Steps to fix two factor auth setup error
Steps to fix two factor auth setup error
- This article is a Work in Progress, and may be unfinished or missing sections.
Problem
Unable to configure two factor auth for the user and getting following error while entering 6 digit code during setup.
"Error! Enter code again to confirm setup"
Solution
We need to increase time windows offset limit for two factor authentication.
su - zimbra zmprov mcf zimbraTwoFactorTimeWindowOffset 15 zmprov fc -a all
Note: If you still get same error with 15 then increase offset upto 30.
Attribute Description:
zmprov desc -a zimbraTwoFactorTimeWindowOffset Determines the number of windows to check when trying to validate a TOTP code (NOW-n through NOW+n). This number should typically be small, but a minimum value of 1 is usually necessary to account for network latency and clock drift. See also: zimbraTwoFactorTimeWindowLength and https://tools.ietf.org/html/rfc6238#section-5.2 type : integer value : callback : immutable : false cardinality : single requiredIn : optionalIn : globalConfig flags : defaults : 1 min : 1 max : id : 1830 requiresRestart : since : 8.7.0,9.0.0 deprecatedSince :
This external link contains more information about formatting.
Submitted by: Heera Singh Koranga