• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1244
  • Last Modified:

Exchange 2010 and IPhone


Can anyone explain to me what if anything needs to be set up on Exchange 2010 for IPhone and other Smart Phone users to log in and retrieve email.

I followed the configuration settings which are included under the Outlook Web App but have been successful.  I actually get as far as being prompted for a password, but it continually rejects my current/correct password.

Any ideas?
0
jchismar
Asked:
jchismar
  • 5
  • 4
  • 4
  • +3
2 Solutions
 
pcchiuCommented:
There's no special setup require from the exchange 2010.
You may need to specific the domain name for the iphone, also check and make sure the SSL option(on)
Try to retype the server name, username and password and set the account up manually instead of using the automatic setup.
0
 
sunnyc7Commented:
get-activesyncvirtualdirectory | fl

run that and output it here.
0
 
Shabarinath RamadasanInfrastructure ArchitectCommented:
iPhone works using Active Sync.
If your environment is configured with Active Sync, then you should be able to.

https://www.testexchangeconnectivity.com/

Check the active sync status using the above site.

Thanks
Shaba
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 
Alan HardistyCommented:
I installed my Exchange 2010 server, installed a 3rd party SSL certificate and it worked straight away.

Have you bought an SSL certificate or are you using the default one?

For Activesync to work, the certificate name has to have a Fully Qualified Domain Name in the certificate that matches and resolves to the servers IP address externally.  Without that, you are on a hiding to nowhere.
0
 
jchismarAuthor Commented:
I did buy a third party certificate from DigiCert.  However, our internal domain is named differently than our external domain.   We initially had certificate errors on the inside of our network because of this, but I was able to fix that.

I think my inability to login may have something to do with this issue...?

Any suggestions?
0
 
sunnyc7Commented:
Can you run this and output the results here

get-activesyncvirtualdirectory | fl
get-clientaccessserver | fl

thanks
0
 
Alan HardistyCommented:
Please visit https://testexchangeconnectivity.com and run the Exchange Activesync test.
Specify manual server settings and post the results please.
0
 
jchismarAuthor Commented:

Attached is the response for both -getactivesynvitualdirectory and client access server
[PS] C:\Users\administrator.BADGER\Desktop>get-activesyncvirtualdirectory | fl


RunspaceId                                 : b50bf789-df8d-4ce0-8383-5823345a0493
MobileClientFlags                          : BadItemReportingEnabled, SendWatsonReport
MobileClientCertificateProvisioningEnabled : False
BadItemReportingEnabled                    : True
SendWatsonReport                           : True
MailboxLoggingEnabled                      : False
MobileClientCertificateAuthorityURL        :
MobileClientCertTemplateName               :
ActiveSyncServer                           :
RemoteDocumentsActionForUnknownServers     : Allow
RemoteDocumentsAllowedServers              : {}
RemoteDocumentsBlockedServers              : {}
RemoteDocumentsInternalDomainSuffixList    : {}
MetabasePath                               : IIS://csmail.badger.org/W3SVC/1/ROOT/Microsoft-Server-ActiveSync
BasicAuthEnabled                           : True
WindowsAuthEnabled                         : False
CompressionEnabled                         : True
ClientCertAuth                             : Accepted
WebsiteName                                : Default Web Site
WebSiteSSLEnabled                          : True
VirtualDirectoryName                       : Microsoft-Server-ActiveSync
Path                                       :
Server                                     : CSMAIL
InternalUrl                                : https://csmail.badger.org/Microsoft-Server-ActiveSync
InternalAuthenticationMethods              : {}
ExternalUrl                                :
ExternalAuthenticationMethods              : {}
AdminDisplayName                           :
ExchangeVersion                            : 0.10 (14.0.100.0)
Name                                       : Microsoft-Server-ActiveSync (Default Web Site)
DistinguishedName                          : CN=Microsoft-Server-ActiveSync (Default Web Site),CN=HTTP,CN=Protocols,CN=
                                             CSMAIL,CN=Servers,CN=Exchange Administrative Group (FYDIBOHF23SPDLT),CN=Ad
                                             ministrative Groups,CN=First Organization,CN=Microsoft Exchange,CN=Service
                                             s,CN=Configuration,DC=badger,DC=org
Identity                                   : CSMAIL\Microsoft-Server-ActiveSync (Default Web Site)
Guid                                       : a958e0c2-f730-4894-9c3e-f474db930b32
ObjectCategory                             : badger.org/Configuration/Schema/ms-Exch-Mobile-Virtual-Directory
ObjectClass                                : {top, msExchVirtualDirectory, msExchMobileVirtualDirectory}
WhenChanged                                : 5/18/2010 1:25:55 PM
WhenCreated                                : 5/18/2010 1:25:55 PM
WhenChangedUTC                             : 5/18/2010 5:25:55 PM
WhenCreatedUTC                             : 5/18/2010 5:25:55 PM
OrganizationId                             :
OriginatingServer                          : csserv02.badger.org
IsValid                                    : True


-GET CLIENTACCESSSERVER

RunspaceId                           : b50bf789-df8d-4ce0-8383-5823345a0493
Name                                 : CSMAIL
Fqdn                                 : csmail.badger.org
OutlookAnywhereEnabled               : True
AutoDiscoverServiceCN                : csmail
AutoDiscoverServiceClassName         : ms-Exchange-AutoDiscover-Service
AutoDiscoverServiceInternalUri       : https://mail.craigschool.org/autodiscover/autodiscover.xml
AutoDiscoverServiceGuid              : 77378f46-2c66-4aa9-a6a6-3e7a48b19596
AutoDiscoverSiteScope                : {Default-First-Site-Name}
AlternateServiceAccountConfiguration :
IsValid                              : True
ExchangeVersion                      : 0.1 (8.0.535.0)
DistinguishedName                    : CN=CSMAIL,CN=Servers,CN=Exchange Administrative Group (FYDIBOHF23SPDLT),CN=Adm
                                       istrative Groups,CN=First Organization,CN=Microsoft Exchange,CN=Services,CN=Co
                                       iguration,DC=badger,DC=org
Identity                             : CSMAIL
Guid                                 : 5e55444b-c6c3-4f7e-a5f3-594d4e2aec42
ObjectCategory                       : badger.org/Configuration/Schema/ms-Exch-Exchange-Server
ObjectClass                          : {top, server, msExchExchangeServer}
WhenChanged                          : 6/11/2010 3:51:49 PM
WhenCreated                          : 3/16/2010 4:11:07 PM
WhenChangedUTC                       : 6/11/2010 7:51:49 PM
WhenCreatedUTC                       : 3/16/2010 8:11:07 PM
OrganizationId                       :
OriginatingServer                    : csserv02.badger.org

Open in new window

0
 
jchismarAuthor Commented:
Here is the Exchange connectivty ActiveSync Test.
ExRCA is testing Exchange ActiveSync.
 The Exchange ActiveSync test failed.
 Test Steps
 Attempting to resolve the host name mail.craigschool.org in DNS.
 Host successfully resolved
 Additional Details
 IP(s) returned: 24.190.161.84

Testing TCP Port 443 on host mail.craigschool.org to ensure it is listening and open.
 The port was opened successfully.
ExRCA is testing the SSL certificate to make sure it's valid.
 The certificate passed all validation requirements.
 Test Steps
 The certificate name is being validated.
 Successfully validated the certificate name
 Additional Details
 Found hostname mail.craigschool.org in Certificate Subject Common name

Validating certificate trust for Windows Mobile Devices
 The certificate is trusted and all certificates are present in the chain.
 Additional Details
 Certificate is trusted for Windows Mobile 5 and Later platforms. Root = CN=Entrust.net Secure Server Certification Authority, OU=(c) 1999 Entrust.net Limited, OU=www.entrust.net/CPS incorp. by ref. (limits liab.), O=Entrust.net, C=US

The certificate date is being confirmed to ensure the certificate is valid.
 Date validation passed. The certificate hasn't expired.
 Additional Details
 Certificate is valid: NotBefore = 6/21/2010 12:00:00 AM, NotAfter = 6/24/2013 11:59:59 PM"



The IIS configuration is being checked for client certificate authentication.
 Client certificate authentication was detected.
 Additional Details
 Accept/Require client certificates were found. Set the IIS configuration to Ignore Client Certificates if you aren't using this type of authentication.
0
 
jchismarAuthor Commented:
Ok,

I changed the SSL settings on Active Sync, checked the "Inherit Permissions" in AD on test user accounts and have gotten a bit further.  The ActiveSync connectivity test now runs successfully until this final error.

 An ActiveSync session is being attempted with the server.
  Errors were encountered while testing the ActiveSync session
   Test Steps
   ExRCA is attempting to send the OPTIONS command to the server.
  Testing of the OPTIONS command failed. For more information, see Additional Details.
   Additional Details
  A Web Exception occurred because an HTTP 401 - Unauthorized response was received from IIS7
 
 
 
0
 
sunnyc7Commented:
Check Alan's article and include inhertiable permissions @ EAS error - options command

http://www.experts-exchange.com/Software/Server_Software/Email_Servers/Exchange/A_2861.html
0
 
jchismarAuthor Commented:

Thanks guys.  The ActiveSync test pointed out a few of my issues...and Alan's article helped finish it off.
0
 
Alan HardistyCommented:
Ah - you migrated from an older Exchange server - this always happens - it is a "feature" that Microsoft has yet to iron out : )
Glad you are sorted and thanks for the points.
Alan
@Sunny - thanks for posting my article : )
0
 
sunnyc7Commented:
You are welcome alan :)
0
 
jjozCommented:
hm.. I'm still getting this error

Checking the IIS configuration for client certificate authentication.
 	Client certificate authentication was detected.
 	
	Additional Details
 	Accept/Require client certificates were found. Set the IIS configuration to Ignore Client Certificates if you aren't using this type of authentication.

Open in new window


i wonder what to do then ?
0
 
Alan HardistyCommented:
>> i wonder what to do then ? <<

Posting your own question would be a good place to start.
0
 
jjozCommented:
oh yes, thanks mate
0

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

  • 5
  • 4
  • 4
  • +3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now