Solved

Exchange 2010 and IPhone

Posted on 2010-09-01
17
1,230 Views
Last Modified: 2012-05-10

Can anyone explain to me what if anything needs to be set up on Exchange 2010 for IPhone and other Smart Phone users to log in and retrieve email.

I followed the configuration settings which are included under the Outlook Web App but have been successful.  I actually get as far as being prompted for a password, but it continually rejects my current/correct password.

Any ideas?
0
Comment
Question by:jchismar
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 4
  • 4
  • +3
17 Comments
 
LVL 9

Expert Comment

by:pcchiu
ID: 33579851
There's no special setup require from the exchange 2010.
You may need to specific the domain name for the iphone, also check and make sure the SSL option(on)
Try to retype the server name, username and password and set the account up manually instead of using the automatic setup.
0
 
LVL 28

Accepted Solution

by:
sunnyc7 earned 250 total points
ID: 33579927
get-activesyncvirtualdirectory | fl

run that and output it here.
0
 
LVL 14

Expert Comment

by:Shabarinath Ramadasan
ID: 33580024
iPhone works using Active Sync.
If your environment is configured with Active Sync, then you should be able to.

https://www.testexchangeconnectivity.com/

Check the active sync status using the above site.

Thanks
Shaba
0
Office 365 Advanced Training for Admins

Special Offer:  Buy 1 course, get 2nd free!  Buy the 'Managing Office 365 Identities & Requirements' course w/ Accelerated TestPrep, and automatically receive the 'Enabling Office 365 Services' course FREE!

 
LVL 76

Assisted Solution

by:Alan Hardisty
Alan Hardisty earned 250 total points
ID: 33581816
I installed my Exchange 2010 server, installed a 3rd party SSL certificate and it worked straight away.

Have you bought an SSL certificate or are you using the default one?

For Activesync to work, the certificate name has to have a Fully Qualified Domain Name in the certificate that matches and resolves to the servers IP address externally.  Without that, you are on a hiding to nowhere.
0
 
LVL 1

Author Comment

by:jchismar
ID: 33586249
I did buy a third party certificate from DigiCert.  However, our internal domain is named differently than our external domain.   We initially had certificate errors on the inside of our network because of this, but I was able to fix that.

I think my inability to login may have something to do with this issue...?

Any suggestions?
0
 
LVL 28

Expert Comment

by:sunnyc7
ID: 33586832
Can you run this and output the results here

get-activesyncvirtualdirectory | fl
get-clientaccessserver | fl

thanks
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 33586863
Please visit https://testexchangeconnectivity.com and run the Exchange Activesync test.
Specify manual server settings and post the results please.
0
 
LVL 1

Author Comment

by:jchismar
ID: 33587258

Attached is the response for both -getactivesynvitualdirectory and client access server
[PS] C:\Users\administrator.BADGER\Desktop>get-activesyncvirtualdirectory | fl


RunspaceId                                 : b50bf789-df8d-4ce0-8383-5823345a0493
MobileClientFlags                          : BadItemReportingEnabled, SendWatsonReport
MobileClientCertificateProvisioningEnabled : False
BadItemReportingEnabled                    : True
SendWatsonReport                           : True
MailboxLoggingEnabled                      : False
MobileClientCertificateAuthorityURL        :
MobileClientCertTemplateName               :
ActiveSyncServer                           :
RemoteDocumentsActionForUnknownServers     : Allow
RemoteDocumentsAllowedServers              : {}
RemoteDocumentsBlockedServers              : {}
RemoteDocumentsInternalDomainSuffixList    : {}
MetabasePath                               : IIS://csmail.badger.org/W3SVC/1/ROOT/Microsoft-Server-ActiveSync
BasicAuthEnabled                           : True
WindowsAuthEnabled                         : False
CompressionEnabled                         : True
ClientCertAuth                             : Accepted
WebsiteName                                : Default Web Site
WebSiteSSLEnabled                          : True
VirtualDirectoryName                       : Microsoft-Server-ActiveSync
Path                                       :
Server                                     : CSMAIL
InternalUrl                                : https://csmail.badger.org/Microsoft-Server-ActiveSync
InternalAuthenticationMethods              : {}
ExternalUrl                                :
ExternalAuthenticationMethods              : {}
AdminDisplayName                           :
ExchangeVersion                            : 0.10 (14.0.100.0)
Name                                       : Microsoft-Server-ActiveSync (Default Web Site)
DistinguishedName                          : CN=Microsoft-Server-ActiveSync (Default Web Site),CN=HTTP,CN=Protocols,CN=
                                             CSMAIL,CN=Servers,CN=Exchange Administrative Group (FYDIBOHF23SPDLT),CN=Ad
                                             ministrative Groups,CN=First Organization,CN=Microsoft Exchange,CN=Service
                                             s,CN=Configuration,DC=badger,DC=org
Identity                                   : CSMAIL\Microsoft-Server-ActiveSync (Default Web Site)
Guid                                       : a958e0c2-f730-4894-9c3e-f474db930b32
ObjectCategory                             : badger.org/Configuration/Schema/ms-Exch-Mobile-Virtual-Directory
ObjectClass                                : {top, msExchVirtualDirectory, msExchMobileVirtualDirectory}
WhenChanged                                : 5/18/2010 1:25:55 PM
WhenCreated                                : 5/18/2010 1:25:55 PM
WhenChangedUTC                             : 5/18/2010 5:25:55 PM
WhenCreatedUTC                             : 5/18/2010 5:25:55 PM
OrganizationId                             :
OriginatingServer                          : csserv02.badger.org
IsValid                                    : True


-GET CLIENTACCESSSERVER

RunspaceId                           : b50bf789-df8d-4ce0-8383-5823345a0493
Name                                 : CSMAIL
Fqdn                                 : csmail.badger.org
OutlookAnywhereEnabled               : True
AutoDiscoverServiceCN                : csmail
AutoDiscoverServiceClassName         : ms-Exchange-AutoDiscover-Service
AutoDiscoverServiceInternalUri       : https://mail.craigschool.org/autodiscover/autodiscover.xml
AutoDiscoverServiceGuid              : 77378f46-2c66-4aa9-a6a6-3e7a48b19596
AutoDiscoverSiteScope                : {Default-First-Site-Name}
AlternateServiceAccountConfiguration :
IsValid                              : True
ExchangeVersion                      : 0.1 (8.0.535.0)
DistinguishedName                    : CN=CSMAIL,CN=Servers,CN=Exchange Administrative Group (FYDIBOHF23SPDLT),CN=Adm
                                       istrative Groups,CN=First Organization,CN=Microsoft Exchange,CN=Services,CN=Co
                                       iguration,DC=badger,DC=org
Identity                             : CSMAIL
Guid                                 : 5e55444b-c6c3-4f7e-a5f3-594d4e2aec42
ObjectCategory                       : badger.org/Configuration/Schema/ms-Exch-Exchange-Server
ObjectClass                          : {top, server, msExchExchangeServer}
WhenChanged                          : 6/11/2010 3:51:49 PM
WhenCreated                          : 3/16/2010 4:11:07 PM
WhenChangedUTC                       : 6/11/2010 7:51:49 PM
WhenCreatedUTC                       : 3/16/2010 8:11:07 PM
OrganizationId                       :
OriginatingServer                    : csserv02.badger.org

Open in new window

0
 
LVL 1

Author Comment

by:jchismar
ID: 33587310
Here is the Exchange connectivty ActiveSync Test.
ExRCA is testing Exchange ActiveSync.
 The Exchange ActiveSync test failed.
 Test Steps
 Attempting to resolve the host name mail.craigschool.org in DNS.
 Host successfully resolved
 Additional Details
 IP(s) returned: 24.190.161.84

Testing TCP Port 443 on host mail.craigschool.org to ensure it is listening and open.
 The port was opened successfully.
ExRCA is testing the SSL certificate to make sure it's valid.
 The certificate passed all validation requirements.
 Test Steps
 The certificate name is being validated.
 Successfully validated the certificate name
 Additional Details
 Found hostname mail.craigschool.org in Certificate Subject Common name

Validating certificate trust for Windows Mobile Devices
 The certificate is trusted and all certificates are present in the chain.
 Additional Details
 Certificate is trusted for Windows Mobile 5 and Later platforms. Root = CN=Entrust.net Secure Server Certification Authority, OU=(c) 1999 Entrust.net Limited, OU=www.entrust.net/CPS incorp. by ref. (limits liab.), O=Entrust.net, C=US

The certificate date is being confirmed to ensure the certificate is valid.
 Date validation passed. The certificate hasn't expired.
 Additional Details
 Certificate is valid: NotBefore = 6/21/2010 12:00:00 AM, NotAfter = 6/24/2013 11:59:59 PM"



The IIS configuration is being checked for client certificate authentication.
 Client certificate authentication was detected.
 Additional Details
 Accept/Require client certificates were found. Set the IIS configuration to Ignore Client Certificates if you aren't using this type of authentication.
0
 
LVL 1

Author Comment

by:jchismar
ID: 33587395
Ok,

I changed the SSL settings on Active Sync, checked the "Inherit Permissions" in AD on test user accounts and have gotten a bit further.  The ActiveSync connectivity test now runs successfully until this final error.

 An ActiveSync session is being attempted with the server.
  Errors were encountered while testing the ActiveSync session
   Test Steps
   ExRCA is attempting to send the OPTIONS command to the server.
  Testing of the OPTIONS command failed. For more information, see Additional Details.
   Additional Details
  A Web Exception occurred because an HTTP 401 - Unauthorized response was received from IIS7
 
 
 
0
 
LVL 28

Expert Comment

by:sunnyc7
ID: 33587874
Check Alan's article and include inhertiable permissions @ EAS error - options command

http://www.experts-exchange.com/Software/Server_Software/Email_Servers/Exchange/A_2861.html
0
 
LVL 1

Author Closing Comment

by:jchismar
ID: 33588146

Thanks guys.  The ActiveSync test pointed out a few of my issues...and Alan's article helped finish it off.
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 33588375
Ah - you migrated from an older Exchange server - this always happens - it is a "feature" that Microsoft has yet to iron out : )
Glad you are sorted and thanks for the points.
Alan
@Sunny - thanks for posting my article : )
0
 
LVL 28

Expert Comment

by:sunnyc7
ID: 33590706
You are welcome alan :)
0
 
LVL 1

Expert Comment

by:jjoz
ID: 35089440
hm.. I'm still getting this error

Checking the IIS configuration for client certificate authentication.
 	Client certificate authentication was detected.
 	
	Additional Details
 	Accept/Require client certificates were found. Set the IIS configuration to Ignore Client Certificates if you aren't using this type of authentication.

Open in new window


i wonder what to do then ?
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 35089461
>> i wonder what to do then ? <<

Posting your own question would be a good place to start.
0
 
LVL 1

Expert Comment

by:jjoz
ID: 35089480
oh yes, thanks mate
0

Featured Post

Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Following basic email etiquette rules will help you write a professional email and achieve a good, lasting impression with your contacts.
This article lists the top 5 free OST to PST Converter Tools. These tools save a lot of time for users when they want to convert OST to PST after their exchange server is no longer available or some other critical issue with exchange server or impor…
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…
This video demonstrates how to sync Microsoft Exchange Public Folders with smartphones using CodeTwo Exchange Sync and Exchange ActiveSync. To learn more about CodeTwo Exchange Sync and download the free trial, go to: http://www.codetwo.com/excha…

738 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question