Hi -
I'm running 1.17.3, and trying to get our inbound email working.
The issue:
In the Admin Panel / Emails / Remote Mailbox, I'm trying to set up an account against outlook.office365.com.
We've disabled MFA against the email account and enabled POP and IMAP.
The Authentication only shows "Basic Authentication (Legacy)" with no option for TLS etc.
Protocols available are POP and IMAP, with no mention of TLS/SSL.

How should we configure this to connect to office365 email? I've read in the documentation about adding TLS:// to the port number, etc, but nothing is working and I can't get it to authenticate, notwithstanding authenticating find in a browser.

Thanks much for any assistance - this is great software, and if my users can open tix with email, they're going to be v v happy.

/mh

  • KevinTheJedi replied to this.

  • mhayden-dmatrix

    Email Mismatch: Expecting Authorization for it@<domain> not mhayden@<domain>

    This means when it took you to MS to authenticate you authenticated as the wrong account. You should login as it@ not your personal account.

    Cheers.

      mhayden-dmatrix

      O365 started enforcing Modern Authentication (OAuth2) back in October 2022. You can install the OAuth2 plugin from our website and follow this guide:

      Also, you don’t need to hint SSL/TLS if you use a standard port as we autodetect and use the appropriate method. For IMAP over SSL simply use outlook.office365.com and port 993.

      Cheers.

        Thank, KevinTheJedi.
        I'm working through it now (albeit without success) so far.
        much appreciated!
        /mh

          Hi - after going through the process I have two entries in the instances of the Oauth2 plugin..
          Should I have two?

          Also, I never got to the consent form in the process.....is there a way to do that via Azure portal, or is that something that should occur dynamically as a part of login?

          OK - I'm now getting the message "Email Mismatch: Expecting Authorization for it@<domain> not mhayden@<domain>"

          I blew away the app registration I did as my own account which I authorized, and created a whole new one based on an it@<domain>.
          How do I remove the old authorization from osticket? Do I need to blow away the oauth phar file and remove all of hte config and start from scratch again?

            mhayden-dmatrix

            Email Mismatch: Expecting Authorization for it@<domain> not mhayden@<domain>

            This means when it took you to MS to authenticate you authenticated as the wrong account. You should login as it@ not your personal account.

            Cheers.

              Seems to have worked, thank you! It had to time out, though - took about 24 hours.
              I see there's some discussion of a need for a cron job to pull email in from MS?

                Aargh.
                It seems to not be working again.

                This is what's in root crontab:

                */5 * * * * www-data /usr/bin/php /var/www/html/osticket/upload/api/cron.php

                (using www-data account rather than nobody; is that ok?)

                thanks

                Hmm. I'm doing it in root's crontab, but I'll consider that change.
                It's working now so I'm loath to modify it.
                thanks!

                a month later

                The user name that you use indicates what user the task is executed as.
                If your webserver runs as www-data then that is the username that you should use.
                Generally speaking you probably want to do it using www-data.

                Write a Reply...