thorptech
asked on
How do I configure exchange 2007 to allow iPhone/iPad to work.
Hi Everyone,
I have a server running Windows Server 2003 x64 Standard with Exchange 2007. The server was allowing iPhone's and iPad's to connect using the mail program until this week. I've been working two days on this and still cannot find a solution please help.
On the iPhone or iPad it displays (Cannot Get Mail The connection to the server failed.)
OWA and Outlook Clients work perfectly.
I've ran the exchange analyzer https://testexchangeconnectivity.com/ here are the results of the Exchange ActiveSync test.
ExRCA is testing Exchange ActiveSync.
The Exchange ActiveSync test failed.
Test Steps
Attempting to resolve the host name (my domain name) in DNS.
Host successfully resolved
Additional Details
IP(s) returned: (server ip)
Testing TCP Port 443 on host (my domain name) to ensure it is listening and open.
The port was opened successfully.
ExRCA is testing the SSL certificate to make sure it's valid.
The SSL certificate failed one or more certificate validation checks.
Test Steps
The certificate name is being validated.
Successfully validated the certificate name
Additional Details
Found hostname (my domain name) in Certificate Subject Common name
Validating certificate trust for Windows Mobile Devices
Certificate trust validation failed.
Tell me more about this issue and how to resolve it
Additional Details
The certificate chain did not end in a trusted root. Root = CN=Equifax Secure Global eBusiness CA-1, O=Equifax Secure Inc., C=US
I have a server running Windows Server 2003 x64 Standard with Exchange 2007. The server was allowing iPhone's and iPad's to connect using the mail program until this week. I've been working two days on this and still cannot find a solution please help.
On the iPhone or iPad it displays (Cannot Get Mail The connection to the server failed.)
OWA and Outlook Clients work perfectly.
I've ran the exchange analyzer https://testexchangeconnectivity.com/ here are the results of the Exchange ActiveSync test.
ExRCA is testing Exchange ActiveSync.
The Exchange ActiveSync test failed.
Test Steps
Attempting to resolve the host name (my domain name) in DNS.
Host successfully resolved
Additional Details
IP(s) returned: (server ip)
Testing TCP Port 443 on host (my domain name) to ensure it is listening and open.
The port was opened successfully.
ExRCA is testing the SSL certificate to make sure it's valid.
The SSL certificate failed one or more certificate validation checks.
Test Steps
The certificate name is being validated.
Successfully validated the certificate name
Additional Details
Found hostname (my domain name) in Certificate Subject Common name
Validating certificate trust for Windows Mobile Devices
Certificate trust validation failed.
Tell me more about this issue and how to resolve it
Additional Details
The certificate chain did not end in a trusted root. Root = CN=Equifax Secure Global eBusiness CA-1, O=Equifax Secure Inc., C=US
Can you telnet the server on port 6001? what is the message?
ASKER
Yes the message is
ncacn_http/1.0
ncacn_http/1.0
ASKER
iPhone or iPad also displays (Exchange Account Unable to verify account information)
ASKER
I've download a tool called ActiveSync Tester from https://store.accessmylan.com/
When I run the test this is the result I get.
Testing (my domain name) (SSL, On Internet):
Communications:
Doing DNS lookup on (my domain name) OK (server ip)
Testing TCP to (server ip) port 443 ....... OK
SSL Certificate:
Receiving .......................... ...... OK
Ensuring not Self-Signed ................. OK
Verifying certificate .................... OK
ActiveSync:
Checking for application ................. FAIL
Result:
ActiveSync detected, but access denied. [HTTP 403: Disabled for this user]
(For more detailed diagnosis and possible solutions, see www.accessmylan.com )
When I run the test this is the result I get.
Testing (my domain name) (SSL, On Internet):
Communications:
Doing DNS lookup on (my domain name) OK (server ip)
Testing TCP to (server ip) port 443 ....... OK
SSL Certificate:
Receiving ..........................
Ensuring not Self-Signed ................. OK
Verifying certificate .................... OK
ActiveSync:
Checking for application ................. FAIL
Result:
ActiveSync detected, but access denied. [HTTP 403: Disabled for this user]
(For more detailed diagnosis and possible solutions, see www.accessmylan.com )
Hey Thorp:
Set the following on your mailbox 2003 server:
- IIS > Default Web Site ...Properties > Security Tab > Uncheck Anonymous > Check Integrated Windows.. > Close properties window > Restart IIS
Since your mailbox is on 2003... you will get error if you are testing @ https://testexchangeconnectivity.com/ ...
User your iphone.. or windows mobile phone... to sync... n have fun...
Set the following on your mailbox 2003 server:
- IIS > Default Web Site ...Properties > Security Tab > Uncheck Anonymous > Check Integrated Windows.. > Close properties window > Restart IIS
Since your mailbox is on 2003... you will get error if you are testing @ https://testexchangeconnectivity.com/ ...
User your iphone.. or windows mobile phone... to sync... n have fun...
ASKER
madetis1
I gave that a try and now OWA has stopped working and the iphone still does not work. Also https://testexchangeconnectivity.com still displays the same error.
OWA is displaying (440 Login Timeout)
I gave that a try and now OWA has stopped working and the iphone still does not work. Also https://testexchangeconnectivity.com still displays the same error.
OWA is displaying (440 Login Timeout)
ASKER
Used the following Microsoft article to fix the owa issues.
http://support.microsoft.com/kb/941201
iPhone/iPad still not working.
http://support.microsoft.com/kb/941201
iPhone/iPad still not working.
Autodiscover is working? can you test and confirm that please with https://testexchangeconnectivity.com.
ASKER
Exchange ActiveSync Autodiscover Test
ExRCA is attempting the Autodiscover and Exchange ActiveSync test (if requested).
Testing of Autodiscover for Exchange ActiveSync failed.
Test Steps
ExRCA is attempting each method of contacting the Autodiscover service.
The Autodiscover service couldn't be contacted successfully by any method.
Test Steps
Attempting to test potential AutoDiscover URL https://(my domain name)/AutoDiscover/AutoDis cover.xml
Testing of this potential Autodiscover URL failed.
Test Steps
Attempting to resolve the host name (my domain name) in DNS.
Host successfully resolved
Additional Details
IP(s) returned: (server ip)
Testing TCP Port 443 on host (my domain name) to ensure it is listening and open.
The port was opened successfully.
ExRCA is testing the SSL certificate to make sure it's valid.
The certificate passed all validation requirements.
Test Steps
The certificate name is being validated.
Successfully validated the certificate name
Additional Details
Found hostname (my domain name) in Certificate Subject Common name
Certificate trust is being validated.
The certificate is trusted and all certificates are present in the chain.
Additional Details
The Certificate chain has be validated up to a trusted root. Root = CN=Equifax Secure Global eBusiness CA-1, O=Equifax Secure Inc., C=US
The certificate date is being confirmed to ensure the certificate is valid.
Date validation passed. The certificate hasn't expired.
Additional Details
Certificate is valid: NotBefore = 6/17/2008 7:13:11 PM, NotAfter = 6/18/2010 7:13:11 PM"
The IIS configuration is being checked for client certificate authentication.
Client certificate authentication wasn't detected.
Additional Details
Accept/Require Client Certificates not configured.
ExRCA is attempting to send an Autodiscover POST request to potential Autodiscover URLs.
Autodiscover settings weren't obtained when the Autodiscover POST request was sent.
Test Steps
Attempting to Retrieve XML AutoDiscover Response from url https://(my domain name)/AutoDiscover/AutoDis cover.xml for user (username)@(my domain name)
Failed to obtain AutoDiscover XML response.
Additional Details
A Web Exception occurred because an HTTP 405 - MethodNotAllowed response was received from Unknown
Attempting to test potential AutoDiscover URL https://autodiscover.(my domain name)/AutoDiscover/AutoDis cover.xml
Testing of this potential Autodiscover URL failed.
Test Steps
Attempting to resolve the host name autodiscover.(my domain name) in DNS.
The Host could not be resolved.
Tell me more about this issue and how to resolve it
Additional Details
Host autodiscover.(my domain name) could not be resolved in DNS Exception details:
Message: The requested name is valid, but no data of the requested type was found
Type: System.Net.Sockets.SocketE xception
Stack trace:
at System.Net.Dns.GetAddrInfo (String name)
at System.Net.Dns.InternalGet HostByName (String hostName, Boolean includeIPv6)
at System.Net.Dns.GetHostAddr esses(Stri ng hostNameOrAddress)
at Microsoft.Exchange.Tools.E xRca.Tests .ResolveHo stTest.Per formTestRe ally()
ExRCA is attempting to contact the Autodiscover service using the HTTP redirect method.
The attempt to contact Autodiscover using the HTTP Redirect method failed.
Test Steps
Attempting to resolve the host name autodiscover.(my domain name) in DNS.
The Host could not be resolved.
Tell me more about this issue and how to resolve it
Additional Details
Host autodiscover.(my domain name) could not be resolved in DNS Exception details:
Message: The requested name is valid, but no data of the requested type was found
Type: System.Net.Sockets.SocketE xception
Stack trace:
at System.Net.Dns.GetAddrInfo (String name)
at System.Net.Dns.InternalGet HostByName (String hostName, Boolean includeIPv6)
at System.Net.Dns.GetHostAddr esses(Stri ng hostNameOrAddress)
at Microsoft.Exchange.Tools.E xRca.Tests .ResolveHo stTest.Per formTestRe ally()
ExRCA is attempting to contact the Autodiscover service using the DNS SRV redirect method.
Failed to contact AutoDiscover using the DNS SRV redirect method.
Test Steps
Attempting to locate SRV record _autodiscover._tcp.(my domain name) in DNS.
The Autodiscover SRV record wasn't found in DNS.
Tell me more about this issue and how to resolve it
ExRCA is attempting the Autodiscover and Exchange ActiveSync test (if requested).
Testing of Autodiscover for Exchange ActiveSync failed.
Test Steps
ExRCA is attempting each method of contacting the Autodiscover service.
The Autodiscover service couldn't be contacted successfully by any method.
Test Steps
Attempting to test potential AutoDiscover URL https://(my domain name)/AutoDiscover/AutoDis
Testing of this potential Autodiscover URL failed.
Test Steps
Attempting to resolve the host name (my domain name) in DNS.
Host successfully resolved
Additional Details
IP(s) returned: (server ip)
Testing TCP Port 443 on host (my domain name) to ensure it is listening and open.
The port was opened successfully.
ExRCA is testing the SSL certificate to make sure it's valid.
The certificate passed all validation requirements.
Test Steps
The certificate name is being validated.
Successfully validated the certificate name
Additional Details
Found hostname (my domain name) in Certificate Subject Common name
Certificate trust is being validated.
The certificate is trusted and all certificates are present in the chain.
Additional Details
The Certificate chain has be validated up to a trusted root. Root = CN=Equifax Secure Global eBusiness CA-1, O=Equifax Secure Inc., C=US
The certificate date is being confirmed to ensure the certificate is valid.
Date validation passed. The certificate hasn't expired.
Additional Details
Certificate is valid: NotBefore = 6/17/2008 7:13:11 PM, NotAfter = 6/18/2010 7:13:11 PM"
The IIS configuration is being checked for client certificate authentication.
Client certificate authentication wasn't detected.
Additional Details
Accept/Require Client Certificates not configured.
ExRCA is attempting to send an Autodiscover POST request to potential Autodiscover URLs.
Autodiscover settings weren't obtained when the Autodiscover POST request was sent.
Test Steps
Attempting to Retrieve XML AutoDiscover Response from url https://(my domain name)/AutoDiscover/AutoDis
Failed to obtain AutoDiscover XML response.
Additional Details
A Web Exception occurred because an HTTP 405 - MethodNotAllowed response was received from Unknown
Attempting to test potential AutoDiscover URL https://autodiscover.(my domain name)/AutoDiscover/AutoDis
Testing of this potential Autodiscover URL failed.
Test Steps
Attempting to resolve the host name autodiscover.(my domain name) in DNS.
The Host could not be resolved.
Tell me more about this issue and how to resolve it
Additional Details
Host autodiscover.(my domain name) could not be resolved in DNS Exception details:
Message: The requested name is valid, but no data of the requested type was found
Type: System.Net.Sockets.SocketE
Stack trace:
at System.Net.Dns.GetAddrInfo
at System.Net.Dns.InternalGet
at System.Net.Dns.GetHostAddr
at Microsoft.Exchange.Tools.E
ExRCA is attempting to contact the Autodiscover service using the HTTP redirect method.
The attempt to contact Autodiscover using the HTTP Redirect method failed.
Test Steps
Attempting to resolve the host name autodiscover.(my domain name) in DNS.
The Host could not be resolved.
Tell me more about this issue and how to resolve it
Additional Details
Host autodiscover.(my domain name) could not be resolved in DNS Exception details:
Message: The requested name is valid, but no data of the requested type was found
Type: System.Net.Sockets.SocketE
Stack trace:
at System.Net.Dns.GetAddrInfo
at System.Net.Dns.InternalGet
at System.Net.Dns.GetHostAddr
at Microsoft.Exchange.Tools.E
ExRCA is attempting to contact the Autodiscover service using the DNS SRV redirect method.
Failed to contact AutoDiscover using the DNS SRV redirect method.
Test Steps
Attempting to locate SRV record _autodiscover._tcp.(my domain name) in DNS.
The Autodiscover SRV record wasn't found in DNS.
Tell me more about this issue and how to resolve it
ok. you got a general Autodiscover problem. please confirm that with a second method:
1. press CTRL and click on the Outlook tray-icon
2. choose "test email autoconfiguration"
3. fill in the details and and choose only "use autodiscover"
4. post the result of the "results" and the "log" tab
1. press CTRL and click on the Outlook tray-icon
2. choose "test email autoconfiguration"
3. fill in the details and and choose only "use autodiscover"
4. post the result of the "results" and the "log" tab
ASKER
ASKER
When I login into the autodiscover site this is what happens.
https://mail.(my domain)/Autodiscover/Autod iscover.xm l
<?xml version="1.0" encoding="utf-8" ?>
- <Autodiscover>
- <!-- This is a placeholder file -->
</Autodiscover>
https://mail.(my domain)/Autodiscover/Autod
<?xml version="1.0" encoding="utf-8" ?>
- <Autodiscover>
- <!-- This is a placeholder file -->
</Autodiscover>
Hi Thorp,
Is CAS n 2003 in same domain? ... just wondering the cause... as your env. seems same as what I am handling... and I had same issue before till I took care of auth issue on IIS...
Dint mean to scare you ... 440 time out is lil nasty but even before you troubleshoot that.... just make sure on CAS IIS auth is form based and nothing else and on 2003 mailbox server IIS auth is just Integ windows...
Madetiz
Is CAS n 2003 in same domain? ... just wondering the cause... as your env. seems same as what I am handling... and I had same issue before till I took care of auth issue on IIS...
Dint mean to scare you ... 440 time out is lil nasty but even before you troubleshoot that.... just make sure on CAS IIS auth is form based and nothing else and on 2003 mailbox server IIS auth is just Integ windows...
Madetiz
Just to add more...
Auto discover is not mandatory for testing purposes... its just an add in to ease life... you can still do without it ... you ll have to manually type in your server name...
Also am sure you are good at iphone but still an advice... while typing the server name.. just type in CAS fqdn name you published with your isp... you dont need to type in https or /exchange-server-activsync ....
Thanks
Auto discover is not mandatory for testing purposes... its just an add in to ease life... you can still do without it ... you ll have to manually type in your server name...
Also am sure you are good at iphone but still an advice... while typing the server name.. just type in CAS fqdn name you published with your isp... you dont need to type in https or /exchange-server-activsync
Thanks
It is as I assumed: a general autodiscover problem. not just specific to iphone.
would you mind sending me your domain name? I want to analyse the IIS messages. It's ok of you don't want to - it just takes more time.
would you mind sending me your domain name? I want to analyse the IIS messages. It's ok of you don't want to - it just takes more time.
ASKER
Hi Madetis1
Yes CAS is in the same domain.
I’m not trying to setup auto discover; manual config is fine. That was how I was using it before it stopped working. I’m entering the server name manually on the iphone but it will not connect.
i"m entering just mail.domain.com
ok I want to make sure i'm modifly the setting in the correct place. Where do I go to check these settings.
CAS IIS auth is form based and nothing else and on 2003 mailbox server IIS auth is just Integ windows
owa.jpg
Yes CAS is in the same domain.
I’m not trying to setup auto discover; manual config is fine. That was how I was using it before it stopped working. I’m entering the server name manually on the iphone but it will not connect.
i"m entering just mail.domain.com
ok I want to make sure i'm modifly the setting in the correct place. Where do I go to check these settings.
CAS IIS auth is form based and nothing else and on 2003 mailbox server IIS auth is just Integ windows
owa.jpg
ASKER
I'm not sure if this matters but IMAP is enabled and does work on the iphone but the exchange option on the iphone does not work.
ASKER
I'm not sure if this matters but IMAP is enabled and does work on the iphone but the exchange option on the iphone does not work.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
iphone's and ipad's are now syncing perfectly
ASKER
iphone's and ipad's are now syncing perfectly
ASKER
iphone's and ipad's are now syncing perfectly
ASKER
iphone's and ipad's are now syncing perfectly
ASKER
ExRCA is testing RPC/HTTP connectivity.
The RPC/HTTP test failed.
Test Steps
Attempting to resolve the host name (my domain name) in DNS.
Host successfully resolved
Additional Details
IP(s) returned: (server ip)
Testing TCP Port 443 on host (my domain name) to ensure it is listening and open.
The port was opened successfully.
ExRCA is testing the SSL certificate to make sure it's valid.
The certificate passed all validation requirements.
Test Steps
The certificate name is being validated.
Successfully validated the certificate name
Additional Details
Found hostname (my domain name) in Certificate Subject Common name
Certificate trust is being validated.
The certificate is trusted and all certificates are present in the chain.
Additional Details
The Certificate chain has be validated up to a trusted root. Root = CN=Equifax Secure Global eBusiness CA-1, O=Equifax Secure Inc., C=US
The certificate date is being confirmed to ensure the certificate is valid.
Date validation passed. The certificate hasn't expired.
Additional Details
Certificate is valid: NotBefore = 6/17/2008 7:13:11 PM, NotAfter = 6/18/2010 7:13:11 PM"
The IIS configuration is being checked for client certificate authentication.
Client certificate authentication wasn't detected.
Additional Details
Accept/Require Client Certificates not configured.
Testing Http Authentication Methods for URL https://(my domain name)/rpc/rpcproxy.dll
The HTTP authentication methods are correct.
Additional Details
Found all expected authentication methods and no disallowed methods. Methods Found: Basic
SSL mutual authentication with the RPC proxy server is being tested.
Mutual authentication was verified successfully.
Additional Details
Certificate common name (my domain name) matches msstd:(my domain name)
Attempting to Ping RPC Proxy (my domain name)
RPC Proxy was pinged successfully.
Additional Details
Completed with HTTP status 200 - OK
Attempting to ping RPC Endpoint 6001 (Exchange Information Store) on server (my domain name)
The attempt to ping the endpoint failed.
Tell me more about this issue and how to resolve it
Additional Details
RPC_S_SERVER_UNAVAILABLE error (0x6ba) was thrown by the RPC Runtime