Link to home
Start Free TrialLog in
Avatar of blaze2342
blaze2342

asked on

Cannot get IMAP4 service to start

We are running Exchange 2010 on a Server 2008R2 box.  Everything else seems to be running fine but for some reason I cannot get the IMAP4 service to start.  I'm not seeing any meaningful errors in the event log.  If you click start it says

Windows could not start the Microsoft Exchange IMAP4 service on Local Computer.  Error 1053: The service did not respond to the start or control request in a timely fashion.
Avatar of Manpreet SIngh Khatra
Manpreet SIngh Khatra
Flag of India image

Are your users using IMAP ? If not why do you want it started .... in my environment we dont have any IMAP or POP users so i simply disabled and kept the service like that :)

Was Exchange installed without issues ?
What is the Exchange 2010 version ?

- Rancy
Avatar of blaze2342
blaze2342

ASKER

We have archiving with McAfee (formerly MXLogic).  The service uses a journaling mailbox on our service and IMAP to send archive copies of emails to the Mcafee server.
Was this service working before ?
Did you try to restart the server and check ?

What is the exchnage server version ?

- Rancy
We had some DNS issues a week ago that we cleaned up and this turned up after.  The service was running for nearly a year beforehand.  Server has been rebooted many times.  Exchange 2010 version 14.2 (build 247.5).  Looks like we have at least Rollup 3 installed.  Looks like rollup 4 v2 is available.  I can apply that and see if it helps.
I dont think RU will help i was more looking for SP to assist as it kind of helps with such stuff ...... DO you have any other server where IMAP is working

- Rancy
I have an exchange 2007 server for a different client.
Can you reapply a service pack?
Actually I do have a colleage that is running exchange 2010.. what are your thoughts?
Yes you can reapply the SP but i dont want something more to break on this machine.

You say no logs in event increase the logging on IMAP and lets check.
I was asking if we can have this server use another IMAP server in the same Environment.

- Rancy
I turned logging on IMAP4 up to expert.. tried to start the imap4 service and still dont see anythign new in the event logs.  Should I turn it up somewhere else?
I think if you turned to Expert thats it ..

Check for the service and the .exe it requires and is there ?

- Rancy
The serivce points to C:\Program Files\Microsoft\Exchange Server\V14\ClientAccess\PopImap\Microsoft.Exchange.Imap4Service.exe

It is there.  I might call me buddy and see if he can send me a copy of this file.. maybe its corrupt or something stupid like that.
Could it be the logon account for the service?  It was originally network service... I switched it to local system.. i could create one but am not really sure what permissions it needs.
Check the version of the file and ensure to compare his and yours.

Please change it and lets check ... possible never finger something we dont know

- Rancy
ASKER CERTIFIED SOLUTION
Avatar of 172pilotSteve
172pilotSteve
Flag of United States of America image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
[PS] C:\Windows\system32>Get-ImapSettings | fl


RunspaceId                        : 4dcc4474-67a1-4c6d-b5d1-0d763e0524f2
ProtocolName                      : IMAP4
Name                              : 1
MaxCommandSize                    : 10240
ShowHiddenFoldersEnabled          : False
UnencryptedOrTLSBindings          : {0.0.0.0:143}
SSLBindings                       : {0.0.0.0:993}
InternalConnectionSettings        : {RANDY.rdu.ei1.com:993:SSL, RANDY.rdu.ei1.com:143:TLS}
ExternalConnectionSettings        : {}
X509CertificateName               : mail.ei1.com
Banner                            : The Microsoft Exchange IMAP4 service is ready.
LoginType                         : PlainTextLogin
AuthenticatedConnectionTimeout    : 00:30:00
PreAuthenticatedConnectionTimeout : 00:01:00
MaxConnections                    : 2147483647
MaxConnectionFromSingleIP         : 2147483647
MaxConnectionsPerUser             : 16
MessageRetrievalMimeFormat        : BestBodyFormat
ProxyTargetPort                   : 143
CalendarItemRetrievalOption       : iCalendar
OwaServerUrl                      :
EnableExactRFC822Size             : False
LiveIdBasicAuthReplacement        : False
SuppressReadReceipt               : False
ProtocolLogEnabled                : False
EnforceCertificateErrors          : False
LogFileLocation                   : C:\Program Files\Microsoft\Exchange Server\V14\Logging\Imap4
LogFileRollOverSettings           : Daily
LogPerFileSizeQuota               : 0 B (0 bytes)
ExtendedProtectionPolicy          : None
EnableGSSAPIAndNTLMAuth           : True
Server                            : RANDY
AdminDisplayName                  :
ExchangeVersion                   : 0.10 (14.0.100.0)
DistinguishedName                 : CN=1,CN=IMAP4,CN=Protocols,CN=RANDY,CN=Servers,CN=Exchange Administrative Group (FY
                                    DIBOHF23SPDLT),CN=Administrative Groups,CN=EIGroup,CN=Microsoft Exchange,CN=Service
                                    s,CN=Configuration,DC=rdu,DC=ei1,DC=com
Identity                          : RANDY\1
Guid                              : c43e9589-3476-4dde-ab9d-510d8876ea08
ObjectCategory                    : rdu.ei1.com/Configuration/Schema/ms-Exch-Protocol-Cfg-IMAP-Server
ObjectClass                       : {top, protocolCfg, protocolCfgIMAP, protocolCfgIMAPServer}
WhenChanged                       : 11/12/2012 3:11:37 PM
WhenCreated                       : 10/21/2011 10:17:25 AM
WhenChangedUTC                    : 11/12/2012 8:11:37 PM
WhenCreatedUTC                    : 10/21/2011 2:17:25 PM
OrganizationId                    :
OriginatingServer                 : KYLE.rdu.ei1.com
IsValid                           : True



[PS] C:\Windows\system32>
Bindings are All Available IPv4 port 143 and 993.  IPv6 was disabled.. I dont remember why but I feel like it was an OWA or BES issue.
OK - Two things..

First, it's a long-shot, but it looks like you've got the IPv6 bindings disabled (ie, there's no bindings shown)..  Technicallly, it shouldn't NEED it, but I've seen problems with various Exchange components when IPv6 is disabled.  I'd re-enable it (you dont have to configure it), and if you really have a problem with it and dont want it to work, block it in the firewall.

Second, I see the x509certificatename is "mail.eil.com" - Do a "get-ExchangeCertificate" on your CAS server, and you should see the certificate with the "I" next to it under Services should be the one with the CN of mail.eil.com.  Then if you do the
"get-exchangeCertificate | FL"
you should see that on that certificate, your certificatedomains should include the "RANDY.rdu.ei1.com" domain that is in your bindings.

You also might want to do a "set-imapSettings -LoginType SecureLogin" - I'm not sure that's needed, but that's how mine is set.

Check the event viewer application log too, just in case there's  a new clue!
OK..  So, with the IPv6 thing, is it turned on for the NIC, and just disabled in imap then?  That should be fine, but I seem to remember having some services that wont start at all if IPv6 isn't at least enabled on the NIC.
One more thought - Are all your servers in the same site?  If you're trying to do IMAP cross-site, it will try to proxy the IMAP, and I see you've got a proxy port of 143
Its disabled on the NIC.  I'll add it back.
Yea they are in the same site
im not really sure how to get the ipv6 back into the binding screen in EMC
mail.ei1.com is our public address for OWA

here is teh get-exchangecertificate


[PS] C:\Windows\system32>Get-ExchangeCertificate

Thumbprint                                Services   Subject
----------                                --------   -------
60675BD52F0C13507C6AF0CCAF86325F699EA889  ....S.     CN=randy.rdu.ei1.com, OU=Domain Validated, OU=Thawte SSL123 cer...
CBC9F7217C7AF339784379E1EF0210A03F73C4F7  IP.WS.     CN=mail.ei1.com, OU=Domain Validated, OU=Thawte SSL123 certific...


[PS] C:\Windows\system32>
we dont use ssl on the imap btw
Oh..  sorry..  nevermind ALL that cert stuff then - If you're not doing SSL..  I guess I am confused and need to re-read the original problem!!    (I am probably just having bad flashbacks to when I had to get IMAP working here, with SSL, cross sites, and cross Exchange versions.. wasn't fun!!)   :-)

Also, nevermind about the SecureLogin thing too then - ClearText is appropriate!

SO..

That does bring up a question though - IF you dont intend to use SSL, then it might be failing anyway if the certificate isn't setup right..  Can you try to go into the Exchange Management Console, Server Configuration \ CAS Servers, choose the CAS up on top, and pick the POP3/IMAP pane on the bottom..  Then, double-click on IMAP4, and remove the secure bindings from the bottom pane?  That should make it stop trying to bind to those ports completely..
I got this warning when I tried to remove the ssl bindings.

--------------------------------------------------------
Microsoft Exchange Warning
--------------------------------------------------------
The following warning(s) occurred while saving changes:

Set-ImapSettings
Completed

Warning:
The port number specified for InternalConnectionSettings does not match the port number specified for UnEncryptedOrTLSBindings/SSLBindings. IMAP4 clients might not be able to connect to the service. Use the Get-ImapSettings and Set-ImapSettings cmdlets to verify and correct this problem.


--------------------------------------------------------
OK
--------------------------------------------------------
It's complaining about this:
InternalConnectionSettings        : {RANDY.rdu.ei1.com:993:SSL, RANDY.rdu.ei1.com:143:TLS}

You might be able to just do:

set-ImapSettings -InternalConnectionSettings randy.rdu.ei1.com:143

I dont think you'd want that TLS on there, since you dont have a cert associated with it anymore, but if it doesn't work without, try it with...  The main goal would be to get rid of the SSL entry.  By the way - If you needed to UNDO this, the syntax is like this:

set-ImapSettings -InternalConnectionSettings randy.rdu.ei1.com:143:TLS,randy.rdu.ei1.com:993:SSL

In otherwords, no spaces in the list of connection types, and just a comma in between..  That wasn't obvious to me, and I kept trying to put in the curly braces or quotes, and never got it to work..
I'll give this a try and let you know how it goes.
Applied Exchange 2010 SP3 and the issue went away.