You are viewing limited content. For full access, please sign in.

Question

Question

Direct Approval config settings

Forms Version 10 Administration
Updated October 7, 2019
asked on October 7, 2019 Show version history

Hi, working with a client to set up Direct Approval for the first time in a Forms 10.3 environment.  Before this effort, they did not have IMAP running on Exchange.  They have enabled IMAP4, but Forms config has not been successful.

  • After enabling IMAP, we still get the following error message from the Email Approval Server pages:
    • "The test email failed because: Failed to connect to the email server webmail.domain.com:143. This issue can occur if the server does not support IMAP. [LFF2002-EmailApprovalServerConnection]"
  • Tried both SSL options - (No SSL, port 143) and (Yes SSL, port 993) - but both fail with same error.
  • Secure logon (TLS) is required

 

Any thoughts, suggestions, or lessons-learned would be much appreciated.

Thanks, .... Steven.

0 0

Replies

replied on October 7, 2019

Could you look in the event log on the Forms server and post the full error message?

0 0
View 2 previous replies
replied on October 7, 2019 Show version history

Hi Miruna,

Thanks for the reply.

Error entry from event viewer attached.  Please note - I've edited the event to change the name of the client machine to [servername].

Thanks, ..... Steven.

forms-DirApp-error.txt (2.05 KB)
Download
0 0
replied on October 7, 2019

The message says the service is not running ("No connection could be made because the target machine actively refused it 10.10.28.56:143")

Are you sure the IMAP service is started on your Exchange server?

 
0 0
replied on October 7, 2019

Hi Miruna,

That's the info I have ... will confirm.  Thanks so much for the quick reply.

Best, .... Steven.

0 0
replied on October 7, 2019

Hi Miruna,

Some progress - we were using the exchange server hostname, rather than the internal IMAP servername.  Once we replaced the name on the Email Approver Server page, it does appear to connect.  Unfortunately, it throws a different error with text "The test email failed because: The remote certificate is invalid according to the validation procedure.".  Event viewer entry is attached.

Are you able to shed any light on this?  We are connecting without SSL, port 143.  Could this be a TLS version issue, or (hopefully) something simpler.

Thanks again, ..... Steven.

forms-DirApp-error2.txt (3.27 KB)
Download
0 0
replied on October 7, 2019

Steven,

 

Ensure the Forms Server has the proper certificates in the 'Intermediate Certification Authority' and 'Trusted Root Certification Authority' areas to validate the SSL certificate on the Exchange Server.

You can run 'certmgr.msc' on the exchange server to check the certificate being used and review the 'Certificate Path' to find which Intermediate CA and Trusted Root CA that certificate uses. Then, you should be able to export the appropriate CA certificate(s) from the exchange server and import them into the proper locations on the Forms Server.

1 0
replied on October 7, 2019

This could be an issue with the IMAP settings on the Exchange server, the SSL certificate setup, etc. Also, make sure the traffic over port 143/993 isn't being blocked by a firewall before reaching the Exchange server.

 

A test you can do is using Gmail's IMAP server. It's "imap.gmail.com" with port 993. Supply it with a valid gmail account and make sure to check the "SSL" box at the bottom. Test that and see if it's successful for you.

0 0
replied on October 7, 2019

Hi Dustin,

Thanks for the suggestion.  It's a good idea to validate another server in order to isolate the problem.  Unfortunately, I believe the client firewall blocks incoming 993 traffic.  I'll keep this in mind for future troubleshooting elsewhere.

Thanks again, ..... Steven.

0 0
replied on October 7, 2019

No problem Steven! That was my objective, to isolate the problem to being with your exchange server or if it was on the Forms side.

Also, TCP is a stateful connection protocol, which means if the connection can be established in one direction (outbound), then a session between the 2 endpoints is created and communication can happen in both directions during that session's life (until the FIN transmission at the end of the conversation to close that session). So, with TCP the traffic only needs to be allowed in the direction of the initiating communication.

1 0
You are not allowed to follow up in this post.

Sign in to reply to this post.

Details
Attachments
Related Posts
Loading ...