Steps to fix two factor auth setup error

Revision as of 01:00, 31 July 2018 by Sujit (talk | contribs)

Steps to fix two factor auth setup error

   KB 23359        Last updated on 2018-07-31  




0.00
(0 votes)


Problem

Unable to configure two factor auth for the user and getting following error while entering 6 digit code during setup.

"Error! Enter code again to confirm setup"


Solution

We need to increase time windows offset limit for two factor authentication.

su - zimbra
zmprov mcf zimbraTwoFactorTimeWindowOffset 15   
zmprov fc -a all

Note: If you still get same error with 15 then increase offset upto 30.


Attribute Description:
zmprov desc -a zimbraTwoFactorTimeWindowOffset

   Determines the number of windows to check when trying to validate a
   TOTP code (NOW-n through NOW+n). This number should typically be
   small, but a minimum value of 1 is usually necessary to account for
   network latency and clock drift. See also:
   zimbraTwoFactorTimeWindowLength and
   https://tools.ietf.org/html/rfc6238#section-5.2

              type : integer
             value :
          callback :
         immutable : false
       cardinality : single
        requiredIn :
        optionalIn : globalConfig
             flags :
          defaults : 1
               min : 1
               max :
                id : 1830
   requiresRestart :
             since : 8.7.0,9.0.0
   deprecatedSince :


This external link contains more information about formatting.

Submitted by: Heera Singh Koranga
Jump to: navigation, search