v1.17 to v1.17.5 upgrade. I had the oauth plugin I downloaded with 1.17.5 in the /include/plugins folder. The usual osticket upgrade process looked normal. The plugin still had v0.6 listed with the previous plugin date. However, I think that's still the latest one even with original oauth plugin info displayed. That's under admin, manage, plugins... Oauth2 Client version 0.6 enabled date installed is a few years ago though. I was expecting to see a new version and maybe have to remove that and add the new one and put in all the details again.... But it appears to be working.
So on the email, account, settings, remote setting page... There's now a box for "strict matching." That's probably from v1.17.5 then and not the oauth plugin (so I'm still wondering if I've really got the latest plugin in use but there's nothing else in the server folder under plugins except this latest oauth plugin.).
I have several osticket set ups, all completely separated from each other. A few email accounts have different settings though. I'm still getting the first osticket upgraded to 1.17.5 The email account is listed as mxsomething for the actual account. My organization uses an alias on top of that so it also has @myorg.com on that. For general use, they're the same. In the past, on the osticket set up I'm looking at, I would use the @myorg.com part in the remote email account settings, not mxsomething. If I plug in the actual account, the mxsomething, I get an error in osticket Mode: Expecting Authorization for myemail@mxsomething and not myemail@myorg.com. So I tried just unchecking the remote mailbox "strict matching"/strict mode setting.... It took it. It's green and happy. Saved it. Email is pulling now. How much of an issue is that though? Is it a security concern?
And then I believe that's something with smtp something something..... Something on the email settings that the email part of my organization would handle. There's something like a primary or preferred name. It can be set to that @mxsomething or @myorg.com. And that determines what you use to log into the actual microsoft account.
Strict matching might not be super important though? It's not a dire, critical security concern?
