It sounds like maybe IMAP is disabled in your tenant via a policy or potentially at each email level.
Cheers.
v.1.18.1 upgrade login issue
IMAP is enabled. These emails all fetched previously to the OAuth2 plugin needing to be updated.
Then are you certain you authorized the correct email accounts? Did you do each one in an Incognito window and login as each mailbox when directed to Microsoft?
Cheers.
Also ensure your all your Scopes are set to offline_access https://outlook.office.com/IMAP.AccessAsUser.All https://outlook.office.com/POP.AccessAsUser.All https://outlook.office.com/SMTP.Send.
Cheers.
Yes, I logged into each one in separate incognito windows. I've re-copied that Scopes string to be sure, and I am still getting the same error.
Hmm, the only thing I can think of is to check the logs in Microsoft to see why it's failing authentication.
Cheers.
6 days later
So I've been working with my director to see if we can figure this out and we are still unable to get emails fetched. The MS logs show successful logins, IMAP is enabled, the token gets refreshed, but it still says Authenticate Failed when clicking Save Changes. Any other ideas?
See if there is a policy attached to the user (on the microsoft side) that is restricting IMAP. They have commands you can run for each user to see if it's enabled, etc. You'd need to look at guides online for such steps.
If you are using a hosting company instead of running your own server/vm then I'd recommend reaching out to them to see if they disable external IMAP, etc. I've seen in the past where such restrictions from hosts causes such issues.
Cheers.
There are no restrictions on IMAP. I went through the process with my Sr. Director today. He wanted me to ask why it is able to authenticate for app registration but when I try to with the email it will not?
- Edited
Because that's completely separate. The App Registration authorization is strictly to allow the software to request tokens for things like IMAP and SMTP. IMAP is a protocol to collect mail from a mailserver. The only other thing I can recommend is deleting the email from osTicket and re-adding it and reconfiguring it. If that doesn't work then something isn't right on the microsoft end or on the server itself that's not allowing it to authenticate against IMAP.
Cheers.
Just to add some more info. I've recreated the emails in OSticket and still get the Authenticate Failed error. If I turn off email fetching everything saves fine. When I turn on email fetching the error comes back.
That is quite the interesting dilemma. Then it appears something on the Microsoft end or host end is preventing the connection. Unless of course the app isn't properly configured or using wrong scopes or something (which we already went over). I would triple check all the logs on the server to see if something is blocking it. You can try a telnet to the host and port from the server CLI to see if the connection succeeds. If it doesn't then you know something is blocking the connection.
Cheers.
So I went back and re-created all of the emails in the system again. This time I got the token and saved the configs before enabling fetching. It saved fine. I enabled fetching and saved without error. All emails began fetching. I'm not sure what changed but it is all working now. Thanks for your help.