IMAP Healtset ImapDeepTestMonitor unhealthy on Exchange 2016 CU 23
Hi, Since couple of weeks, our SCOM reported IMAP.Protocol errors on one of my 4 Exchange nodes. After checking, the Monitoring Probe causing problem for IMAP is "IMAP.Protocol\ImapDeepTestProbe" When I run the command "Invoke-MonitoringProbe -Identity:"IMAP.Protocol\ImapDeepTestProbe" -Server:MY_SERVER" I received the answer below: "WARNING: No mailboxes were found to use in the DeepTest probe" I Googled this error but found nothing with this specific warning but more with CTP probe. I followed the official Microsoft troubleshooting guide Unfortunately it did not solve the problem. I finally decided to recreate all Monitoring Mailboxes from scratch. The recreation of these mailboxes solved temporarily the problem but it came back finally, and even worst, it is now on all my Exchange nodes. IMAP is working well, it is just the Exchange health monitoring that does not work as expected and generate SCOM alerts. Did someone have the same problem? Thanks in advance for your help!!
How to resolve 'A1 NO AUTHENTICATE failed.' while connect IMAP to outlook mail. Please help!
(async () => { try { const Imap = require('node-imap'); const { create } = require('simple-oauth2'); // Configure your OAuth2 credentials const credentials = { client: { id: 'xxxxxxx', secret: 'xxxxxxxx', }, auth: { tokenHost: 'https://login.microsoftonline.com', tokenPath: '/common/oauth2/v2.0/token' }, }; // Create an OAuth2 client const oauth2Client = create(credentials); // Generate an OAuth2 access token async function getAccessToken() { const tokenParams = { refresh_token: 'xxxxx', }; const result = await oauth2Client.accessToken.create(tokenParams).refresh(); const authData = [ 'user=' + ('xxxxxxxxx' || ''), 'auth=Bearer ' + result.token.access_token, '', '' ]; return Buffer.from(authData.join('\x01'), 'utf-8').toString('base64'); }; // Connect to the IMAP server async function connectImap() { const mailId = 'xxxxxxxxx'; const accessToken = await getAccessToken(); let base64Encoded = Buffer.from([`user=${mailId}`, , `auth=Bearer ${accessToken}`, '', ''].join('\x01'), 'utf-8').toString('base64'); const imap = new Imap({ user: 'xxxxxxxxx', xoauth2: base64Encoded, host: 'outlook.office365.com', port: 993, tls: true, tlsOptions: { rejectUnauthorized: true }, debug: console.log }); imap.connect(); imap.once('ready', function () { console.log("Server status: %s", imap.state); imap.getBoxes((error, mailboxes) => { if (error) throw error; console.log('Mailboxes:'); Object.keys(mailboxes).forEach((mailbox) => { console.log(mailbox); }); imap.end(); }); imap.openBox('INBOX', true, function (err, box) { if (err) throw err; let f = imap.seq.fetch('1:1', { bodies: 'HEADER.FIELDS (FROM TO SUBJECT DATE)', struct: true }); f.on('message', function (msg, seqno) { console.log('Message #%d', seqno); }); }); }); imap.on('error', (err) => { console.log("err", err); }); } // Call the connectImap function await connectImap(); } catch (error) { console.log('Error while fetching details', error); } })();
IMAP | OAUTH2.0 | Thunderbird Email Configuration |
Hello Team, I have 2 separate standalone forests without INTERNET, in which Exchange Server 2016 CU22 , & Exchange Server 2019 CU11 is running independently on On-Premise servers. This question is not about 2 forests or their configuration. The users are separate and I don't need anything between them. 1. I was recently asked to configure Thunderbird Email Client (latest one) and it was not working. Emails were receiving but unable to send emails. It keeps giving message to either login or certificate warning. 2. I started testing and re-configuring IMAP Services. Now IMAP Profiles are successfully configured in Outlook Client but not on Thunderbird. Test-IMAPConnectivity works fine. 3. Also, thunderbird client is not able to auto-configure or search for the configuration. Autodiscover Service is configured correctly. 4. I noticed that, I have configured Set-ClientAccessService -AutoDiscoverServiceInternalUri correctly whereas I have left Set-AutoDiscoverVirtualDirectory -InternalURL to Null. Is this Correct? I searched for many articles for virtual directory configuration but they don't configure AutoDiscoverVirtualDirectory Am I missing something here. 5. Is there any SMTP Auth that I need to configure? 6. I was reading about OAUTH2.0. Do I need to configure anything in this regard? I'm not planning on upgrading the infrastructure for next couple of months as it is not needed urgently by business. 5. Is there a way or offline tool to test for Exchange Certificates, TLSCert etc? I reconfigured Microsoft Exchange Server Auth Cert because it was not appearing in Get-AuthConfig... There is a strong reason why it has no internet, so please don't ask me to upload logs. Please share the commands and scripts, I will proceed from there. LATEST UPDATE: I came across this URL https://learn.microsoft.com/en-us/exchange/clients-and-mobile-in-exchange-online/authenticated-client-smtp-submission and understood that I might I have to enable SMTP Auth at Organizational or Mailbox Level. The sad part is I was not able to find the settings in both servers. I don't get any option listed as "SmtpClientAuthenticaionDisabled". Is this command not available in my version of exchange. Thanks in advance Najeeb
Gmail (IMAP) in Outlook on Win11 doesn't work
Hello everybody, I bought a new windows11 computer and installed office on it, a month and a half ago. I added my Gmail account for reading emails in Outlook via IMAP, It worked great for approximately one week and then stopped working (didn't received new emails). I tried to remove my account and add it again with no success. after I read a post about a problem similar to mine (here for example: https://techcommunity.microsoft.com/t5/windows-insider-program/windows-mail-doesn-t-sync-with-custom-pop3-imap-servers/m-p/2799751) I tried to install other email client app (mozilla's thunderbird, windows mail) with no success. On windows Mail it doesn't work either. I have another computer with Windows 10 installed on it and there it works well. My Windows 11 is updated + optional updates. Also saw this link but I'm not sure it's related. I'm hopeless, could you help me please? Thank you, Zvi
JavaMail connecting to Office 365 XOAUTH2 for IMAP Authentication fails
Facing connectivity issue with Office365 online with OAuth2.0 I have set up the application permissions and IMAP and SMTP connection.Basic authentication seems to be work fine. I believe IMAP is enabled. My application is configured as Accounts in any organizational directory (Any Azure AD directory - Multitenant) and uses grant type authorization code. And Delegated Microsoft Graph scopes https://graph.microsoft.com/IMAP.AccessAsUser.All have been added: Client scopes added Requested Access token with resource as https://graph.microsoft.com Successfully received access token with scopes as IMAP.AccessAsUser.All SMTP.Send { "token_type": "Bearer", "scope": "IMAP.AccessAsUser.All SMTP.Send", "expires_in": 3599, "ext_expires_in": 3599, "access_token": "access_token", "refresh_token": "refresh_token", "id_token": "id_token" } So here is the Java Code (JavaMail jar 1.6.2 used) Properties properties= new Properties(); properties.put("mail.imap.ssl.enable", "true"); properties.put("mail.imap.auth.mechanisms", "XOAUTH2"); //properties.put("mail.imap.sasl.enable", "true"); un-commented still results are same properties.put("mail.imap.auth.login.disable", "true"); properties.put("mail.imap.auth.plain.disable", "true"); properties.put("mail.debug", "true"); properties.put("mail.debug.auth", "true"); Session session = Session.getInstance(props); session.setDebug(true); String userEmail = "emailuser@domain.onmicrosoft.com"; String accessToken = "accessToken"; final Store store = session.getStore("imap"); store.connect("outlook.office365.com","993",userEmail, accessToken); Following output : DEBUG: JavaMail version 1.6.2 DEBUG: successfully loaded resource: /META-INF/javamail.default.address.map DEBUG: getProvider() returning javax.mail.Provider[STORE,imap,com.sun.mail.imap.IMAPStore,Oracle] DEBUG IMAP: mail.imap.appendbuffersize: -1 DEBUG IMAP: mail.imap.minidletime: 10 DEBUG IMAP: closeFoldersOnStoreFailure DEBUG IMAP: trying to connect to host "outlook.office365.com", port 993, isSSL true * OK The Microsoft Exchange IMAP4 service is ready. [TQBB] A0 CAPABILITY * CAPABILITY IMAP4 IMAP4rev1 AUTH=PLAIN AUTH=XOAUTH2 SASL-IR UIDPLUS ID UNSELECT CHILDREN IDLE NAMESPACE LITERAL+ A0 OK CAPABILITY completed. DEBUG IMAP: AUTH: PLAIN DEBUG IMAP: AUTH: XOAUTH2 DEBUG IMAP: protocolConnect login, host=outlook.office365.com, user=emailuser@domain.onmicrosoft.com, password=<non-null> A1 AUTHENTICATE XOAUTH2 dXNlAQE= A1 NO AUTHENTICATE failed. Could not connect to the message store javax.mail.AuthenticationFailedException: AUTHENTICATE failed. at com.sun.mail.imap.IMAPStore.protocolConnect(IMAPStore.java:731) at javax.mail.Service.connect(Service.java:366) at myproject.EmailReceiver.downloadEmails(EmailReceiver.java:79) at myproject.EmailReceiver.main(EmailReceiver.java:179) Following other posts could not able to find scopes https://outlook.office365.com/IMAP.AccessAsUser.All https://outlook.office365.com/SMTP.Send in my Azure. May be they are legacy scopes. Is there any other scopes other then "https://graph.microsoft.com/IMAP.AccessAsUser.All" and "https://graph.microsoft.com/SMTP.send" required to connect to Exchange online through IMAP. Or any problem with existing code.How to access Shared Inboxes with OAuth via IMAP (Basic Authentication Deprecation)
Since Microsoft is deprecating basic auth in the future I cannot use IMAP to access shared inboxes the way I used to: Email address: sharedmailbox[AT]domain.com Incoming Mail Server (IMAP) Username: mymailbox[AT]domain.com/sharedmailbox Hostname: outlook.office365.com Outgoing Mail Server (SMTP) Username: mymailbox[AT]domain.com Hostname: outlook.office365.com In order for the above to work I had to disable security defaults. By 01. October this will stop working. I use the native Apple mail app for managing mails. Now for the life of me I cannot figure out how I could possibly access shared inboxes via OAuth. When I choose to add an "Microsoft Exchange" account (which is the only way I found to use OAuth) I put in sharedmailbox[AT]domain.com as the mail address (which is the shared inbox I want to manage) and as username I choose my account mymailbox[AT]domain.com. When I do that the mail address is simply ignored and I end up adding my personal mailbox instead of the shared mailbox. Trying to login as mymailbox[AT]domain.com/sharedmailbox doesn't work either. Has anyone an idea how to get this working? I'm really used to working with my separate mailboxes and I really can't afford to put licenses on them.IMAP Hack
Hello Team, I am new to this community. My issue is with Office 365 Family Plan. This is NOT a business account. My 20 year old email was hacked using IMAP when they brute forced my password. I was not aware that this was going on because Microsoft did not send me any notifications of failed log in attempts via IMAP protocol. Please see logs for the 18 showing that a successful synch was completed. I called office 365 support but they had NO clue what I was talking about. I used every security measure like 2 form authentication, email recovery, etc....unique passwords...changing password every so often.... I NEVER GOT an alert that hackers were trying to break my password. I have copies of logs showing hundreds of attempts to get my passwords cracked. This happened for 4 months straight until they got in. The catch 22 is that hackers got in via simple IMAP. They had my username and 4 months to break my password. I saw the activity logs and realized how they got it. My frustration is why I CANT request to turn OFF IMAP on my account. THIS MEANS that EVERY non-business account can be hacked via IMAP? This is crazy.... No one at tech support is able to help me. any idea as to why Office 365 Family plan is not protect for IMAP hack? CesarIMAP Transport Logging
Has anyone successfully gotten Outlook to create IMAP transport logs lately? (or even attempted it?) Enabling "troubleshooting logging" in Advanced settings (and verifying appropriate registry keys are correctly set) turns on the "OPMLog.log", "Sharing Engine....log", and ETL logs, but the IMAP transport logs never appear in '%TEMP%/Outlook Logging' as promised by the documentation. Thanks! References: [1] https://support.microsoft.com/en-us/topic/how-to-enable-global-and-advanced-logging-for-microsoft-outlook-15c74560-2aaa-befd-c256-7c8823b1aefa [2] https://support.microsoft.com/en-us/office/what-is-the-enable-logging-troubleshooting-option-0fdc446d-d1d4-42c7-bd73-74ffd4034af5?ui=en-us&rs=en-us&ad=us
graph url scopes not supported for smtp and imap
For authentication, we are using below scopes as mentioned in the doc https://docs.microsoft.com/en-us/exchange/client-developer/legacy-protocols/how-to-authenticate-an-imap-pop-smtp-application-by-using-oauth offline_access https://outlook.office.com/IMAP.AccessAsUser.All https://outlook.office.com/SMTP.Send We are able to get access_token and refresh_token successfully We want get userPrincipalName using graph api https://graph.microsoft.com/v1.0/me however we are getting error , looks like for hitting graph api only graph scopes would work. We tried with graph scopes urls, https://graph.microsoft.com/IMAP.AccessAsUser.All , https://graph.microsoft.com/SMTP.Send and able to hit graph api , however smtp and imap authentication is not working with these scopes. since Microsoft is deprecating outlook rest apis and asking to move to graph api then why graph scopes urls are not supported for SMTP and IMAP ?How to configure Outlook for POP3/IMAP and SMTP Connectivity in SBS 2008/2011 Standard
First published on TechNet on Aug 31, 2011 [Today's post comes to us courtesy of Shawn Sullivan from Commercial Technical Support]If you wish to connect to your Exchange mailbox on SBS with a remote Outlook client, we recommend that you use Outlook Anywhere.
