Login twice required, can davmail add the domain the first time, and remove...
Brought to you by:
mguessan
Menu
▾
▴
#57 Login twice required, can davmail add the domain the first time, and remove it the second time?
One of the mail servers I use changed to 2FA (using Google Authenticator, not O365) and since then I can not login through davmail anymore.
I think the error stems from a layer that has been placed before the usual login screen: I can enter webmail through a browser but I need to enter my credentials twice! And the first time I need to leave out the domain from the username and the second time (I recognize the old login screen) it is probably added by the system (as previously I needed to add it). I don't think the davmail configuration can handle this.
A bit more details on logging in through the web-app: If I enter https://portal.xxx.xxx/owa I get referred to https://portal.xxx.xx/SAAS/auth/federation/sso. If I enter my credentials I am asked for my Google token. Then I get referred to https://portal.xxx.xx/catalog-portal/ui?isOnPremise=true&isMobile=false&userId=999#/apps where I can click on Webmail. Then I am referred to
https://portal.xxx.xx/owa/auth/logon.aspx?replaceCurrent=1&url=https%3a%2f%2fxxx.xx.x.xx%2fowa which is exactly the login screen as it used to be. Entering the
credentials again will lead to https://portal.xxx.xx/owa/#path=/mail as it used to be.
If I remove the domain and slash from my username and change the davmail url from mail.xxx.xx/ews/exchange.asmx to portal.xxx.xx/owa a davmail window opens that asks for my token. If I enter that a "Authentication failed: invalid user or password, retry...." appears in the logs. Could it be that it does requires my domain now? (Is it possible to configure davmail so that it will deliver the domain name only on the second login?)
Davmail is brilliant and I hope you can help me. It should still be possible as my mobile can still login.
Hope you consider this an interesting riddle (and that I am not so stupid as to have missed something obvious). Would of course be very happy to send my WIRE debugs!
Caroline
Would it perhaps be a solution to hand a cookie to davmail after logging in through the web browser? As has been proposed in 2018: https://sourceforge.net/p/davmail/patches/37/?
This can be closed as I moved it to a feature request.