POP/IMAP clients can't log on with NTLM when Alias and SamAccountName are different in Exchange Server 2016

Applies to: Exchange Server 2016 Enterprise EditionExchange Server 2016 Standard Edition

Symptoms


When your Alias and SamAccountName are different, you can’t log on a POP or IMAP client by using NT LAN Manager (NTLM) authentication in a Microsoft Exchange Server 2016 environment.

Cause


This issue occurs because the NTLM method logon is trying to locate you by SamAccountName, where the username is set to your Alias.

Resolution


To fix this issue, install Cumulative Update 6 for Exchange Server 2016 or a later cumulative update for Exchange Server 2016.

Workaround


To work around this issue, select one of the following methods as what you want:

  • Don't use NTLM authentication to log on POP or IMAP client.
  • Set the same value for both Alias and SamAccountName.

Status


Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.

References


Learn about the terminology that Microsoft uses to describe software updates.