Fix #2251837; better response when provisioning is required.
* Currently, we validate EAS accounts using a command that will
succeed even if we do not support required security policies.
* This causes a confusing "invalid username or password" error
when trying to sync with a validated account in the case that
there are, in fact, required policies
* The fix is to send a sync command after validating the user name
and password; a 403 error indicates the requirement for
* When we see the 403 error, we put up a message that is appropriate
to the situation.
2 files changed