XIMS: AUTH LOGIN Command Must Use Base-64-Encoded User Name and Password

ID: Q235627

The information in this article applies to:
  • Microsoft Exchange Server, version 5.5
IMPORTANT: This article contains information about editing the registry. Before you edit the registry, make sure you understand how to restore it if a problem occurs. For information about how to do this, view the "Restoring the Registry" Help topic in Regedit.exe or the "Restoring a Registry Key" Help topic in Regedt32.exe.

SUMMARY

Microsoft Exchange Server 5.5 supports the AUTH LOGIN command for clear text authentication using a base-64-encoded user name and password. It does not accept the AUTH LOGIN command if the user name and password are in an X.500 Distinguished Name (DN) format. If the AUTH LOGIN command is sent in this manner, the following event may appear in the event log on the Exchange Server computer, indicating that the authentication attempt was not successful:

Event ID: 4183
Description: Authentication attempt (AUTH LOGIN) from hostname as username failed: LogonUser() call failed with error: Logon failure: unknown user name or bad password.
Note that when responding to an EHLO command, Exchange Server always indicates that it supports the AUTH LOGIN command.


MORE INFORMATION

Microsoft recognizes the fact that some e-mail clients and servers send the AUTH LOGIN command with a user name and password in an X.500 DN format. We have modified the Internet Mail Service so it can be configured to behave in the following manner:

  • AUTH commands are not accepted by the server.
  • When responding to an EHLO command, the server does not indicate that it supports the AUTH LOGIN command.
This feature is available in the latest service pack for Exchange Server version 5.5. For additional information, please see the following article in the Microsoft Knowledge Base:
Q191014 XGEN: How to Obtain the Latest Exchange Server 5.5 Service Pack
The English version of this feature should have the following file attributes or later:

Component: Internet Mail Service

File name Version
Imcmsg.dll 5.5.2638.0
Msexcimc.exe 5.5.2638.0

This feature was first included in Exchange Server 5.5 Service Pack 3. After you obtain this feature, to modify the behavior of the Internet Mail Service:

WARNING: Using Registry Editor incorrectly can cause serious problems that may require you to reinstall your operating system. Microsoft cannot guarantee that problems resulting from the incorrect use of Registry Editor can be solved. Use Registry Editor at your own risk.

For information about how to edit the registry, view the "Changing Keys and Values" Help topic in Registry Editor (Regedit.exe) or the "Add and Delete Information in the Registry" and "Edit Registry Data" Help topics in Regedt32.exe. Note that you should back up the registry before you edit it. If you are running Windows NT, you should also update your Emergency Repair Disk (ERD).
  1. Start Registry Editor (Regedt32.exe).


  2. Locate the following key in the registry:
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MSExchangeIMC\Parameters
    NOTE: The above registry key is one path; it has been wrapped for readability.


  3. On the Edit menu, click Add Value, and then add the following registry value:


    4. Value Name: DisableAuth
    Data Type: REG_DWORD
    Value: 1 (or any other non-zero value)
  4. Quit Registry Editor.


Additional query words: fail

Keywords : exc55 EXC55SP3Fea
Version : winnt:5.5
Platform : winnt
Issue type : kbinfo


Last Reviewed: September 28, 1999
© 2000 Microsoft Corporation. All rights reserved. Terms of Use.