This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(188.79999999999998, 17%, 28%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAM%3C/text%3E%3C/svg%3E)
Greetings!
I have a web app that uses oauth authentication with IMAP/SMTP protocols to access emails in office365/outlook mailboxes. But a few customers had a problem connecting through those protocols Server returns A0003 BAD User is authenticated but not connected after selecting mailbox. I've tested oauth flow with my personal outlook and office365 accounts - and I haven't experienced such error.
Customers that have this problem has a normal mailbox, not shared one. Also SMPT/IMAP options are turned on. The problem began a couple days ago, no changes in oauth flow in my web application were done.
I've did some research on my own but didn't find much. So my questions are :
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(51.2, 59%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EPC%3C/text%3E%3C/svg%3E)
Did you find a solution for this?
If you can share it in case you have found it.
Thanks
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(131.20000000000002, 34%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ENA%3C/text%3E%3C/svg%3E)
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(38.4, 75%, 13%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESR%3C/text%3E%3C/svg%3E)
I am currently experiencing this issue too, for us it seems to be an issue with any account that is synched via AD-Connect... all cloud only accounts work fine (i.e create a user in O365 portal it will work, either with user@keyman .onmicrosoft.com, or any of our other non-synched domains in the tenant but the onprem sync is giving issues). Not sure if there are missing attribute from our onprem AD schema that is required for modern authentication or if its a similar issue as others here?
If anyone has solved it would love to hear how.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(48, 74%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESN%3C/text%3E%3C/svg%3E)
Why does microsoft pull shit like this to fuck it's users. Makes you want to buy an Apple computer and get rid of microsoft once and for all. very fucked up company and user UNFRIENDLY !!!!!!!!!!!!!!!!!
This comment has been deleted due to a violation of our Code of Conduct. The comment was manually reported or identified through automated detection before action was taken. Please refer to our Code of Conduct for more information.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(160, 31%, 25%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ES%3C/text%3E%3C/svg%3E)
Check out this once for fixing error Bad User Is Authenticated But Not Connected if you found useful
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(214.4, 81%, 30%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMT%3C/text%3E%3C/svg%3E)
Hi @Andrii Maslov ,
I have not encountered this issue myself, but have seen some similar cases where this can happen if someone enters a bad password or credentials, or unsuccessful MFA. It will look like there was a successful authentication when there wasn't one.
I found an issue where someone else received this error, and it looks like it can happen due to an incorrect CLI command.
The solution listed in the thread:
proper CLI arguments for imapsync are: --authuser2 "******@domain.tld" --user2 "******@domain.tld" --office2
Before that, the following PowerShell command must be executed: Add-MailboxPermission -identity ******@domain.tld -user ******@domain.tld -accessrights fullaccess -inheritancetype all
Hi @MarileeTurscak,
Thank you for your response.
I'm using xoauth method for authorization with IMAP/SMTP protocols so it's only token passed there, but sign-in process and obtaining access token are successful. I've tried to enter invalid pass myself and it just fails on sing-in with appropriate error message. Also, there are no MFA methods enabled for these users.
Were there some policies introduced, like default Security policy, that can block such access? Customer also says there are no Failure in Sign-in logs.
I myself do not have access to those user's azure/o365 admin portals, so running shell commands isn't option right now.
I can describe whole oauth flow with my app, maybe it has some flaws that you could point out.