Solved

POP3 failed logins Exchange 2010

Posted on 2013-01-06
11
552 Views
Last Modified: 2013-01-10
Hello Experts Exchange

I have an issue with pop3 logins in an Exchange 2010 DAG environment.   WE have two servers holding the Mailbox Server role and one holding the CAS and Hub Transport roles.  The passive Mailbox server is in another site, there is no firewall in between.

Everything works fine when mailboxes are on the active mailbox database but were failing recently.  Upon logging into the Exchange Management Console we noticed that the Exchange server had failed over to the copy mailbox server.  Once we moved the active copy back the the original server pop3 logins worked again.

To test I have created a single instance database and mailbox on the passive copy server and pop3 logins fail with the error "-ERR Login Failure. Unknown Username or password"

Help much appreciated.
0
Comment
Question by:stives1974
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
  • 2
  • +1
11 Comments
 
LVL 37

Expert Comment

by:ArneLovius
ID: 38750443
Are your mailbox servers in different subnets ?

Did OWA continue to work ?
0
 
LVL 52

Expert Comment

by:Manpreet SIngh Khatra
ID: 38750486
Do we have a GC on the other site ?
Ideally its said that any Active site should have the CAS for login

Also ensure if from the Second site you can telnet with port for POP3 to the CAS server

- Rancy
0
 

Author Comment

by:stives1974
ID: 38750639
Thanks for the responses.

I can telnet to the cas server on port 110 from the secondary site and get the banner
+OK The Microsoft Exchange POP3 service is ready.

Webmail still works.

The mailbox and cas server are in different subnets.

There is a GC in both sites.
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 37

Accepted Solution

by:
ArneLovius earned 500 total points
ID: 38750996
are the two physical sites different AD sites ?

If they are different AD sites, you need need a CAS role at the secondary site
0
 

Author Comment

by:stives1974
ID: 38751061
They are in different AD sites.  Is this a requirement for pop3?  Normal mapi email works ok for the mailbox on the secondary site.
0
 
LVL 22

Expert Comment

by:Rick Hobbs
ID: 38753029
Yes.  "every site with a Exchange server with mailbox server role installed needs a CAS, period."
Check this link:

http://www.petri.co.il/forums/showthread.php?t=44521
0
 

Author Comment

by:stives1974
ID: 38762895
Many thanks, installing a local CAS box fixed the issue.
0
 
LVL 37

Expert Comment

by:ArneLovius
ID: 38765146
I do not understand the complaint from Rancy.

My post 38750996 is the first post to question there being a second AD site, and to state the requirement for a CAS server.

The post from Rancy included two questions that were not relevant to the issue, however "Ideally its said" is not stating a requirement.

I would suggest 3) keeping the answer as is.
0
 
LVL 52

Expert Comment

by:Manpreet SIngh Khatra
ID: 38765853
ID: 38750486

Ideally its said that any Active site should have the CAS for login

- Rancy
0
 
LVL 37

Expert Comment

by:ArneLovius
ID: 38765888
@Rancy

The part you have highlighted does not say Active Directory, I do not disagree that it could be implied, but from the original post it was just physical sites that had been mentioned.

You said Ideally this would indicate a "nice to have" rather than a "must have" which is the case.
0

Featured Post

Ransomware: The New Cyber Threat & How to Stop It

This infographic explains ransomware, type of malware that blocks access to your files or your systems and holds them hostage until a ransom is paid. It also examines the different types of ransomware and explains what you can do to thwart this sinister online threat.  

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The new Gmail Phishing Scam going around is surprising even the savviest of users with its sophisticated techniques.
How to resolve IMCEAEX NDRs in Exchange or Exchange Online related to invalid X500 addresses.
To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…
how to add IIS SMTP to handle application/Scanner relays into office 365.
Suggested Courses
Course of the Month10 days, 20 hours left to enroll

631 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question