About Me

My photo
These are blogs for John Weber. One of my joys in life is helping others get ahead in life. Content here will be focused on that from this date forward. John was a Skype for Business MVP (2015-2018) - before that, a Lync Server MVP (2010-2014). I used to write a variety of articles (https://tsoorad.blogspot.com) on technical issues with a smattering of other interests. I have a variety of certifications dating back to Novell CNE and working up through the Microsoft MCP stack to MCITP multiple times. FWIW, I am on my third career - ex-USMC, retired US Army. I have a fancy MBA. The opinions expressed on this blog are mine and mine alone.


IMAP fails Exchange 2010

The Situation/Problem

E2007 migration to E2010.  Client needs IMAP to work for some high-powered clientele – this thing really needs to be SSL also.  E2007 is working as required, so E2010 should slam dunk this requirement, right?  Wrong!

Using a CASArray, so I configured a Thunderbird to go right at a CAS; nope….no good.

Changed the CAS to plaintextlogin (set-imapsettings –logintype plaintextlogin) – still no go.  Restarted services and spattered the sacred IT Chicken Blood on the nearest wall.  We were also seeing weird results in password types – Thunderbird will “probe” the target server for you – which resulted in Kerberos/GSSAPI as the auth choice – no, that is wrong, we want SSL and regular text password.  Double checked the e2007 server and determined that the e2010 IMAP was configured identically to the E2007.

Double checked that I had changed the IMAP SSL certificate on both CAS array members correctly… (Set-ImapSettings -server Server01 -X509CertificateName CertificateName01) - You do know about the x509 and IMAP SSL thing, right?

I just wasted 3 hours of my life over this….

The Fix

Then this was found on the forums…You must be kidding me! So here is what fixed my issue:

Open the file at

C:\program files\Microsoft\Exchange Server\V14\ClientAccess\PopImap\Microsoft.Exchange.Imap4.exe.config

I went to bottom of the <dependentAssembly> as shown here:


And inserted what was indicated.  Note that I have four lines of additions there, so what you see below is wrapped.  However, I have also cleverly given you an example to follow.  How thoughtful of me, eh?

<assemblyIdentity name="Microsoft.Exchange.Compliance" publicKeyToken="31bf3856ad364e35" culture="neutral" />
<codeBase version="" href="
file:///C:\Program Files\Microsoft\Exchange Server\V14\bin\Microsoft.Exchange.Compliance.dll" />

After restarting the IMAP service on the CAS, everything worked ok.  Changed IMAP back to “SecureLogin” – still good.

Now, I did not try the POP fix as that was not needed for my client environment…


1 comment:

Rachel Burr said...

Thanks for this i have bookmark the guide just incase i ever have to do this again next time my server crashes cheap wildcard ssl

test 02 Feb

this is a test it’s only a test this should be a picture