Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1374
  • Last Modified:

Configure POP3 Service in Exchange Server 2003 SP2 - Microsoft Cluster Environment

We are using Microsoft Exchange 2003 SP2 in a Windows Server 2003 R2 SP2 Cluster Environment and mail is working fine. Users are connecting from Outlook via Exchange to the server.

Now, we have a new requirement, the users must be able to access mailboxes using a POP3 client as well. We do not want to stop our current mode of user connection just add the option to use POP3. The server is been running beautifully for one full year and POP3 has never been configured.

Please let me know what steps should I take, please specially highlight the steps related to the fact that it is a Windows Server 2003 R2 SP2 Microsoft Cluster Environment.
0
camilorgp
Asked:
camilorgp
  • 11
  • 6
  • 3
  • +1
2 Solutions
 
bhnmiCommented:
I have never operated a clustered exchange group. But I am sure it is as easy as turning on pop3. You also need to make sure the user has POP3 access enabled, the users properties on the exchange general tab. I am assuming that they will also need to send mail, so you will have to open up tour SMTP server to allow relays from authenticated clients if you haven't already.
0
 
camilorgpAuthor Commented:
My concern about my environment being a Windows Server 2003 R2 SP2 Cluster Environment stems from these two Microsoft articles
http://technet.microsoft.com/en-us/library/bb124467.aspx
http://support.microsoft.com/kb/824127

Does any of these apply to my environment? If so why?
This is the reason why I think I need an Exchange guru with Cluster Environment experience here.

0
 
bhnmiCommented:
Well, it looks pretty straight forward. But it cant hurt to wait for some who has already done this.
0
Get your Conversational Ransomware Defense e‑book

This e-book gives you an insight into the ransomware threat and reviews the fundamentals of top-notch ransomware preparedness and recovery. To help you protect yourself and your organization. The initial infection may be inevitable, so the best protection is to be fully prepared.

 
SembeeCommented:
Are you using a frontend server? If you are then turn pop3 on there. If you are not, then why not? That is my usual recommendation on a cluster. Causes a lot less problems with remote access - single point of entry etc.

Simon.
0
 
camilorgpAuthor Commented:
Hello Sembee,

I have a front end server that right now is servicing OWA. So, your recommendation is that instead of enabling the POP3 service in the cluster environment, to do it in the stand alone front end server that is servicing OWA right now?

If that is the case, please have in mind that the mailboxes are in the backend cluster server, any additional recommendations apart from pushing the start button in the POP3 service in the OWA (front-end) server?
0
 
SembeeCommented:
POP3 with frontend works in the same way as OWA does. It is a proxy. Therefore if you already have the frontend in place, change the service from disabled to automatic, open the port and off you go. Nothing else to be done.

Simon.
0
 
camilorgpAuthor Commented:
I just enabled the POP3 service in the front-end server, and when I try to connect with a POP3 client I get this error:
There was a problem logging onto your mail server. Your Password was rejected. Account: 'X.X.X.X', Server: 'X.X.X.X', Protocol: POP3, Server Response: '-ERR No connection could be made because the target machine actively refused it.', Port: 110, Secure(SSL): No, Server Error: 0x800CCC90, Error Number: 0x800CCC92

Any ideas?
0
 
camilorgpAuthor Commented:
Also, I checked the password and it works via OWA for the same user.
0
 
SembeeCommented:
What format are you using for the username?

Simon.
0
 
camilorgpAuthor Commented:
just the username, here is a transcript of a "telnet server 110" session:

+OK Microsoft Exchange Server 2003 POP3 server version 6.5.7638.1 (server.domain) ready.
user test.user
+OK
pass XXXX
-ERR No connection could be made because the target machine actively refused it.

0
 
camilorgpAuthor Commented:
Sembee,

Are you sure that the POP3 service doesn't have to be enabled in the backend server as well?
0
 
SembeeCommented:
The username format is wrong.
It should be domain\user\alias

So if the domain is company, the user is jsmith and the alias (aka mailbox) is john.smith, then it will be

company\jsmith\john.smith

Simon.
0
 
camilorgpAuthor Commented:
Definitely that's not it.

Here is a transcript of a new "telnet server 110" session:

+OK Microsoft Exchange Server 2003 POP3 server version 6.5.7638.1 (server.domain) ready.
user mydomain\test.user\test.user
+OK
pass XXXX
-ERR No connection could be made because the target machine actively refused it.

Please note that in my server the user logon name and alias are the same for all users.

Please consider my comment that maybe the POP3 service at the front-end server merely relays calls for the POP3 service at the backend service, hence the POP3 service at the back-end server should be enabled. Could this be the issue?
0
 
bhnmiCommented:
I if you enable it does it work? anything in the security log on the frontend server?
0
 
camilorgpAuthor Commented:
The issue at hand originally was that my backend server is a cluster environment, and that I don't want to mess with it unless it is absolutely necessary. Now if it turns out that I have to enable the POP3 service in my Cluster Environment then we have to start over and tackle my first question. So first I need Sembee to reconsider his position and rethink my question.
0
 
SembeeCommented:
Having just gone through the FE/BE white paper, it actually says nothing about enabling the service on the backend. However checking a working site, that does show the service is enabled on all of the servers. The clients connect to the frontend and Exchange sorts out where the connection is made. The service is literally just enabled as the other Exchange services, and changed to automatic so that it starts. You do not touch the configuration in any way.

I haven't built a fe/be for 18 months, rarely do these days, I tend to get brought in to clean them up and usually find everything has already been enabled.

Important point - do NOT enforce SSL certificate support on the POP3 service at the backend, as that will stop it from working off the frontend. Similar rule applies to OWA if anyone else is reading this.

Simon.
0
 
trturner123Commented:
I believe you have to enable POP3 on both the front-end and back-end servers for it to work correctly.

Also, to enable POP3 on a cluster, you have to do the following:
 - Enable the MS Exchange POP3 Service on ALL cluster nodes.
 - Add the cluster resource:  
      - Using Cluster Administrator, right-click on the cluster group and then New Resource.  Configure the resource (using MS Exchange POP3 Service as the resource type).  
      - Then select any nodes that will be possible owners of the service.
      - Finally, select MS System Attendant as a dependency.

That should do it.
0
 
camilorgpAuthor Commented:
Hello trturner123,

Makes sense to me.
There is only one thing that concerns me and it is this article from Microsoft.
http://technet.microsoft.com/en-us/library/bb124467.aspx

I can't make any sense out of it any comments on that, or should I just ignor it?
0
 
SembeeCommented:
That article is for a cluster in a security hardened environment. Has yours been secured like that?

Simon.
0
 
camilorgpAuthor Commented:
Excelent question Sembee,

I have been reading through the documents about this "Security Hardened Environment" and since I don't recognize the procedures I think it is safe to assume that my environment haven't been secured like this. Which means that I can safely ignor the comments from the Microsoft article
http://technet.microsoft.com/en-us/library/bb124467.aspx

To me it seems that Sembee did most of the work here, but since trturner123 was the one that made the comments trun towards the Cluster Environment issues, I will split the points, half each. I will try to make the changes and if something comes up I will open a new question.

Thanks.

0
 
camilorgpAuthor Commented:
Just in case anyone finds this question helpful, I want to let you know that I just implemented the answer and it works like a charm! Cheers!
0

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

  • 11
  • 6
  • 3
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now