E2007 migration to E2010. Client needs IMAP to work for some high-powered clientele – this thing really needs to be SSL also. E2007 is working as required, so E2010 should slam dunk this requirement, right? Wrong!
Using a CASArray, so I configured a Thunderbird to go right at a CAS; nope….no good.
Changed the CAS to plaintextlogin (set-imapsettings –logintype plaintextlogin) – still no go. Restarted services and spattered the sacred IT Chicken Blood on the nearest wall. We were also seeing weird results in password types – Thunderbird will “probe” the target server for you – which resulted in Kerberos/GSSAPI as the auth choice – no, that is wrong, we want SSL and regular text password. Double checked the e2007 server and determined that the e2010 IMAP was configured identically to the E2007.
Double checked that I had changed the IMAP SSL certificate on both CAS array members correctly… (Set-ImapSettings -server Server01 -X509CertificateName CertificateName01) - You do know about the x509 and IMAP SSL thing, right?
I just wasted 3 hours of my life over this….
Then this was found on the forums…You must be kidding me! So here is what fixed my issue:
Open the file at
C:\program files\Microsoft\Exchange Server\V14\ClientAccess\PopImap\Microsoft.Exchange.Imap4.exe.config
I went to bottom of the <dependentAssembly> as shown here:
And inserted what was indicated. Note that I have four lines of additions there, so what you see below is wrapped. However, I have also cleverly given you an example to follow. How thoughtful of me, eh?
<assemblyIdentity name="Microsoft.Exchange.Compliance" publicKeyToken="31bf3856ad364e35" culture="neutral" />
<codeBase version="18.104.22.168" href="file:///C:\Program Files\Microsoft\Exchange Server\V14\bin\Microsoft.Exchange.Compliance.dll" />
After restarting the IMAP service on the CAS, everything worked ok. Changed IMAP back to “SecureLogin” – still good.
Now, I did not try the POP fix as that was not needed for my client environment…
Thanks for this i have bookmark the guide just incase i ever have to do this again next time my server crashes cheap wildcard ssl
Post a Comment