.zimbra.com/index.php?title=Steps_to_fix_two_factor_auth_setup_error&oldid=63899"
Jump to: navigation, search