Since we installed CU9 IMAP connections from Outlook (2007 and 2013) get rejected w/ authentication errors.
(from the IMAP4 server log: "NTLM,"R=""yqw4 NO AUTHENTICATE failed."";Msg=""System.Security.SecurityException:The user name or password is incorrect.\r\n"";LiveIdAR=OK;Excpt=""The user name or password is incorrect.\r\n-System.Security.SecurityException"";")
Only after setting "EnableGSSAPIAndNTLMAuth" to false w/ Set-ImapSettings the access works again.
The SPN-Records (IMAP/ and IMAP4/) do exist and point to the right computer account.
I am aware that in CU9 "GSSAPI-based Kerberos authentication protocol is not offered to IMAP clients in Exchange Server 2013" was fixed and I assume that this might be the cause of our issues.
(To avoid a discussion on why no MAPI-based access is used I can tell that most our clients do but for a few IMAP is a requirement.)
Any help on this would be appreciated.