Posted on 12-20-2015 04:58 PM
Hey everyone,
We used to have a configuration profile that would add the users mail automatically and it worked fine. Recently, when the user enters in their password we get the following error: "Unable to verify account or password".
The weird thing is that when you add it manually using the predefined "Google" mail option in the mail setup, it adds automatically and works fine.
Is there a way to resolve this issue and allow mail profiles to work? If anyone has a script which manually adds in the account as a predefined google account, that would be amazing!
EDIT It seems like this is an issue with OAuth 2 authentication. When adding the account using the google mail option in mail.app setup, a OAuth2 window pops up for authentication. When the account is configured manually, you cannot authenticate with OAuth2 so the login fails. I have tried allowing access to less secure apps in the gmail settings but this doesn't resolve the issue.
Posted on 12-20-2015 05:44 PM
Hey,
I've replied to you in Slack but in case you don't see it. I might be wildly off with this but here goes...
I can replicate the issue using my company google account. I tested with some profiles using googles gmail settings.
I'm leaning towards it being something to do with SSO. Perhaps there's an additional information that gets sent back (or something) from google when 'manually' adding the account to the mail.app.
I would now either go to google and ask what magical wizardry is going on in the background or take a hands off approach and get the end-users to login to their own accounts. I guess it depends on how much work you wanna do! ;)
EDIT:
Strangely I just got a sign-in prevented email from google...
Hi Josh, Someone just tried to sign in to your Google Account x@x.com from an app that doesn't meet modern security standards.
I'd try the less secure devices setting in google admin at this point.