Microsoft KB Archive/306874

From BetaArchive Wiki
Knowledge Base


Article ID: 306874

Article Last Modified on 2/27/2007


APPLIES TO

  • Microsoft Exchange 2000 Server Standard Edition


This article was previously published under Q306874


SYMPTOMS

In a front-end and back-end environment, an Internet Message Access Protocol, Version 4rev1 (IMAP4) or Post Office Protocol version 3 (POP3) client (such as Microsoft Outlook Express) may not be able to authenticate logon credentials with the front-end server by using NTLM (or SPA). The client may prompt for authentication continuously.

CAUSE

Front-end servers do not support NTLM authentication because it requires a persistent connection. The front-end servers reuse connections as necessary. However, basic authentication is supported.

When you use Exchange 2000, this problem can occur because front-end IMAP4 or POP3 servers incorrectly advertise NTLM authentication. Exchange 2000 Service Pack 1 does not advertise NTLM, which allows the client program to indicate that the authentication is not supported or did not work. Installing Exchange 2000 Service Pack 1 does not change this aspect of the behavior of back-end servers.

RESOLUTION

To resolve this problem, obtain the latest service pack for Microsoft Exchange 2000. For additional information, click the following article number to view the article in the Microsoft Knowledge Base:

301378 XGEN: How to Obtain the Latest Exchange 2000 Server Service Pack


STATUS

Microsoft has confirmed that this is a problem in Microsoft Exchange 2000 Server. This problem was first corrected in Microsoft Exchange 2000 Service Pack 1.

MORE INFORMATION

You can test the behavior difference between an Exchange 2000 server and a server on which Exchange 2000 Service Pack 1 is applied. To do so, use the telnet utility:

  • For IMAP4:

    1. Connect to port 143 of the Exchange 2000 server.
    2. Type the CAPABILITY command.
    With Exchange 2000 SP1 installed on the front-end server, NTLM is not in the response.
  • For POP3:

    1. Connect to port 110 of the Exchange 2000 server.
    2. Type the AUTH command.
    With Exchange 2000 SP1 installed, the front-end server does not have NTLM as its response.

When the client connects to a front-end server that is running Exchange 2000 SP1 or later, the behavior of the client program changes; the client indicates that authentication did not work. For example, Outlook Express displays the following error messages:

  • For POP3 connection:

    Unable to logon to the server using Secure Password Authentication. Account: 'user-account', Server: 'server-name', Protocol: POP3, Server Response: '.', Port: 110, Secure(SSL): No, Error Number: 0x800CCC18

  • For IMAP connection:

    Your 'Inbox' folder was not polled for its unread count. General authentication failed. None of the authentication methods supported by your IMAP server (if any) are supported on this computer. Account: 'user-account', Server: 'server-name', Protocol: IMAP, Server Response: , Port: 143, Secure(SSL): No, Error Number: 0x800CCCDF


Keywords: kbbug kbfix KB306874



Send feedback to Microsoft

© Microsoft Corporation. All rights reserved.


Retrieved from ‘https://www.betaarchive.com/wiki/index.php?title=Microsoft_KB_Archive/306874&oldid=168295
the Creative Commons 3.0 ShareAlike (except the Microsoft KB Archive).
Powered by MediaWiki