Viewing 13 reply threads
  • Author
    Posts
    • #14013

      Hi,

      Today at around 16:00PM we started having issues with our OTOBO. It suddenly it stopped fetching emails.

      Debugging the issue using this command
      su -c “./otobo.Console.pl Maint::PostMaster::MailAccountFetch –debug” -s /bin/bash otobo

      the following error appears:

      Message: CommunicationLog(ID:32330,AccountType:-,AccountID:-,Direction:Incoming,Transport:Email,ObjectLogType:Connection,ObjectLogID:32678)::Kernel::System::MailAccount::IMAP => IMAPS: Auth for user support@example.com/outlook.office365.com failed!

      Checking communication log from the OTOBO, we can see that the last successful fetch try was at 15:30

      Additionally OTOBO version 10.0.15 (without docker) is the one we have. SMTP has been tested as well and it works without any issues (it is able to send mails). We are using Exchange Online.

      Full debug log:
      Spawning child process to fetch incoming messages from mail accounts…

      outlook.office365.com (IMAPS)…
      [… cpan-lib/Net/IMAP/Simple.pm line 133 in sub _connect] connecting to outlook.office365.com:993
      [… cpan-lib/Net/IMAP/Simple.pm line 133 in sub _connect] connected, returning socket
      [… System/MailAccount/IMAPS.pm line 52 in sub new] waiting for socket ready
      [… System/MailAccount/IMAPS.pm line 52 in sub new] looking for greeting
      [… System/MailAccount/IMAPS.pm line 52 in sub new] got a greeting: * OK The Microsoft Exchange IMAP4 service is ready. [WgBSADAAUAAyADcAOABDAEEAMAAxADgANgAuAEMASABFAFAAMgA3ADgALgBQAFIATwBEAC4ATwBVAFQATABPAE8ASwAuAEMATwBNAA==]\r\n
      [… cpan-lib/Net/IMAP/Simple.pm line 1251 in sub _send_cmd] 0 LOGIN support@example.com “89^nM&4K@x$df@W3″\r\n
      [… cpan-lib/Net/IMAP/Simple.pm line 265 in sub _process_cmd] 0 NO LOGIN failed.\r\n
      [… cpan-lib/Net/IMAP/Simple.pm line 1276 in sub _cmd_ok] 0 NO LOGIN failed.\r\n
      [… cpan-lib/Net/IMAP/Simple.pm line 1191 in sub _seterrstr] LOGIN failed.\r
      [… cpan-lib/Net/IMAP/Simple.pm line 879 in sub _send_cmd] 1 EXPUNGE\r\n
      [… cpan-lib/Net/IMAP/Simple.pm line 1251 in sub _send_cmd] 2 LOGOUT\r\n
      [… cpan-lib/Net/IMAP/Simple.pm line 881 in sub _process_cmd] 1 BAD Command received in Invalid state.\r\n
      [… cpan-lib/Net/IMAP/Simple.pm line 1276 in sub _cmd_ok] 1 BAD Command received in Invalid state.\r\n
      [… cpan-lib/Net/IMAP/Simple.pm line 1197 in sub _seterrstr] warning unknown return string (id=2): 1 BAD Command received in Invalid state.\r\n
      [… cpan-lib/Net/IMAP/Simple.pm line 881 in sub _process_cmd] * BYE Microsoft Exchange Server IMAP4 server signing off.\r\n
      [… cpan-lib/Net/IMAP/Simple.pm line 1276 in sub _cmd_ok] * BYE Microsoft Exchange Server IMAP4 server signing off.\r\n
      [… cpan-lib/Net/IMAP/Simple.pm line 881 in sub _process_cmd] 2 OK LOGOUT completed.\r\n
      [… cpan-lib/Net/IMAP/Simple.pm line 1276 in sub _cmd_ok] 2 OK LOGOUT completed.\r\n
      ERROR: OTOBO-otobo.Console.pl-Maint::PostMaster::MailAccountFetch-23 Perl: 5.30.0 OS: linux Time: Thu Oct 13 15:40:10 2022

      Message: CommunicationLog(ID:32333,AccountType:-,AccountID:-,Direction:Incoming,Transport:Email,ObjectLogType:Connection,ObjectLogID:32681)::Kernel::System::MailAccount::IMAP => IMAPS: Auth for user support@example.com/outlook.office365.com failed!

      Traceback (655390):
      Module: Kernel::System::CommunicationLog::_LogError Line: 546
      Module: Kernel::System::CommunicationLog::ObjectLog Line: 314
      Module: Kernel::System::MailAccount::IMAP::_Fetch Line: 222
      Module: Kernel::System::MailAccount::IMAP::Fetch Line: 109
      Module: Kernel::System::MailAccount::MailAccountFetch Line: 574
      Module: (eval) Line: 180
      Module: Kernel::System::Console::Command::Maint::PostMaster::MailAccountFetch::Run Line: 172
      Module: (eval) Line: 468
      Module: Kernel::System::Console::BaseCommand::Execute Line: 462
      Module: Kernel::System::Console::InterfaceConsole::Run Line: 88
      Module: ./otobo.Console.pl Line: 35

      Done.
      ————————————————

      Any kind of help would be appreciated!

    • #14015
      Stefan Rother
      Keymaster

        Hi Amar,

        Microsoft disable the Basic Authentication step by step for IMAP4 or POP3:

        A tutorial to change the authentication mode is here:

        https://doc.otobo.org/manual/admin/10.1/en/content/communication-notifications/postmaster-mail-accounts.html#pop3-and-imap-oauth2-authentification

        I hope that helps!

        Stefan

        Team OTOBO

      • #14030

        Hi Stefan,

        Thanks for the guide! I was able to follow it and set up all the needed apps, unfortunately when I change the authentication to IMAPOauth2 and I try to login to the MS page with the mailbox, this error appears:

        What kind of permissions should I grant to my support account in AAD?

        Thanks again for the help!

      • #14031

        Just as an additional information, I have added my support user to the AAD enterprise application and app registrations. as well as assigned it the Cloud Application Administrator role

      • #14032

        I have managed to fix this problem I think? But I have encounterend a different one. Whenever I try to login with the support email, this error appears:

        Sorry, but we’re having trouble signing you in.

        AADSTS500113: No reply address is registered for the application.

        I double checked by redirect url configure in the AAD app and it is correct. If I copy paste the URL I entered it takes me to Mail Account Management page.

      • #14265
        Ronald Müller
        Participant

          Hi Amar,

          did you solve the problem with the redirect URI? We have the same problem while switching to POP3OAuth2. We followed the OTOBO manual for the configuration and stuck here.

           

          Kind regards

          Ronald

          • #14399
            Ronald Müller
            Participant

              We found out that we used the wrong App ID. After that we used the App ID showing in the overview of all Apps and this one was the correct one.

          • #14294
            Pedro Miguel
            Participant

              Hello all,

              I got a similar error when change IMAPS to oauth2. I am redirected to an O365 login page, and after that get this message:

              AADSTS900971: No reply address provided.

              I have confirmed thar Redirect URI is https://serverFQDN/otobo/index.pl?Action=AdminMailAccount and all configurations are according to Otobo manual.

              Any idea about it?

              Regards.

               

               

               

               

               

               

            • #14376
              A. Flora
              Participant

                Same here, it seams something has changed between Microsoft and the guide.

                Also we use shared mailbox but needed to add every user single as allowed user, who is able to read the shared mailbox, to step “The mailbox user must be assigned to the application. ” in the documentation and not only the shared mailbox user

                Other options to bypass this error is written in this guide: https://docs.revenuegrid.com/ri/fast/articles/Need-Admin-Approval/

                This together helped us bypass the “Admin Approval” error, maybe the guide can be altered to add these steps

                 

                 

              • #14416
                A. Flora
                Participant

                  I have found other behaviour, if i use the application id of the registration in azure instead of the application id of the application it looks like it is working and accepting the login.

                  However after entering the details i am presented with my login screen of Otobo and after login the created mailbox isn’t  added in the otobo configuration

                   

                • #14498
                  VINAYAK KADAM
                  Participant

                    initial config. done according to OTOBO manual, but still we have error.

                    please provide solution for following error…

                    email : vinayak.k@alliance.edu.in

                    thank you in advance……

                    otobo@itsotrs:~$ /opt/otobo/bin/otobo.Console.pl Maint::PostMaster::MailAccountFetch –debug

                    Spawning child process to fetch incoming messages from mail accounts…

                    outlook.office365.com (IMAPOAuth2)…

                    Started at Mon Jan 2 08:49:41 2023
                    Using Mail::IMAPClient version 3.43 on perl 5.034000
                    Connecting with IO::Socket::IP PeerAddr outlook.office365.com PeerPort 143 Proto tcp Timeout 600 Debug 1
                    ERROR: Unable to connect to outlook.office365.com: at /usr/share/perl5/Mail/IMAPClient.pm line 377.
                    Mail::IMAPClient::connect(Mail::IMAPClient=HASH(0x56076580ebb0)) called at /usr/share/perl5/Mail/IMAPClient.pm l ine 315
                    Mail::IMAPClient::new(“Mail::IMAPClient”, “Server”, “outlook.office365.com”, “Starttls”, ARRAY(0x560766447ae8), “Debug”, 1, “Uid”, …) called at /opt/otobo/Kernel/System/MailAccount/IMAPOAuth2.pm line 75
                    Kernel::System::MailAccount::IMAPOAuth2::Connect(Kernel::System::MailAccount::IMAPOAuth2=HASH(0x560765a11010), ” ID”, 3, “Host”, “outlook.office365.com”, “Login”, “ticket.helpdesk\@alliance.edu.in”, “Password”, …) called at /opt/ot obo/Kernel/System/MailAccount/IMAPOAuth2.pm line 215
                    eval {…} called at /opt/otobo/Kernel/System/MailAccount/IMAPOAuth2.pm line 218
                    Kernel::System::MailAccount::IMAPOAuth2::_Fetch(Kernel::System::MailAccount::IMAPOAuth2=HASH(0x560765a11010), “T rusted”, 1, “Comment”, “Tickets”, “Debug”, 1, “QueueID”, …) called at /opt/otobo/Kernel/System/MailAccount/IMAPOAuth2. pm line 116
                    Kernel::System::MailAccount::IMAPOAuth2::Fetch(Kernel::System::MailAccount::IMAPOAuth2=HASH(0x560765a11010), “Qu eueID”, 0, “ID”, 3, “UserID”, 1, “Host”, …) called at /opt/otobo/Custom/Kernel/System/MailAccount.pm line 654
                    Kernel::System::MailAccount::MailAccountFetch(Kernel::System::MailAccount=HASH(0x5607658f9030), “DispatchingBy”, “From”, “CreateTime”, “2022********12********31 04:03:36”, “ChangeTime”, “2022********12********31 04:17:11”, “ValidID” , …) called at /opt/otobo/Kernel/System/Console/Command/Maint/PostMaster/MailAccountFetch.pm line 180
                    eval {…} called at /opt/otobo/Kernel/System/Console/Command/Maint/PostMaster/MailAccountFetch.pm line 172
                    Kernel::System::Console::Command::Maint::PostMaster::MailAccountFetch::Run(Kernel::System::Console::Command::Mai nt::PostMaster::MailAccountFetch=HASH(0x560764df38a0)) called at /opt/otobo/Kernel/System/Console/BaseCommand.pm line 48 0
                    eval {…} called at /opt/otobo/Kernel/System/Console/BaseCommand.pm line 474
                    Kernel::System::Console::BaseCommand::Execute(Kernel::System::Console::Command::Maint::PostMaster::MailAccountFe tch=HASH(0x560764df38a0), “****************debug”) called at /opt/otobo/Kernel/System/Console/InterfaceConsole.pm line 8 8
                    Kernel::System::Console::InterfaceConsole::Run(Kernel::System::Console::InterfaceConsole=HASH(0x560764de5c10), ” Maint::PostMaster::MailAccountFetch”, “****************debug”) called at /opt/otobo/bin/otobo.Console.pl line 35
                    ERROR: OTOBO********otobo.Console.pl********Maint::PostMaster::MailAccountFetch********42 Perl: 5.34.0 OS: linux Time: M on Jan 2 08:58:24 2023

                    Message: CommunicationLog(ID:3380,AccountType:********,AccountID:********,Direction:Incoming,Transport:Email,ObjectLogT ype:Connection,ObjectLogID:3380)::Kernel::System::MailAccount::IMAPOAuth2 => Something went wrong while trying to connec t to ‘IMAPOAuth2 => ticket.helpdesk@alliance.edu.in/outlook.office365.com’: Can’t call method “authenticate” on an undef ined value at /opt/otobo/Kernel/System/MailAccount/IMAPOAuth2.pm line 83.

                    Traceback (23050):
                    Module: Kernel::System::CommunicationLog::_LogError Line: 546
                    Module: Kernel::System::CommunicationLog::ObjectLog Line: 314
                    Module: Kernel::System::MailAccount::IMAPOAuth2::_Fetch Line: 233
                    Module: Kernel::System::MailAccount::IMAPOAuth2::Fetch Line: 116
                    Module: Kernel::System::MailAccount::MailAccountFetch Line: 654
                    Module: (eval) Line: 180
                    Module: Kernel::System::Console::Command::Maint::PostMaster::MailAccountFetch::Run Line: 172
                    Module: (eval) Line: 480
                    Module: Kernel::System::Console::BaseCommand::Execute Line: 474
                    Module: Kernel::System::Console::InterfaceConsole::Run Line: 88
                    Module: /opt/otobo/bin/otobo.Console.pl Line: 35

                    Done.

                     

                  • #14621

                    Hi everyone,

                    Sorry for replying to this thread late, I have totally forgot that I have created a question for this.

                    We did manage to set up the AAD and succesfully authenticate the mail user.

                    You may follow the guide from this doc:
                    https://doc.otobo.org/manual/admin/10.1/en/content/communication-notifications/postmaster-mail-accounts.html#pop3-and-imap-oauth2-authentification

                    but, there is no need for all the steps in Azure that are provided in the article. You only need to create one app registration, no need for the enterprise application. Once you create the app registration, just assign the user to the application. I have additionally added the offline_access permission for the user as well.

                    With this, you can continue with the OTOBO part of the article (OTOBO OAuth2 Configuration)

                  • #14625
                    sameer iqbal
                    Participant

                      Hi,

                       

                      Has anyone able to resolve the “AADSTS900971: No reply address provided.”. Although, I have provide and verified that redirect address is correct.

                      any help will be much appreciated.

                       

                      • #14626
                        sameer iqbal
                        Participant

                          Got it working. The issue was the application ID was different that what was state in the step “The mailbox user must be assigned to the application”

                      • #14637
                        A. Flora
                        Participant

                          The application id needs to be the ID of the registration AND NOT of the Application itself, this isn’t clear from the guide

                        • #14638
                          A. Flora
                          Participant

                            i still have issue that after successfull login to the microsoft part i am redirected to the otobo login page which i authenticate using my admin account

                            After logging in into otobo the oauth2 registration isn’t available or saved as a mailbox.

                            I try to find the logfile(s) but have no clue where the logs are saved, we use the docker version and have no clue what to do next

                             

                        Viewing 13 reply threads
                        • You must be logged in to reply to this topic.