[Bug]: iOS Configuration Profile DAAccountValidationDomain-Error 100.

[Gabgobie]

⚠️ This issue respects the following points: ⚠️

• This is a bug, not a question or a configuration/webserver/proxy issue.
• This issue is not already reported on Github OR Nextcloud Community Forum (I've searched it).
• Nextcloud Server is up to date. See Maintenance and Release Schedule for supported versions.
• I agree to follow Nextcloud's Code of Conduct.

Bug description

I am using the most recent version of Nextcloud Snap on Ubuntu 22.04.5 LTS (GNU/Linux 5.15.0-130-generic x86_64)

When I try to integrate my iPhone's calendar and contacts by using the Nextcloud App's configuration profile, I will be presented with the option to enter a password. No matter if I

1. enter mine
2. leave it blanc
3. generate an App password, which I then enter there

I will be presented with a "DAAccountValidationDomain-Fehler 100.", which I assume translates to "DAAccountValidationDomain-Error 100.".

This issue first appeared after I enabled TOTP 2FA for my account. I already tried disabling 2FA for my account in the meantime but no luck. The error is still there.

Steps to reproduce

1. Install Nextcloud
2. Install TOTP App
3. Enable TOTP for your user
4. Use iOS Nextcloud App to get a configuration profile
5. Try to enable the profile <- this is where the error occurs
6. Disable TOTP for your user (the app is still active because I need the Admin account which doesn't need to be integrated anywhere is under maximum security)
7. Load new config profile
8. Try to enable it <- the same error still occurs

Expected behavior

I think it's fair to fail when TOTP is enabled since there is no way to enter the code but it should work with an App password, which it doesn't.

In a perfect world I'd expect the Nextcloud App, which is already authenticated as your user, to generate and include an app password in the configuration profile. I don't know about the limitations from Apple's side in this regard though.

More than anything I'd expect for the authentication to work at all ^^

Nextcloud Server version

30

Operating system

Debian/Ubuntu

PHP engine version

None

Web server

None

Database engine version

None

Is this bug present after an update or on a fresh install?

None

Are you using the Nextcloud Server Encryption module?

Encryption is Disabled

What user-backends are you using?

• Default user-backend (database)
• LDAP/ Active Directory
• SSO - SAML
• Other

Configuration report

nextcloud@nextcloud:~$ sudo nextcloud.occ config:list system
{
    "system": {
        "apps_paths": [
            {
                "path": "\/snap\/nextcloud\/current\/htdocs\/apps",
                "url": "\/apps",
                "writable": false
            },
            {
                "path": "\/var\/snap\/nextcloud\/current\/nextcloud\/extra-apps",
                "url": "\/extra-apps",
                "writable": true
            }
        ],
        "supportedDatabases": [
            "mysql"
        ],
        "memcache.locking": "\\OC\\Memcache\\Redis",
        "memcache.local": "\\OC\\Memcache\\Redis",
        "redis": {
            "host": "***REMOVED SENSITIVE VALUE***",
            "port": 0
        },
        "log_type": "file",
        "logfile": "\/var\/snap\/nextcloud\/current\/logs\/nextcloud.log",
        "logfilemode": 416,
        "instanceid": "***REMOVED SENSITIVE VALUE***",
        "passwordsalt": "***REMOVED SENSITIVE VALUE***",
        "secret": "***REMOVED SENSITIVE VALUE***",
        "trusted_domains": [
            "***REMOVED SENSITIVE VALUE***",
            "***REMOVED SENSITIVE VALUE***",
            "***REMOVED SENSITIVE VALUE***"
        ],
        "trusted_proxies": "***REMOVED SENSITIVE VALUE***",
        "datadirectory": "***REMOVED SENSITIVE VALUE***",
        "dbtype": "mysql",
        "version": "30.0.4.1",
        "overwrite.cli.url": "***REMOVED SENSITIVE VALUE***",
        "dbname": "***REMOVED SENSITIVE VALUE***",
        "dbhost": "***REMOVED SENSITIVE VALUE***",
        "dbport": "",
        "dbtableprefix": "oc_",
        "mysql.utf8mb4": true,
        "dbuser": "***REMOVED SENSITIVE VALUE***",
        "dbpassword": "***REMOVED SENSITIVE VALUE***",
        "installed": true,
        "maintenance": false,
        "mail_from_address": "***REMOVED SENSITIVE VALUE***",
        "mail_smtpmode": "smtp",
        "mail_sendmailmode": "smtp",
        "mail_domain": "***REMOVED SENSITIVE VALUE***",
        "mail_smtpauthtype": "LOGIN",
        "mail_smtpauth": 1,
        "mail_smtpport": "465",
        "mail_smtpname": "***REMOVED SENSITIVE VALUE***",
        "mail_smtppassword": "***REMOVED SENSITIVE VALUE***",
        "app_install_overwrite": [
            "caniupdate"
        ],
        "default_phone_region": "DE",
        "opcache.interned_strings_buffer": "16",
        "opcache.save_comments": "1",
        "opcache.revalidate_freq": "60",
        "loglevel": 2,
        "mail_smtpsecure": "ssl",
        "mail_smtphost": "***REMOVED SENSITIVE VALUE***",
        "theme": "",
        "maintenance_window_start": 1
    }
}
nextcloud@nextcloud:~$

List of activated Apps

nextcloud@nextcloud:~$ sudo nextcloud.occ app:list
Enabled:
  - activity: 3.0.0
  - announcementcenter: 7.0.1
  - app_api: 4.0.3
  - bruteforcesettings: 3.0.0
  - calendar: 5.0.8
  - cfg_share_links: 6.1.1
  - checksum: 1.2.5
  - circles: 30.0.0
  - cloud_federation_api: 1.13.0
  - comments: 1.20.1
  - contacts: 6.1.3
  - contactsinteraction: 1.11.0
  - dashboard: 7.10.0
  - dav: 1.31.1
  - end_to_end_encryption: 1.16.1
  - event_update_notification: 2.5.0
  - external: 5.5.2
  - federatedfilesharing: 1.20.0
  - files: 2.2.0
  - files_accesscontrol: 1.20.1
  - files_antivirus: 5.6.1
  - files_external: 1.22.0
  - files_lock: 30.0.1
  - files_pdfviewer: 3.0.0
  - files_reminders: 1.3.0
  - files_sharing: 1.22.0
  - files_trashbin: 1.20.1
  - firstrunwizard: 3.0.0
  - flow_notifications: 1.10.1
  - groupfolders: 18.0.8
  - integration_paperless: 1.0.4
  - lookup_server_connector: 1.18.0
  - metadata: 0.21.0
  - nextcloud_announcements: 2.0.0
  - notes: 4.11.0
  - notifications: 3.0.0
  - oauth2: 1.18.1
  - privacy: 2.0.0
  - provisioning_api: 1.20.0
  - quota_warning: 1.20.0
  - related_resources: 1.5.0
  - richdocuments: 8.5.3
  - root_cache_cleaner: 0.1.8
  - serverinfo: 2.0.0
  - settings: 1.13.0
  - side_menu: 4.0.1
  - suspicious_login: 8.0.0
  - systemtags: 1.20.0
  - tasks: 0.16.1
  - text: 4.1.0
  - theming: 2.5.0
  - theming_customcss: 1.18.0
  - twofactor_backupcodes: 1.19.0
  - twofactor_totp: 12.0.0-dev
  - viewer: 3.0.0
  - weather_status: 1.10.0
  - webhook_listeners: 1.1.0-dev
  - workflowengine: 2.12.0
Disabled:
  - admin_audit: 1.20.0
  - appointments: 2.3.5 (installed 2.3.5)
  - breezedark: 29.0.0 (installed 29.0.0)
  - encryption: 2.18.0
  - federation: 1.20.0 (installed 1.14.0)
  - files_downloadlimit: 3.0.0 (installed 1.1.0)
  - files_versions: 1.23.0 (installed 1.20.0)
  - impersonate: 1.17.1 (installed 1.17.1)
  - logreader: 3.0.0 (installed 2.12.0)
  - maps: 1.5.0 (installed 1.5.0)
  - password_policy: 2.0.0 (installed 1.17.0)
  - photos: 3.0.2 (installed 1.6.0)
  - recommendations: 3.0.0 (installed 1.3.0)
  - sharebymail: 1.20.0 (installed 1.14.0)
  - support: 2.0.0 (installed 1.10.0)
  - survey_client: 2.0.0 (installed 1.12.0)
  - timetracker: 0.0.84 (installed 0.0.84)
  - twofactor_nextcloud_notification: 4.0.0
  - user_ldap: 1.21.0
  - user_status: 1.10.0 (installed 1.7.0)
nextcloud@nextcloud:~$

Nextcloud Signing status

No errors have been found.

Nextcloud Logs

Additional info

I left some fiels as none in the info about my setup because I've had this issue since multiple major version upgrades and my current version is not going to affect the outcome. I'm using the Snap so I'm usually auto-updated to the latest available.

[strich3]

I have the same error

[davekch]

I had the same error and these are the things that made it work for me in the end:

• add DNS entries as described in this discussion
• make sure service discovery works. When using a proxy, the proxy should handle the redirect (otherwise the redirect will point to a http address which IOS will not accept, even if it further redirects to https)
• use an app password
• this is embarrassing now, but I'll share it in case it drives anyone else nuts: the settings app needs to have permission to access network.

[strich3]

I think my .well-known redirects me to often, I don‘t know what‘s causing it tho since the config is right and the system diagnose thing doesn‘t seem to care. Any Idea what it could be and how I can find it out? Thanks :)

[strich3]

Well no, wrong issue and has nothing to do with the current topic. I found out what was causing the problem. Thank you for helping me!

[joshtrichards]

This doesn't appear to be a Nextcloud error:

https://www.reddit.com/r/MacOS/comments/1f3e9w8/cant_add_google_account_calendar_to_macos/