Solved

Setting up Droid to sync with Exchange and getting Authentication errors

Posted on 2010-08-26
9
961 Views
Last Modified: 2013-12-05
I have a user who bought a droid phone I am trying to Sync with his Exchange server. I enter the same setting I use on My droid for my server except for his user name, PWD, and server name yet get an error of Authentication failed. I have confirmed the user name and password.

I even tried deleting the account off my phone and trying to add his but it didn't work so the problem i suspect is with some sort of configuration on his server. We both use Exchange with the same router and basic setups. I rand the Active Sync test https://testexchangeconnectivity.com  on their info and got this (below). Can anyone help me sort this out?



Testing Http Authentication Methods for URL https://mail.sfdins.com/Microsoft-Server-Activesync/
       The HTTP authentication test failed.
       
      Additional Details
       An HTTP 403 forbidden response was received. The response appears to have come from IIS6. Body is: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<HTML><HEAD><TITLE>You are not authorized to view this page</TITLE>
<META HTTP-EQUIV="Content-Type" Content="text/html; charset=Windows-1252">
<STYLE type="text/css">
BODY { font: 8pt/12pt verdana }
H1 { font: 13pt/15pt verdana }
H2 { font: 8pt/12pt verdana }
A:link { color: red }
A:visited { color: maroon }
</STYLE>
</HEAD><BODY><TABLE width=500 border=0 cellspacing=10><TR><TD>

<h1>You are not authorized to view this page</h1>
The Web server you are attempting to reach has a list of IP addresses that are not allowed to access the Web site, and the IP address of your browsing computer is on this list.
<hr>
<p>Please try the following:</p>
<ul>
<li>Contact the Web site administrator if you believe you should be able to view this directory or page.</li>
</ul>
<h2>HTTP Error 403.6 - Forbidden: IP address of the client has been rejected.<br>Internet Information Services (IIS)</h2>
<hr>
<p>Technical Information (for support personnel)</p>
<ul>
<li>Go to <a href="http://go.microsoft.com/fwlink/?linkid=8180">Microsoft Product Support Services</a> and perform a title search for the words <b>HTTP</b> and <b>403</b>.</li>
<li>Open <b>IIS Help</b>, which is accessible in IIS Manager (inetmgr),
and search for topics titled <b>About Security</b>, <b>Limiting Access by IP Address</b>, <b>IP Address Access Restrictions</b>, and <b>About Custom Error Messages</b>.</li>
</ul>

</TD></TR></TABLE></BODY></HTML>
0
Comment
Question by:Axis52401
  • 5
  • 4
9 Comments
 
LVL 38

Expert Comment

by:Hypercat (Deb)
Comment Utility
<<The Web server you are attempting to reach has a list of IP addresses that are not allowed to access the Web site, and the IP address of your browsing computer is on this list.>>
This is the key phrase. You need to look at the security settings for the website on your Exchange server and check if there is a list or range of IP addresses that are denied access.
0
 
LVL 2

Author Comment

by:Axis52401
Comment Utility
How do I check that, I know there is the Access Tab of the Default SMTP server and I have checked the relay and connection settings and they don't show my or Microsofts IP as being blocked?
0
 
LVL 38

Expert Comment

by:Hypercat (Deb)
Comment Utility
You need to open the IIS Manager on the server and check the settings there for the Default Web Site and possibly for some of the other virtual directories:
  1. On the Exchange server, open IIS Manager.
  2. Navigate down to the Web Site/Default Web Site object.
  3. Right-click and go to Properties, then go to the Directory Security tab (see screen capture).
IIS-Properties-DS-tab.jpg
0
 
LVL 38

Expert Comment

by:Hypercat (Deb)
Comment Utility
One to the next step:
  1. Click the Edit button for the "IP address and domain name restrictions." (See screen capture)
  2. Check there to see if the Denied access item is checked and if there are any IP addresses listed there.
  3. If nothing is listed there, check the same settings for the Microsoft-Server-Activesync and OMA virtual directories.
IIS-DS-IP-Granted.jpg
0
Are your corporate email signatures appalling?

Is it scary how unprofessional your email signatures look? Do users create their own terrible designs and give themselves stupid job titles? You can make this a lot easier for yourself by choosing an email signature management solution from Exclaimer today.

 
LVL 2

Author Comment

by:Axis52401
Comment Utility
This is what I have that set too and I get the same Authentication error. if I am reading this right it says all IP's  are allowed.
IP.doc
IP.doc
0
 
LVL 38

Expert Comment

by:Hypercat (Deb)
Comment Utility
That is for the Exchange virtual directory. Did you look at the top-level Default Web Site and the other two virtual directories I mentioned? Those are the ones that might be restricted.
0
 
LVL 2

Author Comment

by:Axis52401
Comment Utility
I found that the settings for Microsoft-Server-Activesync showed some IP's there and I set it to allow all it works, and the phone will sync, however if I do an IIS reset it puts those IP's back. So my last question is if I happen to reboot the server will it do what an IIS reset does and put those IP's back?
0
 
LVL 38

Accepted Solution

by:
Hypercat (Deb) earned 500 total points
Comment Utility
That's very odd, I've never heard of that happening before...Do you have administrative-level access to the computer where Exchange is running?
I'll do a little research and see if I can figure out why they'd come back, but it will take a while, as I have a meeting I have to go to first.
0
 
LVL 2

Author Comment

by:Axis52401
Comment Utility
Yes, I'm logged in with full domain admin rights, and I've got his phone synced up and it's working. I'm just concerned that the next reboot we do for whatever reason might stop the phone from Syncing.
0

Featured Post

How to improve team productivity

Quip adds documents, spreadsheets, and tasklists to your Slack experience
- Elevate ideas to Quip docs
- Share Quip docs in Slack
- Get notified of changes to your docs
- Available on iOS/Android/Desktop/Web
- Online/Offline

Join & Write a Comment

Suggested Solutions

Title # Comments Views Activity
Printer Server  - Drivers 3 30
Error 450 sending internal mail 6 13
exchange, transaction logs 3 25
Hide External contact 13 22
Join Greg Farro and Ethan Banks from Packet Pushers (http://packetpushers.net/podcast/podcasts/pq-show-93-smart-network-monitoring-paessler-sponsored/) and Greg Ross from Paessler (https://www.paessler.com/prtg) for a discussion about smart network …
Not sure what the best email signature size is? Are you worried about email signature image size? Follow this best practice guide.
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…
This video discusses moving either the default database or any database to a new volume.

728 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now