[horde] ActiveSync not authenticating - 401 Unauthorized

OnkelM onkelm08 at gmail.com
Mon Jun 8 20:34:17 UTC 2015 

Am 08.06.2015 10:08 nachm. schrieb "Simon B" <simon.buongiorno at gmail.com>:
>
>
> On 8 Jun 2015 20:58, "OnkelM" <onkelm08 at gmail.com> wrote:
> >
> > Am 08.06.2015 9:45 nachm. schrieb "Michael J Rubinsky" <
mrubinsk at horde.org>:
> > >
> > >
> > > Quoting OnkelM <onkelm08 at gmail.com>:
> > >
> > >> 2015-06-08 21:19 GMT+02:00 Michael J Rubinsky <mrubinsk at horde.org>:
> > >>
> > >>>
> > >>> Quoting OnkelM <onkelm08 at gmail.com>:
> > >>>
> > >>>  Hi Michael,
> > >>>>
> > >>>>
> > >>>> here is my config:
> > >>>>
> > >>>>  $conf['auth']['params']['app'] = 'imp';
> > >>>>>
> > >>>>>
> > >>>>
> > >>>> $conf['activesync']['auth']['type'] = 'basic';
> > >>>>
> > >>>> $conf['activesync']['autodiscovery'] = 'full';
> > >>>>
> > >>>
> > >>> Does your auth backend require full email addresses as usernames?
> > >>>
> > >>>
> > >>>
> > >>>  $conf['activesync']['enabled'] = true;
> > >>>>
> > >>>>
> > >>>>
> > >>>> i am not using auth hooks, only the default settings
> > >>>>
> > >>>> so... where should is start to track it down? how?
> > >>>>
> > >>>>
> > >>>>
> > >>>> Gruß
> > >>>>
> > >>>> 2015-06-08 20:39 GMT+02:00 Michael J Rubinsky <mrubinsk at horde.org>:
> > >>>>
> > >>>>
> > >>>>> Quoting OnkelM <onkelm08 at gmail.com>:
> > >>>>>
> > >>>>>  Hello,
> > >>>>>
> > >>>>>>
> > >>>>>> how is this happening? I made the following test request:
> > >>>>>>
> > >>>>>> POST https://horde-host/Microsoft-Server-ActiveSync
> > >>>>>>
> > >>>>>>  ?DeviceType=WP8&Cmd=Provision&DeviceId=12345678901
> > >>>>>>>
> > >>>>>>>
> > >>>>>>> HEADERS
> > >>>>>>>
> > >>>>>>> *Accept:* */*
> > >>>>>>>
> > >>>>>>> *Accept-Encoding:* gzip, deflate
> > >>>>>>>
> > >>>>>>> *Accept-Language:* de
> > >>>>>>>
> > >>>>>>> *Authorization:* Basic
YWRtaW5Ab25rZWxtLmNvbTpCZDMwMDQ4NCM5NjQ0MA==
> > >>>>>>>
> > >>>>>>> *Cache-Control:* no-cache
> > >>>>>>>
> > >>>>>>> *Connection:* Keep-Alive
> > >>>>>>>
> > >>>>>>> *Content-Length:* 600
> > >>>>>>>
> > >>>>>>> *Content-Type:* application/vnd.ms-sync.wbxml
> > >>>>>>>
> > >>>>>>> *Host:* horde-host
> > >>>>>>>
> > >>>>>>> *Ms-Asprotocolversion:* 14.0
> > >>>>>>>
> > >>>>>>> *User-Agent:* runscope/0.1,ASOM
> > >>>>>>>
> > >>>>>>> *X-Ms-Policykey:* 0
> > >>>>>>> QUERYSTRING
> > >>>>>>>
> > >>>>>>> *Cmd:* Provision
> > >>>>>>>
> > >>>>>>> *DeviceId:* 12345678901
> > >>>>>>>
> > >>>>>>> *DeviceType:* WP8
> > >>>>>>> BODY
> > >>>>>>>
> > >>>>>>> <?xml version="1.0" encoding="utf-8" ?><Provision
> > >>>>>>>   xmlns="Provision:">
> > >>>>>>>   <DeviceInformation
> > >>>>>>>     xmlns="Settings:">
> > >>>>>>>     <Set>
> > >>>>>>>       <Model>RM-821_eu_euro2_248</Model>
> > >>>>>>>       <IMEI>imeiimeiimeiimeiimei</IMEI>
> > >>>>>>>       <FriendlyName>Lumia 920</FriendlyName>
> > >>>>>>>       <OS>Windows Phone 8.0.9903</OS>
> > >>>>>>>       <OSLanguage>German</OSLanguage>
> > >>>>>>>       <PhoneNumber>+0152xxxxxxxx</PhoneNumber>
> > >>>>>>>       <UserAgent>MSFT-WP/8.0.9903</UserAgent>
> > >>>>>>>       <EnableOutboundSMS>0</EnableOutboundSMS>
> > >>>>>>>     </Set>
> > >>>>>>>   </DeviceInformation>
> > >>>>>>>   <Policies>
> > >>>>>>>     <Policy>
> > >>>>>>>       <PolicyType>MS-EAS-Provisioning-WBXML</PolicyType>
> > >>>>>>>     </Policy>
> > >>>>>>>   </Policies></Provision>
> > >>>>>>>
> > >>>>>>>
> > >>>>>>>  And Horde is answering this:
> > >>>>>>>
> > >>>>>>
> > >>>>>>  401 Unauthorized
> > >>>>>>
> > >>>>>>
> > >>>>>>>  HEADERS
> > >>>>>>>
> > >>>>>>
> > >>>>>>
> > >>>>>>> *Allow:* OPTIONS,POST
> > >>>>>>>
> > >>>>>>> *Cache-Control:* private, max-age=10800, pre-check=10800
> > >>>>>>>
> > >>>>>>> *Connection:* Keep-Alive
> > >>>>>>>
> > >>>>>>> *Content-Encoding:* gzip
> > >>>>>>>
> > >>>>>>> *Content-Type:* text/html
> > >>>>>>>
> > >>>>>>> *Date:* Mon, 08 Jun 2015 18:17:07 GMT
> > >>>>>>>
> > >>>>>>> *Expires:* Thu, 19 Nov 1981 08:52:00 GMT
> > >>>>>>>
> > >>>>>>> *Keep-Alive:* timeout=2, max=1000
> > >>>>>>>
> > >>>>>>> *Last-Modified:* Fri, 05 Jun 2015 15:28:26 GMT
> > >>>>>>>
> > >>>>>>> *Ms-Asprotocolcommands:*
> > >>>>>>>
> > >>>>>>>
> > >>>>>>>
> >
Sync,SendMail,SmartForward,SmartReply,GetAttachment,GetHierarchy,CreateCollection,DeleteCollection,MoveCollection,FolderSync,FolderCreate,FolderDelete,FolderUpdate,MoveItems,GetItemEstimate,MeetingResponse,Search,Settings,Ping,ItemOperations,Provision,ResolveRecipients,ValidateCert
> > >>>>>>>
> > >>>>>>> *Ms-Asprotocolversions:* 2.5,12.0,12.1,14.0,14.1
> > >>>>>>>
> > >>>>>>> *Ms-Server-Activesync:* 14.2
> > >>>>>>>
> > >>>>>>> *Public:* OPTIONS,POST
> > >>>>>>>
> > >>>>>>> *Server:* Apache
> > >>>>>>>
> > >>>>>>> *Set-Cookie:* PHPSESSID=8f3379819e428da3e5e28cf0b60c872c; path=/
> > >>>>>>>
> > >>>>>>> *Transfer-Encoding:* chunked
> > >>>>>>>
> > >>>>>>> *Vary:* Accept-Encoding
> > >>>>>>>
> > >>>>>>> *Www-Authenticate:* Basic realm="Horde ActiveSync"
> > >>>>>>> BODY
> > >>>>>>>
> > >>>>>>> (empty)
> > >>>>>>>
> > >>>>>>>
> > >>>>>>>
> > >>>>>>>  Why is Horde not accepting my login ?
> > >>>>>>
> > >>>>>>
> > >>>>>>
> > >>>>> Could be a number of reasons: Misconfigured ActiveSync settings
> > >>>>> (configured to use full email address as username but only sending
> > >>>>> username, or the reverse), misconfigured auth hooks, x509 cert
> > >>>>> misuse/configuration etc...
> > >>>>>
> > >>>>>
> > >>>>> --
> > >>>>> mike
> > >>>>> The Horde Project
> > >>>>> http://www.horde.org
> > >>>>> https://www.facebook.com/hordeproject
> > >>>>> https://www.twitter.com/hordeproject
> > >>>>>
> > >>>>> --
> > >>>>> Horde mailing list
> > >>>>> Frequently Asked Questions: http://horde.org/faq/
> > >>>>> To unsubscribe, mail: horde-unsubscribe at lists.horde.org
> > >>>>>
> > >>>>>
> > >>>>>
> > >>>
> > >>>
> > >>> --
> > >>> mike
> > >>> The Horde Project
> > >>> http://www.horde.org
> > >>> https://www.facebook.com/hordeproject
> > >>> https://www.twitter.com/hordeproject
> > >>>
> > >>> --
> > >>> Horde mailing list
> > >>> Frequently Asked Questions: http://horde.org/faq/
> > >>> To unsubscribe, mail: horde-unsubscribe at lists.horde.org
> > >>>
> > >>>
> > >>
> > >> Does your auth backend require full email addresses as usernames?
> > >>
> > >>
> > >> do you mean the horde setting or the imap login?
> > >> horde is configured to use full email address with @ and host,
> > >> tried to login to my imap server with the full email address as
username
> > >> and password and it worked
> > >> i can login to webmail in horde with the full email address as the
login
> > >> name and the password.
> > >
> > >
> > > ...and this is what you have explicitly typed into the ActiveSync
client?
> > >
> > >
> > > --
> > > mike
> > > The Horde Project
> > > http://www.horde.org
> > > https://www.facebook.com/hordeproject
> > > https://www.twitter.com/hordeproject
> > >
> > > --
> > > Horde mailing list
> > > Frequently Asked Questions: http://horde.org/faq/
> > > To unsubscribe, mail: horde-unsubscribe at lists.horde.org
> > >
> >
> > Sure i did it. I made sure i typed the username and password correctly
> > letter by letter.
> >
> > Should i create a new mailbox with username test and password test and
add
> > him to the admins list of horde to show ?
>
> It's a valid question because at least on my client, after typing in the
full email address and password, the setting reverts to just the part
before the @
>
> Simon

I just created a new mail-user test with password 123456.
I can login to horde webmail.
But activesync still says wrong user/pass/unauthorized
I tried enabeling provisioning and disabeling it.
I tried with only the username without the @ and host and also tried with
this as setting on horde autodiscovery = "use only the username"

Still no luck...

Could it be an php/apache issue?

I have to use php as FPM FastCGI b/c only v.5.2 is as apache mod available.
$_SERVER Environment Variables set will have an extra "REDIRECT_" before
the variable...
Like this: _SERVER["REDIRECT_HTTP_MS_ASPROTOCOLVERSION"]

Could this be the issue?

More information about the horde mailing list