2

I am having serious issue during coexistence between exchange 2010 and 2013, authentication failed when attempting to connect through IMAP, I will write the environment and the logs in points so that the description of the issue will be clear for everyone.

  • The environment has 2 exchange 2013 servers CU10 SP1, each server has combined (CAS+MBX) installed, and coexist with legacy exchange servers (exchange 2010)
  • Exchange 2013 servers installed on windows 2012 servers
  • No firewall between exchange servers and clients
  • Exchange 2010 mailboxes can connect to their mailboxes through IMAP just fine without any issue
  • Exchange 2013 mailboxes cannot connect through IMAP (NO LOGON failed)
  • Mailboxes needs to connect to port 143 (not 993)
  • IMAP4 and IMAP4BE services are running in both exchange 2013 servers
  • Get-servercomponentstate shows that ImapProxy is active
  • Get-healthreport shows that IMAP is in Unhealthy state (the reason is NO LOGIN failed)

    telnet <exchange_server> 143
    The Microsoft Exchange IMAP4 service is ready.
    ? login <user> <password>
    NO LOGIN failed

  • The output of the command (get-imapsettings) is as follow:

RunspaceId                        : a63b58c4-7fa3-42cb-a270-cdcf91032853
ProtocolName                      : IMAP4
Name                              : 1
MaxCommandSize                    : 10240
ShowHiddenFoldersEnabled          : False
UnencryptedOrTLSBindings          : {[::]:143, 0.0.0.0:143}
SSLBindings                       : {0.0.0.0:993, [::]:993}
InternalConnectionSettings        : {SHUEXCH02.mydomain.com:993:SSL, SHUEXCH02.mydomain.com:143:TLS}
ExternalConnectionSettings        : {}
X509CertificateName               : shuexch02
Banner                            : The Microsoft Exchange IMAP4 service is ready.
LoginType                         : PlainTextLogin
AuthenticatedConnectionTimeout    : 00:30:00
PreAuthenticatedConnectionTimeout : 00:01:00
MaxConnections                    : 2147483647
MaxConnectionFromSingleIP         : 2147483647
MaxConnectionsPerUser             : 16
MessageRetrievalMimeFormat        : BestBodyFormat
ProxyTargetPort                   : 143
CalendarItemRetrievalOption       : iCalendar
OwaServerUrl                      :
EnableExactRFC822Size             : False
LiveIdBasicAuthReplacement        : False
SuppressReadReceipt               : False
ProtocolLogEnabled                : True
EnforceCertificateErrors          : False
LogFileLocation                   : C:\Program Files\Microsoft\Exchange Server\V15\Logging\Imap4
LogFileRollOverSettings           : Daily
LogPerFileSizeQuota               : 0 B (0 bytes)
ExtendedProtectionPolicy          : None
EnableGSSAPIAndNTLMAuth           : False
Server                            : SHUEXCH02
AdminDisplayName                  :
ExchangeVersion                   : 0.10 (14.0.100.0)
DistinguishedName                 : CN=1,CN=IMAP4,CN=Protocols,CN=SHUEXCH02,CN=Servers,CN=Exchange Administrative
                                    Group (FYDIBOHF23SPDLT),CN=Administrative Groups,CN=domain,CN=Microsoft
                                    Exchange,CN=Services,CN=Configuration,DC=mydomain,DC=com, Identity                          : SHUEXCH02\1
Guid                              : d72d0ee4-0711-4769-9174-bb7f76f25316
ObjectCategory                    : mydomain.com
/Configuration/Schema/ms-Exch-Protocol-Cfg-IMAP-Server
ObjectClass                       : {top, protocolCfg, protocolCfgIMAP, protocolCfgIMAPServer}
WhenChanged                       : 2/28/2016 11:20:42 AM
WhenCreated                       : 10/26/2015 3:20:34 PM
WhenChangedUTC                    : 2/28/2016 8:20:42 AM
WhenCreatedUTC                    : 10/26/2015 12:20:34 PM
OrganizationId                    :
Id                                : SHUEXCH02\1
OriginatingServer                 : SHUDC01.mydomain.com
IsValid                           : True
ObjectState                       : Unchanged
  • IMAP Logs show that :
16-02-**29T00:02:43.161Z,00000000000007AD,2,127.0.0.1:993,127.0.0.1:14599,HealthMailbox7a89f888474b4e78a0e67922c9f73846,43,72,87,login,HealthMailbox7a89f888474b4e78a0e67922c9f73846@mydomain.com  *****,"R=""z NO [Error=ProxyNotAuthenticated Proxy=SHUEXCH01.mydomain.com:143:SSL] LOGIN failed."";Msg=Proxy:SHUEXCH01.mydomain.com:143:SSL;ErrMsg=ProxyNotAuthenticated"
2016-02-**29T00:02:43.161Z,00000000000007AD,3,127.0.0.1:993,127.0.0.1:14599,HealthMailbox7a89f888474b4e78a0e67922c9f73846,0,0,0,CloseSession,,

Hope these information contains all the informations you need

Please anyone can help me solving this issue

sysadmin1138
  • 131,083
  • 18
  • 173
  • 296
naji
  • 41
  • 1
  • 3

2 Answers2

2

I fixed the issue after I change the proxytargetport to 9933

set-ImapSettings –ProxyTargetPort 9933

Afterwards, you need to restart IMAP services.

naji
  • 41
  • 1
  • 3
0

If you have Exchange 2016, you will need to run the following

Set-IMAPSettings -EnableGSSAPIAndNTLMAuth $false

https://docs.microsoft.com/en-us/exchange/troubleshoot/client-connectivity/imap-clients-logon-fail-coexist-exchange

Michael Hampton
  • 237,123
  • 42
  • 477
  • 940