8
Account passwords disappear, missing
Problem reported by Ken Adams - 12/17/2013 at 10:22 AM
Resolved
Hello,
This has occurred 2-3 times.  Users report that they are unable to access their email.  While checking their account, it becomes apparent their password is gone.  Once reset, the account functions properly.
We always change the password in the case there was an attempt to hack the mailbox or if it was actually hacked.
 
Any reason or explanation for this is occurring?
 
Ken

42 Replies

Reply to Thread
0
Tan Replied
We face the similar problem. Not sure whether SmarterTools got any idea on this?
0
Patrick Hedgepath Replied
We have also recently run into this problem. I also notice that the Display Name for the accounts when this happens gets set to N/A
 
Any idea what is happening here SmarterTools?
0
Employee Replied
Employee Post
Hello.  Can I ask what version of SmarterMail you're both using?
0
Ken Adams Replied
Version 10.4
0
Steve Reid Replied
Ensure there is no resident application that is locking or interfering with the smartermail files. Add the smartermail folder to the exceptions list in your antivirus etc
0
Ken Adams Replied
Done
0
Brad Kingsley Replied
We are seeing this same behavior. We are running 12.3.5318
0
Brad Kingsley Replied
We already exclude the smartermail directories from virus scan. Has this or is this going to be addressed by SmarterMail upgrade? We are currently running 12.3.5318.
0
Steve Reid Replied
I have seen this problem reported many times is the past, however I have never experienced it... I highly doubt an upgrade would fix it, although it's always best to be on the latest version.
0
Bruce Barnes Replied
As Steve Reid indicated in a previous post, make certain you do not have an antivirus program running on the server which is scanning the SmarterMail directories.
 
While the use of AV programs is highly encouraged, on both servers, workstations, and with mobile devices, an AV program running on a mail server should NEVER scan the files in the SmarterMail directories.  These two directories should be set to EXCLUDED in the AV program setup:
  • C:\Program Files (x86)\SmarterTools\SmarterMail\*, and;
  • C:\SmarterMail
The proper way to scan SmarterMail for viruses is to use either the built-in, and free, CLAMAV tool:
 
As Steve Reid indicated in a previous post, make certain you do not have an antivirus program running on the server which is scanning the SmarterMail directories.
 
While the use of AV programs is highly encouraged, on both servers, workstations, and with mobile devices, an AV program running on a mail server should NEVER scan the files in the SmarterMail directories.  These two directories should be set to EXCLUDED in the AV program setup:
  • C:\Program Files (x86)\SmarterTools\SmarterMail\*, and;
  • C:\SmarterMail
The proper way to scan SmarterMail for viruses is to:
 
  • use the built-in, and free, CLAMAV tool, available under SECURITY ===> ANTIVIRUS ===> OPTIONS
 
ClamAV SETTINGS
ClamAV SETTINGS - Screen #1
 
  • which will, once updated with new virus definations, show the following information
 
ClamAV Settings / Options - Screen 2
ClamAV Settings / Options - Screen 2
 
  • enable a COMMAND LINE AV scanner - must be compatible with external program, or
     
  • purchase the Cyren Zero-Hour Antivirus License
     
You should also make certain you are running the most current release of SmarterMail and have all of the Microsoft security patches, both automatic and elective, installed.
 
Not installing security patches on a regular basis has an enormous implication on both server performance and server security vulnerability and can also contribute to user's passwords being compromised or disappearing because of viruses and worms.
 
I just completed work on a client's SmarterMail server last night which had more than 38 viruses and worms residing on the server.  They were eating memory (almost two gig worth), and were regularly compromising accounts: sending spam from the infected accounts, causing the IP addresses to be blacklisted, and locking people out of their accounts.
 
Finally, make certain you are ENFORCING STRONG PASSWORDS!  Strong passwords don't have to be a pain in the butt, but they are the first line of defense in security any server. 

For more information on strong passwords, and why they are important, see:
Passwords: That Bane of Any IT Manager
Bruce Barnes ChicagoNetTech Inc brucecnt@comcast.net Phonr: (773) 491-9019 Phone: (224) 444-0169 E-Mail and DNS Security Specialist Network Security Specialist Customer Service Portal: https://portal.chicagonettech.com Website: https://www.ChicagoNetTech.com Security Blog: http://networkbastion.blogspot.com/ Web and E-Mail Hosting, E-Mail Security and Consulting
0
CCC Replied
 
We have seen this behavior several times during Smartermail upgrades
 
We did not see it during the most recent upgrade to version 12.5.5409
 
We typically stop the Smartermail services and IIS prior to the upgrade, perform the upgrade, and then run the password compliance report to determine if any passwords have been blanked out.
 
We have AV exclusions configured correctly.
 
 
 
0
Brad Kingsley Replied
This continues to be a serious problem for us. The server reboots and
we get either blank passwords or completely blank userconfig.xml files.
 
We're using 12.5.5409 and AV exclusions are configured correctly.
 
Hard to believe you will not acknowledge this is a bug.
0
Steve Reid Replied
If the server hard reboots then maybe that is causing the issue? The smartermail service has to be shutdown cleanly.
0
Bruce Replied
Just had this happen on the latest SmaterMail Enterprise 13.2.5511 after applying windows updates to the server this morning and rebooting it.
 
Thankfully only 9 mailboxes across 3 domains out of 9,000 mailboxes across 2,500 domains got affected and where able to roll back the userConfig.xml files for these accounts from nightly backups that we had.
 
There is no AV software running on the server which is running Windows 2012 R2 and has only SmarterMail installed and IIS 8.5.
 
Is there anyway to avoid this issue as do not want to have to have this issue every time the server is rebooted?
0
Employee Replied
Employee Post
Bruce, we are currently working a ticket with another customer having similar issues. Can you tell me whether or not you are using a SAN?
0
Bruce Replied
No not using a SAN. SmarterMail is running in Hyper-v 2012 R2 but the storage is local to the Hyper-V server using multiple Intel DC S3500 Solid State Drives. Windows and SmarterMail are installed to one SDD and the SmarterMail domains are stored on another SSD. Are running SmarterMail on Windows 2012 R2 Standard with IIS 8.5 and ASP.NET 4.5.2. The problem occurs after running windows updates and the server is rebooted to apply the windows updates. Looking at the userConfig.xml files the password is replaced with an empty 'password' field in the XML file.
0
Gary Steiner Replied
Just ran into this same problem after upgrading from 13.3.5535 to 13.4.5598.  A user reported an inability to login.  Going to Sysadmin and viewing the user account, after clicking on "show password', the password field displays as blank.  Went to impersonate under Sysadmin and was able to login as the user and reset the password.
 
1
Giovanni Zomer Replied
We're having the same problem; running version 13.4.5603;
There was a problem on the server, and after the reboot we lost 13 email-pwd;
the problem is, I am not able to reset the password, as it is not saved anymore;
how should this be done?
Which possibility is there to avoid this in the future? (it already happend three times! never had it before on older version, on an older server); this one is using a virtual hosting system;
Thanks!
 
 
ADDING:
**********
I found out how to reset the lost user data; there is a userdata-bak-file in the user's directory; the right userdata-config files is a file full of empty data; the bak is a readable xml-file; if I rename the bak-file to the cfg-file, the lost userdata and userpwd and userconfig is restored! at least this is good news!!!
You don't even have to stop and restart the service
0
Employee Replied
Employee Post
Giovanni, can you tell me whether or not you are using a SAN?
0
Giovanni Zomer Replied
unfortunately, we don't know; we are hosted externally; we know the technical parameters but not if it is a SAN;
0
Paul Klinkenberg Replied
Same here. Client told me he and his wife couldn't retrieve their email through IMAP. After loads of debugging and log crawling, it was just a matter of empty password + name changed to "N/A".
No idea what could have caused this, but it should never ever happen!
 
Using Smartermail Pro 12.3.5318 btw
0
Eric Tykwinski Replied
Just as a side note, it seems like this is caused by a file in use.  I've only ever seen the issue post upgrades, but that's my guess.  Would file indexing possibly be the cause?
0
Giovanni Zomer Replied
it happend 4-5 times in the last weeks; we found out it was each time after the new server had serious hardware problems; an unexpected reboot seems the problem for SmarterMail; we also found out that just people accessing with IMAP had the problems (not everyone!) but no one accessing with POP3; technical problems were solved and it has never happened since then ... let's hope for the best!
0
George Rauscher Replied
Same here, last night...  lost some userdata-config in Domains/Users/User/
No A/V running ???
 
Newest 14.0 Version !!!
 
 
George A. RauscherMember of the German Society for Criminology (Deutsche Gesellschaft für Kriminalistik e. V.)Member of "LEVA" Law Enforcement and Emergency Services Video Association, Inc.intelligent piXel GmbHExperts in forensic criminologyEnzianstr. 4a82319 Starnberg0800 - 999 8 99 88 (free*)Website: www.intelligent-pixel.comManaging Director: George A. RauscherAuthorized Representative: Dr. Louise MorgottTax Number: 143 / 150 / 31010HRB 207 679 / Munich Local Court
0
Giovanni Zomer Replied
look at the userdata-bak; if you rename them, you got the lost data back; the reason seams to be an unexpected crash (of the operating system or of the software) ... this is what happened to me; thanks to the bak-data, I got it working again
0
Employee Replied
Employee Post
Giovanni Zomer, what version of SM are you using?  Also, when the issue occurs again and before you rename the userConfig_bak.xml, can you send us a copy of the userConfig.xml file?  We would like to see if the file is corrupted or simply missing username / password fields.
0
Giovanni Zomer Replied
last time I got the problem I used the last version of 13.x, just before upgrading to 14.x; I looked at the content of userconfig.xml before taking the bak-version: it was the same length as the bak-version, but everything was empty; it was full of ASCII 00
1
David Barker Replied
We recently had the same experience when upgrading our SM servers to 14.x while AV, Backup software etc are given as reasons what I do know is that this was not an issue prior to the upgrade then after the upgrade the problem was "blank" userconfig.xml I say "blank" as while it seems empty the file maintained is current size. Anyway here is how we resolved the issue.

If you made a complete backup of your SmarterMail Domains folder before the upgrade. All you would need to do is download a file syncing program such as Free File Sync and copy all of the Userconfig.xml files from your backup directory to your SmarterMail domains. You can do this with the Smartermail service running and there is no need to restart the service once the copy is complete. This will restore all of the users passwords and user settings back to what they were before the upgrade, thus resolving the issue. If you do not have a backup the next best option would be to use the userConfig_bak.xml located in the same folder to replace the problem file.
Email : david.barker@mailsbestfriend.com Web : www.mailsbestfriend.com Office : 866.919.2075
0
Steve Reid Replied
Since smartertools doesn't seem to know what the problem is, they probably need more info, have you considered opening a ticket so they can diagnose it more.
0
Tony Munson Replied
Same issues as others have mentioned. As far as I can tell it occurs when SmarterMail Service is restarted (via a reboot or service restart) while the user has Outlook connected via IMAP.
 
It occurred for a few users on our system. The passwords were set to empty. When the user tried connecting their Outlook client they triggered the Password Brute Force alert. This puts them in a perpetual loop until I reset their account and clear the app pool to clear the IP block caching.
 
Here's our setup:
  • SmarterMail Enterprise Edition Version 14.0.5647
  • Windows Server 2012 R2 Datacenter (x64)
  • ClamAV (only AV on box)
  • RoboSync (runs at early morning hours - not when this happend)
0
Paul Blank Replied
Backup software should NOT be an issue.  Those config files are so small - I'm thinking it's possible that, for example, there was a "hang" in the backup process while ONE file was open. It's very unlikely that this would impact more than one user. And of course it would need to be that user's config file. Just my opinion of course.
0
Webio Replied
Hello,
 
today I've also experienced the same issue (for the first time). I could not update user account using webmail. Only fix which worked without even restarting SM process was renaming userConfig_bak.xml  to userConfig.xml. If anyone from ST SM dev  team is interested in obtaining corrupted userConfig.xml file then just let me know. Corrupted file has the same size like bak file but it's completely empty.
 
Regards
0
Employee Replied
Employee Post
Webio, can you create a sales ticket and attachment the corrupted file and the good bak file?  Please mention my name so it gets to me.  Thanks.
0
Webio Replied
Sent.
1
Employee Replied
Employee Post
I have a SM 14.x custom build that should remedy the issue with blank passwords/usernames and the corrupted userConfig.xml file on user load.  In this custom build, if the program encounters an unrecoverable error while loading the userConfig.xml, it will attempt to load the userConfig_bak.xml instead.
 
If you are interested in trying this custom build, please contact sales@smartertools.com.
0
Eric Tykwinski Replied
Rob,

For what it's worth, I did the upgrade to 14.0.5661 on 7-16-2015, of course the update came the same day... Since I was upgrading from 13, I did a full install and reboot, and had no passwords lost. On 7-17, we had what looked like the Samsung issue with a client and past co-worker so I was able to troubleshoot a bit. Post-upgrade still no issues with lost passwords, that was a simple shutdown of services and IIS, which I do normally. Still no passwords lost, so it's definitely an intermittent issue from what I've seen. Always a bitch to troubleshoot, so good luck on the fix...
0
Webio Replied
In my environment blank passwords where caused by unclean shutdown and I experienced this for the first time so it is not so badly needed so I will just wait for next 14.x build.
0
CCC Replied
I assume this will be rolled into a public build once it has been tested?
0
Employee Replied
Employee Post
CCC, yes, this change will be included in the next minor release.
0
Brian Ellwood Replied
@Robert: Will an event be logged or triggered for this behavior? It would be prudent for admins to know that _bak files are being utilized.

Thanks =)
0
Employee Replied
Employee Post
Brian, if SmarterMail is unable to load userConfig.xml it will log the error message and that it is attempting to load userConfig_bak.xml in the yyyy.mm.dd-loadLog.log. It will also report an error message if it fails to load userConfig_bak.xml.
0
Brian Ellwood Replied
Thank you =)

Reply to Thread