glpi-project
Clear SMTP Authentication credentials not working in email followup configuration
Code of Conduct
- [x] I agree to follow this project's Code of Conduct
Is there an existing issue for this?
- [x] I have searched the existing issues
Version
10.0.18
Bug description
I've been trying to migrate email followups from SMTP Auth via SMTP+TLS to SMTPOAuth as Microsoft is soon deprecating SMTP Auth and i've discovered an issue when trying to migrate protocol.
On already setup GLPI instances, if we try to setup the OAuth2 app details and then try with the test email, the test will always fail.
Navigating to the all section of /front/notificationmailingsetting.form.php shows that SMTP login is still compiled and possibly being used, even though we're using another protocol.
Trying to delete the SMTP auth credentials by using the clear button and then saving, doesn't actually clear the SMTP credentials. This is proven by the fact that if we logout and login again, navigate to the /front/notificationmailingsetting.form.php page and referr to the ALL section, the SMTP Login is again compiled.
Relevant log output
Nothing shows up in any log that i was able to read.
Page URL
/front/notificationmailingsetting.form.php
Steps To reproduce
- Setup email followps first using the SMTP Auth protocol with SMTP+TLS
- Send a test email to ensure it works
- Now try to migrate to SMTPOAuth, switching the dropdown from SMTP+TLS to SMTPOAUTH
- Compile each field of the dedicated section with the necessary details (provider, client id, client secret, tenant id etc.)
- Proceed with the authorization using the mailbox that GLPI will use to send emails
- Save
- Try to send a test email, the expected output is the red popup on the bottom right stating "Failed to send a test email to the administrator"
- Logout and login
- Navigate to the email followup configuration page and click the "all" section on the left
- Under the mail server oauth2 configuration, where client id etc. fields are located, you should still see the smtp login fields compiled (only email as password is hidden)
Your GLPI setup information
Information about system installation and configuration
GLPI 10.0.18 ( => /var/www/html/glpi) Installation mode: TARBALL Current language:en_GB
Server
Operating system: Linux glpi 5.15.0-139-generic #149-Ubuntu SMP Fri Apr 11 22:06:13 UTC 2025 x86_64 PHP 8.2.27 apache2handler (Core, FFI, PDO, Phar, Reflection, SPL, SimpleXML, Zend OPcache, apache2handler, bz2, calendar, ctype, curl, date, dom, exif, fileinfo, filter, ftp, gd, gettext, hash, iconv, imap, intl, json, ldap, libxml, mbstring, mysqli, mysqlnd, openssl, pcre, pdo_mysql, posix, random, readline, session, shmop, sockets, sodium, standard, sysvmsg, sysvsem, sysvshm, tokenizer, xml, xmlreader, xmlrpc, xmlwriter, xsl, zip, zlib) Setup: max_execution_time="30" memory_limit="128M" post_max_size="8M" safe_mode="" session.save_handler="files" upload_max_filesize="2M" disable_functions="" Software: Apache/2.4.62 (Debian) (Apache/2.4.62 (Debian) Server at tk.imprendiroma.it Port 443 ) Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Edg/136.0.0.0 Server Software: mariadb.org binary distribution Server Version: 10.11.11-MariaDB-ubu2204 Server SQL Mode: STRICT_TRANS_TABLES,ERROR_FOR_DIVISION_BY_ZERO,NO_AUTO_CREATE_USER,NO_ENGINE_SUBSTITUTION Parameters: glpi@glpi_db/glpi Host info: glpi_db via TCP/IPPHP version (8.2.27) is supported. Sessions configuration is OK. Allocated memory is sufficient. mysqli extension is installed. Following extensions are installed: dom, fileinfo, filter, libxml, json, simplexml, xmlreader, xmlwriter. curl extension is installed. gd extension is installed. intl extension is installed. zlib extension is installed. The constant SODIUM_CRYPTO_AEAD_XCHACHA20POLY1305_IETF_NPUBBYTES is present. Database engine version (10.11.11) is supported. No files from previous GLPI version detected. The log file has been created successfully. Write access to /var/lib/glpi/_cache has been validated. Write access to /var/lib/glpi/_cron has been validated. Write access to /var/lib/glpi has been validated. Write access to /var/lib/glpi/_dumps has been validated. Write access to /var/lib/glpi/_graphs has been validated. Write access to /var/lib/glpi/_lock has been validated. Write access to /var/lib/glpi/_pictures has been validated. Write access to /var/lib/glpi/_plugins has been validated. Write access to /var/lib/glpi/_rss has been validated. Write access to /var/lib/glpi/_sessions has been validated. Write access to /var/lib/glpi/_tmp has been validated. Write access to /var/lib/glpi/_uploads has been validated.
Web server root directory configuration seems safe. Sessions configuration is secured. OS and PHP are relying on 64 bits integers. exif extension is installed. ldap extension is installed. openssl extension is installed. Following extensions are installed: bz2, Phar, zip. Zend OPcache extension is installed. Following extensions are installed: ctype, iconv, mbstring, sodium. Write access to /var/www/html/glpi/marketplace has been validated. Timezones seems loaded in database.
GLPI constants
GLPI_ROOT: "/var/www/html/glpi" GLPI_CONFIG_DIR: "/etc/glpi" GLPI_VAR_DIR: "/var/lib/glpi" GLPI_LOG_DIR: "/var/log/glpi" GLPI_MARKETPLACE_DIR: "/var/www/html/glpi/marketplace" GLPI_USE_CSRF_CHECK: "1" GLPI_CSRF_EXPIRES: "7200" GLPI_CSRF_MAX_TOKENS: "100" GLPI_USE_IDOR_CHECK: "1" GLPI_IDOR_EXPIRES: "7200" GLPI_ALLOW_IFRAME_IN_RICH_TEXT: false GLPI_SERVERSIDE_URL_ALLOWLIST: ["#^http://[^@:]+(:80)?(/.)?$#","#^https://[^@:]+(:443)?(/.)?$#","#^feed://[^@:]+(/.)?$#"] GLPI_DISALLOWED_UPLOADS_PATTERN: "/\.(php\d|phar)$/i" GLPI_TELEMETRY_URI: "https://telemetry.glpi-project.org" GLPI_INSTALL_MODE: "TARBALL" GLPI_NETWORK_MAIL: "[email protected]" GLPI_NETWORK_SERVICES: "https://services.glpi-network.com" GLPI_MARKETPLACE_ALLOW_OVERRIDE: true GLPI_MARKETPLACE_MANUAL_DOWNLOADS: true GLPI_USER_AGENT_EXTRA_COMMENTS: "" GLPI_DISABLE_ONLY_FULL_GROUP_BY_SQL_MODE: "1" GLPI_AJAX_DASHBOARD: "1" GLPI_CALDAV_IMPORT_STATE: 0 GLPI_DEMO_MODE: "0" GLPI_CENTRAL_WARNINGS: "1" GLPI_TEXT_MAXSIZE: "4000" GLPI_DOC_DIR: "/var/lib/glpi" GLPI_CACHE_DIR: "/var/lib/glpi/_cache" GLPI_CRON_DIR: "/var/lib/glpi/_cron" GLPI_DUMP_DIR: "/var/lib/glpi/_dumps" GLPI_GRAPH_DIR: "/var/lib/glpi/_graphs" GLPI_LOCAL_I18N_DIR: "/var/lib/glpi/_locales" GLPI_LOCK_DIR: "/var/lib/glpi/_lock" GLPI_PICTURE_DIR: "/var/lib/glpi/_pictures" GLPI_PLUGIN_DOC_DIR: "/var/lib/glpi/_plugins" GLPI_RSS_DIR: "/var/lib/glpi/_rss" GLPI_SESSION_DIR: "/var/lib/glpi/_sessions" GLPI_TMP_DIR: "/var/lib/glpi/_tmp" GLPI_UPLOAD_DIR: "/var/lib/glpi/_uploads" GLPI_INVENTORY_DIR: "/var/lib/glpi/_inventories" GLPI_NETWORK_REGISTRATION_API_URL: "https://services.glpi-network.com/api/registration/" GLPI_MARKETPLACE_PLUGINS_API_URI: "https://services.glpi-network.com/api/marketplace/" GLPI_I18N_DIR: "/var/www/html/glpi/locales" GLPI_VERSION: "10.0.18" GLPI_SCHEMA_VERSION: "10.0.18@d64066799f068b16ee973b377bdd13f984fe062a" GLPI_MARKETPLACE_PRERELEASES: false GLPI_MIN_PHP: "7.4.0" GLPI_MAX_PHP: "8.4.0" GLPI_YEAR: "2025"
Libraries
htmlawed/htmlawed version 1.2.14 in (/var/www/html/glpi/vendor/htmlawed/htmlawed) phpmailer/phpmailer version 6.8.0 in (/var/www/html/glpi/vendor/phpmailer/phpmailer/src) simplepie/simplepie version 1.5.8 in (/var/www/html/glpi/vendor/simplepie/simplepie/library) tecnickcom/tcpdf version 6.8.0 in (/var/www/html/glpi/vendor/tecnickcom/tcpdf) michelf/php-markdown in (/var/www/html/glpi/vendor/michelf/php-markdown/Michelf) true/punycode in (/var/www/html/glpi/vendor/true/punycode/src) iamcal/lib_autolink in (/var/www/html/glpi/vendor/iamcal/lib_autolink) sabre/dav in (/var/www/html/glpi/vendor/sabre/dav/lib/DAV) sabre/http in (/var/www/html/glpi/vendor/sabre/http/lib) sabre/uri in (/var/www/html/glpi/vendor/sabre/uri/lib) sabre/vobject in (/var/www/html/glpi/vendor/sabre/vobject/lib) laminas/laminas-i18n in (/var/www/html/glpi/vendor/laminas/laminas-i18n/src) laminas/laminas-servicemanager in (/var/www/html/glpi/vendor/laminas/laminas-servicemanager/src) monolog/monolog in (/var/www/html/glpi/vendor/monolog/monolog/src/Monolog) sebastian/diff in (/var/www/html/glpi/vendor/sebastian/diff/src) donatj/phpuseragentparser in (/var/www/html/glpi/vendor/donatj/phpuseragentparser/src/UserAgent) elvanto/litemoji in (/var/www/html/glpi/vendor/elvanto/litemoji/src) symfony/console in (/var/www/html/glpi/vendor/symfony/console) scssphp/scssphp in (/var/www/html/glpi/vendor/scssphp/scssphp/src) laminas/laminas-mail in (/var/www/html/glpi/vendor/laminas/laminas-mail/src/Protocol) laminas/laminas-mime in (/var/www/html/glpi/vendor/laminas/laminas-mime/src) rlanvin/php-rrule in (/var/www/html/glpi/vendor/rlanvin/php-rrule/src) ramsey/uuid in (/var/www/html/glpi/vendor/ramsey/uuid/src) psr/log in (/var/www/html/glpi/vendor/psr/log/Psr/Log) psr/simple-cache in (/var/www/html/glpi/vendor/psr/simple-cache/src) psr/cache in (/var/www/html/glpi/vendor/psr/cache/src) league/csv in (/var/www/html/glpi/vendor/league/csv/src) mexitek/phpcolors in (/var/www/html/glpi/vendor/mexitek/phpcolors/src/Mexitek/PHPColors) guzzlehttp/guzzle in (/var/www/html/glpi/vendor/guzzlehttp/guzzle/src) guzzlehttp/psr7 in (/var/www/html/glpi/vendor/guzzlehttp/psr7/src) glpi-project/inventory_format in (/var/www/html/glpi/vendor/glpi-project/inventory_format/lib/php) wapmorgan/unified-archive in (/var/www/html/glpi/vendor/wapmorgan/unified-archive/src) paragonie/sodium_compat in (/var/www/html/glpi/vendor/paragonie/sodium_compat/src) symfony/cache in (/var/www/html/glpi/vendor/symfony/cache) html2text/html2text in (/var/www/html/glpi/vendor/html2text/html2text/src) symfony/css-selector in (/var/www/html/glpi/vendor/symfony/css-selector) symfony/dom-crawler in (/var/www/html/glpi/vendor/symfony/dom-crawler) twig/twig in (/var/www/html/glpi/vendor/twig/twig/src) twig/string-extra in (/var/www/html/glpi/vendor/twig/string-extra) symfony/polyfill-ctype not found symfony/polyfill-iconv not found symfony/polyfill-mbstring not found symfony/polyfill-php80 not found symfony/polyfill-php81 not found symfony/polyfill-php82 in (/var/www/html/glpi/vendor/symfony/polyfill-php82) league/oauth2-client in (/var/www/html/glpi/vendor/league/oauth2-client/src/Provider) league/oauth2-google in (/var/www/html/glpi/vendor/league/oauth2-google/src/Provider) thenetworg/oauth2-azure in (/var/www/html/glpi/vendor/thenetworg/oauth2-azure/src/Provider) phpCas version 1.6.0 in (/usr/share/php/CAS/source)
LDAP directories
Server: 'imr-rm-dc01.imprendiroma.local', Port: '389', BaseDN: 'DC=imprendiroma,DC=local', Connection filter: none, RootDN: 'CN=glpi,OU=Imprendiroma Service Accounts,DC=imprendiroma,DC=local', Use TLS: none
SQL replicas
Not active
Notifications
Way of sending emails: SMTP+OAUTH ([email protected]@smtp.office365.com)
Plugins list
behaviors Name: Behaviours Version: 2.7.3 State: Enabled
Install Method: Marketplace oauthimap Name: Oauth IMAP Version: 1.4.3 State: Enabled
Install Method: Marketplace timelineticket Name: Timeline of tickets Version: 10.0+1.2 State: Enabled
Install Method: Marketplace
Anything else?
Please do not hide this kind of information in the ALL section, it's frustrating to troubleshoot when even the menus do not collaborate.
This issue do not happen on new and clean GLPI instances that have email followup yet to be configured.
The workaround to fix this issue and successfully migrate from SMTP AUTH to SMTPOAUTH is to override the SMTP AUTH credentials, as when i tried to put a random not correct password in the SMTP AUTH PASSWORD field and saved, the SMTP OAUTH test email worked.
