POP3 failed logins Exchange 2010

Hello Experts Exchange

I have an issue with pop3 logins in an Exchange 2010 DAG environment.   WE have two servers holding the Mailbox Server role and one holding the CAS and Hub Transport roles.  The passive Mailbox server is in another site, there is no firewall in between.

Everything works fine when mailboxes are on the active mailbox database but were failing recently.  Upon logging into the Exchange Management Console we noticed that the Exchange server had failed over to the copy mailbox server.  Once we moved the active copy back the the original server pop3 logins worked again.

To test I have created a single instance database and mailbox on the passive copy server and pop3 logins fail with the error "-ERR Login Failure. Unknown Username or password"

Help much appreciated.
stives1974Asked:
Who is Participating?

Improve company productivity with a Business Account.Sign Up

x
 
ArneLoviusConnect With a Mentor Commented:
are the two physical sites different AD sites ?

If they are different AD sites, you need need a CAS role at the secondary site
0
 
ArneLoviusCommented:
Are your mailbox servers in different subnets ?

Did OWA continue to work ?
0
 
Manpreet SIngh KhatraSolutions Architect, Project LeadCommented:
Do we have a GC on the other site ?
Ideally its said that any Active site should have the CAS for login

Also ensure if from the Second site you can telnet with port for POP3 to the CAS server

- Rancy
0
Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

 
stives1974Author Commented:
Thanks for the responses.

I can telnet to the cas server on port 110 from the secondary site and get the banner
+OK The Microsoft Exchange POP3 service is ready.

Webmail still works.

The mailbox and cas server are in different subnets.

There is a GC in both sites.
0
 
stives1974Author Commented:
They are in different AD sites.  Is this a requirement for pop3?  Normal mapi email works ok for the mailbox on the secondary site.
0
 
Rick HobbsRETIREDCommented:
Yes.  "every site with a Exchange server with mailbox server role installed needs a CAS, period."
Check this link:

http://www.petri.co.il/forums/showthread.php?t=44521
0
 
stives1974Author Commented:
Many thanks, installing a local CAS box fixed the issue.
0
 
ArneLoviusCommented:
I do not understand the complaint from Rancy.

My post 38750996 is the first post to question there being a second AD site, and to state the requirement for a CAS server.

The post from Rancy included two questions that were not relevant to the issue, however "Ideally its said" is not stating a requirement.

I would suggest 3) keeping the answer as is.
0
 
Manpreet SIngh KhatraSolutions Architect, Project LeadCommented:
ID: 38750486

Ideally its said that any Active site should have the CAS for login

- Rancy
0
 
ArneLoviusCommented:
@Rancy

The part you have highlighted does not say Active Directory, I do not disagree that it could be implied, but from the original post it was just physical sites that had been mentioned.

You said Ideally this would indicate a "nice to have" rather than a "must have" which is the case.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.