Exchange 2010 UserConnectionLimitReached

Question

One of Exchange 2010 users fails to authenticate over IMAP after some time after server restart. (Other users have no problems.)
IMAP logs show this error on authentication attempt: "Msg=UserConnectionLimitReached"
It's entirely possible that at some point this limit is indeed reached but after that no one can connect to this mailbox until IMAP service restart even though limit is not reached anymore.

Get-LogonStatistics -Server server | ? {$_.Windows2000Account -eq 'login'}

shows single record.
Question is is that expected behaviour? Is there a way to avoid that? And is there a way to find active IMAP connections (Get-LogonStatistics does not specify protocol).

Answer 1

Hi @Павел Буров ,

The problem could be in the client side.

Have you tried to re-setup an account to his or devices?

You can also check the IMAP settings on the server.

https://social.technet.microsoft.com/Forums/lync/en-US/e9d2b3fe-ac6c-4bee-98f7-c3ccd0643125/maxconnectionsperuser-exchange-2010?forum=exchange2010

Answer 2

This is not a client side problem. It is perfectly reproduced on any new client for this mailbox or even connecting maually by telnet.
I did increase MaxConnectionsPerUser so it might not happen again any time soon but this behavior looks very strange to me since mailbox is basically broken after reaching limit once.

Answer 3

Hi,
I saw that you said that no one can connect to this mailbox. Will there be any error messages when trying to connect?
According to my research, the maximum number of links for a user is 16 by default, and the value can be set from 1 to 2147483647. Therefore, in order to prevent this issue from recurring, you can use the following command line to set it.
Set-ImapSettings -MaxConnectionsPerUser Value
For more information:set-imapsettings

In addition, you could use ExRCA to test the client using IMAP to connect to the mailbox. If an issue occurs, ExRCA will provide a detailed error report.
About ExRCA: Microsoft Remote Connectivity Analyzer

Answer 4

@Lucas Liu-MSFT
IMAP Response on client is just "NO AUTHENTICATE". After that client assumes that login is incorrect and reasks credentials.
On server I have this error in IMAP logs as I mentioned in first message:

...authenticate,PLAIN,"R=""2 NO AUTHENTICATE failed."";RpcL=-1;LdapL=-1;Msg=UserConnectionLimitReached"  

I already increased MaxConnectionsPerUser, that is not the problem.
Problem is that when this limit reached ones mailbox becomes broken until IMAP service is restarted. At the moment I was writing my first message here it was unaccessible from anywhere for over 24 hours with no active connections shown.

Answer 5

Hi,
The way to avoid this error is to set the MaxConnectionsPerUser property to a larger value in advance.
Based on my knowledge, if you make changes to the IMAP settings, you need to restart the IMAP service and IMAP Backend service after these changes take effect.
Are you still unable to connect to the mailbox after restarting the two IMAP services? If so, please try to run the following command line and try to restart the two IMAP services again to see if the problem is resolved.
Set-IMAPSettings –EnableGSSAPIAndNTLMAuth: $FALSE -Server "<name of the Exchange server>"