About Me

My photo
TsooRad is a blog for John Weber. John was a Skype for Business MVP (2015-2018) - before that, a Lync Server MVP (2010-2014). My day job is titled "Technical Lead, MS UC" - I work with an awesome group of people at CDW, LLC. I focus on collaboration and infrastructure. This means Exchange of all flavors, Skype, LCS/OCS/Lync, Windows, business process, and learning new stuff. I have a variety of interests - some of which may rear their ugly head in this forum. I have a variety of certifications dating back to Novell CNE and working up through the Microsoft MCP stack to MCITP multiple times. FWIW, I am on my third career - ex-USMC, retired US Army. I have a fancy MBA. One of these days, I intend to start teaching. The opinions expressed on this blog are mine and mine alone.


IMAP fails Exchange 2010

The Situation/Problem

E2007 migration to E2010.  Client needs IMAP to work for some high-powered clientele – this thing really needs to be SSL also.  E2007 is working as required, so E2010 should slam dunk this requirement, right?  Wrong!

Using a CASArray, so I configured a Thunderbird to go right at a CAS; nope….no good.

Changed the CAS to plaintextlogin (set-imapsettings –logintype plaintextlogin) – still no go.  Restarted services and spattered the sacred IT Chicken Blood on the nearest wall.  We were also seeing weird results in password types – Thunderbird will “probe” the target server for you – which resulted in Kerberos/GSSAPI as the auth choice – no, that is wrong, we want SSL and regular text password.  Double checked the e2007 server and determined that the e2010 IMAP was configured identically to the E2007.

Double checked that I had changed the IMAP SSL certificate on both CAS array members correctly… (Set-ImapSettings -server Server01 -X509CertificateName CertificateName01) - You do know about the x509 and IMAP SSL thing, right?

I just wasted 3 hours of my life over this….

The Fix

Then this was found on the forums…You must be kidding me! So here is what fixed my issue:

Open the file at

C:\program files\Microsoft\Exchange Server\V14\ClientAccess\PopImap\Microsoft.Exchange.Imap4.exe.config

I went to bottom of the <dependentAssembly> as shown here:


And inserted what was indicated.  Note that I have four lines of additions there, so what you see below is wrapped.  However, I have also cleverly given you an example to follow.  How thoughtful of me, eh?

<assemblyIdentity name="Microsoft.Exchange.Compliance" publicKeyToken="31bf3856ad364e35" culture="neutral" />
<codeBase version="" href="
file:///C:\Program Files\Microsoft\Exchange Server\V14\bin\Microsoft.Exchange.Compliance.dll" />

After restarting the IMAP service on the CAS, everything worked ok.  Changed IMAP back to “SecureLogin” – still good.

Now, I did not try the POP fix as that was not needed for my client environment…


1 comment:

Rachel Burr said...

Thanks for this i have bookmark the guide just incase i ever have to do this again next time my server crashes cheap wildcard ssl

Sfb 2019 July 2019 CU

Script to update sfb 2019 install to enable the new control panel contained in the SfB July 2019 CU. Add-WindowsFeature RSAT-ADDS, Web-Serve...