IMF Tune v6.1 - Forefront Protection 2010 for Exchange Support
IMF Tune v5.6 Moderator - Dealing with Repeated Login Failures
In the past few months a number of Organizations reported login problems with the IMF Tune Web Moderator/Reporting interface. The problem is limited to users who do not have administrative access to the Quarantine system. Here we provide more details and solutions to this problem.
This problem concerns systems where all IMF Tune components have been successfully installed. Administrators are able to logon to the Quarantine, but some users experience repeated logon failures with the Moderator returning an "Unknown Error":
Note: Here we are referring to Quarantine accounts created at the IMF Tune Configuration in order to access the Quarantine system and not Windows Domain accounts.
Note: If you are unable to get to the Quarantine System login screen or you are unable to get any successful logins, it is likely that the product was not correctly installed and configured.
The login failure itself is caused by a database timeout. This type of error indicates that the Quarantine system is not coping with the email load.
To better understand what is going on, we need to take a look at the two components making up IMF Tune Quarantine/Reporting:
The Quarantine system responsiveness is very dependent on the performance of the backend database. The database will normally house records on thousands of emails. Quite obviously for the system to work smoothly, the necessary server resources must be available.
Most support cases we investigated concerned organizations running Windows Small Business Server (SBS). These organizations were running all server applications on a single machine. With the server already stretched to the limit, the system could not cope with running additional applications.
Note: WinDeveloper recommends installing the SQL database on a different server, other than the MS Exchange server where the IMF Tune filtering component is installed.
Background Information - Quarantine User Accounts
Access to the IMF Tune Web Interface is granted from the IMF Tune Server configuration under the Quarantine | Users category.
From here users are assigned their login credentials together with a set of permissions over the Quarantine/Reporting features. The type of permissions assigned to users is very relevant to this problem since in general the login errors are experienced by users having account roles 'User', 'User Read Only' or 'Custom'.
Solution 1 - Moving the Quarantine Database to new Hardware
The long term solution to this problem is to make sure the Database has enough resources to handle the email load. Very often this means that you will need to move the Quarantine Database to a different server. For details on how to do this check the article Moving the Quarantine Database to New Hardware.
Workaround 1 - Reduce the Database Load
A possible workaround is that of reducing the amount of data collected. In this manner we reduce the SQL database load. Thus the system becomes more responsive causing less timeout errors. Details on how to configure IMF Tune to reduce the data load was discussed in IMF Tune Quarantine Performance.
Workaround 2 - Extending the Database Timeout limit
By default the IMF Tune Moderator sets the timeout limit to 30 seconds. Once this is exceeded the Moderator starts reporting errors. This limit can be increased as follows: