Auth failed but no prompt on the phone
Brought to you by:
gnosbush,
liverpoolfcfan
Menu
▾
▴
Hi.
I had problems syncing my phone (MIUI)... After enabling ZIMBRA_DEBUG I
found out auth was failing, but on the phone I only got "Connection error".
Today I had another colleague change his password, and again the sync was
silently failing (LG). By digging into the logs I found again auth was
failing.
Is it possible the backend isn't returning the correct error code when
Zimbra auth fails?
If it matters we use external LDAP auth.
Thanks
maxxer
The zimbra backend simply returns 'false' if the Login() fails. z-push captures that and returns a 401 error to the client. How the client handles that is up to the client.
Are you sure that the requests are all getting to z-push?
Do you have Basic Authorization on the /Microsoft-Server-ActiveSync/ url on the webserver which might be blocking the connection from reaching z-push?
In our live environment, I had implemented this, and as as soon as the user's password was changed, the next request from the device would fail at the webserver - it would never actually get to z-push. It would sometimes loop on multiple attempts within a second at the webserver until the account locked out on the server for too many invalid logins. I addressed that part by adding a 10 second cache to the webserver so it would reject the requests itself without repeatedly presenting the failed credentials to the backend. The device would eventually give up and prompt the password change.
You can see how I implemented it on this thread https://forum.kopano.io/topic/682/z-push-behind-basic-authentication
With the following cache directives added
Yes, requests are going to z-push... And no, I haven't set up basic auth,
didn't know about the option. what are the benefits? keep out unnecessary
traffic?
It sounds strange to me that LG doesn't prompt for updating the pw. I'll
make some tests.
thanks