mguessan
commented
1 year ago Phone checks means you have MFA enabled, I would strongly suggest you add Microsoft Authenticator as an authentication factor on your account, SMS by phone is not secure enough.
Then switch to O365Interactive or O365Manual to validate you can authenticate with MFA
I also need to simplify the authentication modes:
- EWS: for on prem Exchange
- O365: EWS on O365, may have to deprecate this one, basic authentication is now disabled on (almost ?) all tenants
- O365Modern: fully automated OIDC authentication, working when MFA is not enabled and used to work with MS Authenticator... however now that number matching is enforced fully transparent auth with MFA is no longer an option. You may be able to grab the number matching number in logs but this in not practical
- O365Interactive: O365 authentication with embedded browser, will work with most MFAs but not when workplace join is enforced
- O365Manual: Fallback for interactive authentication, use your own browser to authenticate
logological
We had an instance of DavMail working perfectly on a server, connecting to https://outlook.office365.com/EWS/Exchange.asmx using davmail.mode=O365Modern. This worked with no issues for many months.
Recently it seems O365 is enforcing phone checks, etc. during logins. Since this happened, we get the following error trying to use DavMail: Authentication failed: invalid user or password
Obviously this seems tied to the O365 changes.
We tried the suggested workaround: davmail.oauth.clientId=d3590ed6-52b3-4102-aeff-aad2292ab01c davmail.oauth.redirectUri=urn:ietf:wg:oauth:2.0:oob ...but this achieved the same result.
Is there any current workaround in this situation, where we need DavMail to run on a server with no manual interaction?