Link to home
Start Free TrialLog in
Avatar of Axis52401
Axis52401Flag for United States of America

asked on

Setting up Droid to sync with Exchange and getting Authentication errors

I have a user who bought a droid phone I am trying to Sync with his Exchange server. I enter the same setting I use on My droid for my server except for his user name, PWD, and server name yet get an error of Authentication failed. I have confirmed the user name and password.

I even tried deleting the account off my phone and trying to add his but it didn't work so the problem i suspect is with some sort of configuration on his server. We both use Exchange with the same router and basic setups. I rand the Active Sync test https://testexchangeconnectivity.com  on their info and got this (below). Can anyone help me sort this out?



Testing Http Authentication Methods for URL https://mail.sfdins.com/Microsoft-Server-Activesync/
       The HTTP authentication test failed.
       
      Additional Details
       An HTTP 403 forbidden response was received. The response appears to have come from IIS6. Body is: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<HTML><HEAD><TITLE>You are not authorized to view this page</TITLE>
<META HTTP-EQUIV="Content-Type" Content="text/html; charset=Windows-1252">
<STYLE type="text/css">
BODY { font: 8pt/12pt verdana }
H1 { font: 13pt/15pt verdana }
H2 { font: 8pt/12pt verdana }
A:link { color: red }
A:visited { color: maroon }
</STYLE>
</HEAD><BODY><TABLE width=500 border=0 cellspacing=10><TR><TD>

<h1>You are not authorized to view this page</h1>
The Web server you are attempting to reach has a list of IP addresses that are not allowed to access the Web site, and the IP address of your browsing computer is on this list.
<hr>
<p>Please try the following:</p>
<ul>
<li>Contact the Web site administrator if you believe you should be able to view this directory or page.</li>
</ul>
<h2>HTTP Error 403.6 - Forbidden: IP address of the client has been rejected.<br>Internet Information Services (IIS)</h2>
<hr>
<p>Technical Information (for support personnel)</p>
<ul>
<li>Go to <a href="http://go.microsoft.com/fwlink/?linkid=8180">Microsoft Product Support Services</a> and perform a title search for the words <b>HTTP</b> and <b>403</b>.</li>
<li>Open <b>IIS Help</b>, which is accessible in IIS Manager (inetmgr),
and search for topics titled <b>About Security</b>, <b>Limiting Access by IP Address</b>, <b>IP Address Access Restrictions</b>, and <b>About Custom Error Messages</b>.</li>
</ul>

</TD></TR></TABLE></BODY></HTML>
Avatar of Hypercat (Deb)
Hypercat (Deb)
Flag of United States of America image

<<The Web server you are attempting to reach has a list of IP addresses that are not allowed to access the Web site, and the IP address of your browsing computer is on this list.>>
This is the key phrase. You need to look at the security settings for the website on your Exchange server and check if there is a list or range of IP addresses that are denied access.
Avatar of Axis52401

ASKER

How do I check that, I know there is the Access Tab of the Default SMTP server and I have checked the relay and connection settings and they don't show my or Microsofts IP as being blocked?
You need to open the IIS Manager on the server and check the settings there for the Default Web Site and possibly for some of the other virtual directories:
  1. On the Exchange server, open IIS Manager.
  2. Navigate down to the Web Site/Default Web Site object.
  3. Right-click and go to Properties, then go to the Directory Security tab (see screen capture).
IIS-Properties-DS-tab.jpg
One to the next step:
  1. Click the Edit button for the "IP address and domain name restrictions." (See screen capture)
  2. Check there to see if the Denied access item is checked and if there are any IP addresses listed there.
  3. If nothing is listed there, check the same settings for the Microsoft-Server-Activesync and OMA virtual directories.
IIS-DS-IP-Granted.jpg
This is what I have that set too and I get the same Authentication error. if I am reading this right it says all IP's  are allowed.
IP.doc
IP.doc
That is for the Exchange virtual directory. Did you look at the top-level Default Web Site and the other two virtual directories I mentioned? Those are the ones that might be restricted.
I found that the settings for Microsoft-Server-Activesync showed some IP's there and I set it to allow all it works, and the phone will sync, however if I do an IIS reset it puts those IP's back. So my last question is if I happen to reboot the server will it do what an IIS reset does and put those IP's back?
ASKER CERTIFIED SOLUTION
Avatar of Hypercat (Deb)
Hypercat (Deb)
Flag of United States of America image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Yes, I'm logged in with full domain admin rights, and I've got his phone synced up and it's working. I'm just concerned that the next reboot we do for whatever reason might stop the phone from Syncing.