Solved

Exchange 2010 and IPhone

Posted on 2010-09-01
17
1,222 Views
Last Modified: 2012-05-10

Can anyone explain to me what if anything needs to be set up on Exchange 2010 for IPhone and other Smart Phone users to log in and retrieve email.

I followed the configuration settings which are included under the Outlook Web App but have been successful.  I actually get as far as being prompted for a password, but it continually rejects my current/correct password.

Any ideas?
0
Comment
Question by:jchismar
  • 5
  • 4
  • 4
  • +3
17 Comments
 
LVL 9

Expert Comment

by:pcchiu
ID: 33579851
There's no special setup require from the exchange 2010.
You may need to specific the domain name for the iphone, also check and make sure the SSL option(on)
Try to retype the server name, username and password and set the account up manually instead of using the automatic setup.
0
 
LVL 28

Accepted Solution

by:
sunnyc7 earned 250 total points
ID: 33579927
get-activesyncvirtualdirectory | fl

run that and output it here.
0
 
LVL 14

Expert Comment

by:Shabarinath Ramadasan
ID: 33580024
iPhone works using Active Sync.
If your environment is configured with Active Sync, then you should be able to.

https://www.testexchangeconnectivity.com/

Check the active sync status using the above site.

Thanks
Shaba
0
 
LVL 76

Assisted Solution

by:Alan Hardisty
Alan Hardisty earned 250 total points
ID: 33581816
I installed my Exchange 2010 server, installed a 3rd party SSL certificate and it worked straight away.

Have you bought an SSL certificate or are you using the default one?

For Activesync to work, the certificate name has to have a Fully Qualified Domain Name in the certificate that matches and resolves to the servers IP address externally.  Without that, you are on a hiding to nowhere.
0
 
LVL 1

Author Comment

by:jchismar
ID: 33586249
I did buy a third party certificate from DigiCert.  However, our internal domain is named differently than our external domain.   We initially had certificate errors on the inside of our network because of this, but I was able to fix that.

I think my inability to login may have something to do with this issue...?

Any suggestions?
0
 
LVL 28

Expert Comment

by:sunnyc7
ID: 33586832
Can you run this and output the results here

get-activesyncvirtualdirectory | fl
get-clientaccessserver | fl

thanks
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 33586863
Please visit https://testexchangeconnectivity.com and run the Exchange Activesync test.
Specify manual server settings and post the results please.
0
 
LVL 1

Author Comment

by:jchismar
ID: 33587258

Attached is the response for both -getactivesynvitualdirectory and client access server
[PS] C:\Users\administrator.BADGER\Desktop>get-activesyncvirtualdirectory | fl





RunspaceId                                 : b50bf789-df8d-4ce0-8383-5823345a0493

MobileClientFlags                          : BadItemReportingEnabled, SendWatsonReport

MobileClientCertificateProvisioningEnabled : False

BadItemReportingEnabled                    : True

SendWatsonReport                           : True

MailboxLoggingEnabled                      : False

MobileClientCertificateAuthorityURL        :

MobileClientCertTemplateName               :

ActiveSyncServer                           :

RemoteDocumentsActionForUnknownServers     : Allow

RemoteDocumentsAllowedServers              : {}

RemoteDocumentsBlockedServers              : {}

RemoteDocumentsInternalDomainSuffixList    : {}

MetabasePath                               : IIS://csmail.badger.org/W3SVC/1/ROOT/Microsoft-Server-ActiveSync

BasicAuthEnabled                           : True

WindowsAuthEnabled                         : False

CompressionEnabled                         : True

ClientCertAuth                             : Accepted

WebsiteName                                : Default Web Site

WebSiteSSLEnabled                          : True

VirtualDirectoryName                       : Microsoft-Server-ActiveSync

Path                                       :

Server                                     : CSMAIL

InternalUrl                                : https://csmail.badger.org/Microsoft-Server-ActiveSync

InternalAuthenticationMethods              : {}

ExternalUrl                                :

ExternalAuthenticationMethods              : {}

AdminDisplayName                           :

ExchangeVersion                            : 0.10 (14.0.100.0)

Name                                       : Microsoft-Server-ActiveSync (Default Web Site)

DistinguishedName                          : CN=Microsoft-Server-ActiveSync (Default Web Site),CN=HTTP,CN=Protocols,CN=

                                             CSMAIL,CN=Servers,CN=Exchange Administrative Group (FYDIBOHF23SPDLT),CN=Ad

                                             ministrative Groups,CN=First Organization,CN=Microsoft Exchange,CN=Service

                                             s,CN=Configuration,DC=badger,DC=org

Identity                                   : CSMAIL\Microsoft-Server-ActiveSync (Default Web Site)

Guid                                       : a958e0c2-f730-4894-9c3e-f474db930b32

ObjectCategory                             : badger.org/Configuration/Schema/ms-Exch-Mobile-Virtual-Directory

ObjectClass                                : {top, msExchVirtualDirectory, msExchMobileVirtualDirectory}

WhenChanged                                : 5/18/2010 1:25:55 PM

WhenCreated                                : 5/18/2010 1:25:55 PM

WhenChangedUTC                             : 5/18/2010 5:25:55 PM

WhenCreatedUTC                             : 5/18/2010 5:25:55 PM

OrganizationId                             :

OriginatingServer                          : csserv02.badger.org

IsValid                                    : True





-GET CLIENTACCESSSERVER



RunspaceId                           : b50bf789-df8d-4ce0-8383-5823345a0493

Name                                 : CSMAIL

Fqdn                                 : csmail.badger.org

OutlookAnywhereEnabled               : True

AutoDiscoverServiceCN                : csmail

AutoDiscoverServiceClassName         : ms-Exchange-AutoDiscover-Service

AutoDiscoverServiceInternalUri       : https://mail.craigschool.org/autodiscover/autodiscover.xml

AutoDiscoverServiceGuid              : 77378f46-2c66-4aa9-a6a6-3e7a48b19596

AutoDiscoverSiteScope                : {Default-First-Site-Name}

AlternateServiceAccountConfiguration :

IsValid                              : True

ExchangeVersion                      : 0.1 (8.0.535.0)

DistinguishedName                    : CN=CSMAIL,CN=Servers,CN=Exchange Administrative Group (FYDIBOHF23SPDLT),CN=Adm

                                       istrative Groups,CN=First Organization,CN=Microsoft Exchange,CN=Services,CN=Co

                                       iguration,DC=badger,DC=org

Identity                             : CSMAIL

Guid                                 : 5e55444b-c6c3-4f7e-a5f3-594d4e2aec42

ObjectCategory                       : badger.org/Configuration/Schema/ms-Exch-Exchange-Server

ObjectClass                          : {top, server, msExchExchangeServer}

WhenChanged                          : 6/11/2010 3:51:49 PM

WhenCreated                          : 3/16/2010 4:11:07 PM

WhenChangedUTC                       : 6/11/2010 7:51:49 PM

WhenCreatedUTC                       : 3/16/2010 8:11:07 PM

OrganizationId                       :

OriginatingServer                    : csserv02.badger.org

Open in new window

0
Why spend so long doing email signature updates?

Do you spend loads of your time carrying out email signature updates? Not very interesting are they? Don’t let signature updates get you down. Let Exclaimer Cloud - Signatures for Office 365 make managing email signatures a breeze.

 
LVL 1

Author Comment

by:jchismar
ID: 33587310
Here is the Exchange connectivty ActiveSync Test.
ExRCA is testing Exchange ActiveSync.
 The Exchange ActiveSync test failed.
 Test Steps
 Attempting to resolve the host name mail.craigschool.org in DNS.
 Host successfully resolved
 Additional Details
 IP(s) returned: 24.190.161.84

Testing TCP Port 443 on host mail.craigschool.org to ensure it is listening and open.
 The port was opened successfully.
ExRCA is testing the SSL certificate to make sure it's valid.
 The certificate passed all validation requirements.
 Test Steps
 The certificate name is being validated.
 Successfully validated the certificate name
 Additional Details
 Found hostname mail.craigschool.org in Certificate Subject Common name

Validating certificate trust for Windows Mobile Devices
 The certificate is trusted and all certificates are present in the chain.
 Additional Details
 Certificate is trusted for Windows Mobile 5 and Later platforms. Root = CN=Entrust.net Secure Server Certification Authority, OU=(c) 1999 Entrust.net Limited, OU=www.entrust.net/CPS incorp. by ref. (limits liab.), O=Entrust.net, C=US

The certificate date is being confirmed to ensure the certificate is valid.
 Date validation passed. The certificate hasn't expired.
 Additional Details
 Certificate is valid: NotBefore = 6/21/2010 12:00:00 AM, NotAfter = 6/24/2013 11:59:59 PM"



The IIS configuration is being checked for client certificate authentication.
 Client certificate authentication was detected.
 Additional Details
 Accept/Require client certificates were found. Set the IIS configuration to Ignore Client Certificates if you aren't using this type of authentication.
0
 
LVL 1

Author Comment

by:jchismar
ID: 33587395
Ok,

I changed the SSL settings on Active Sync, checked the "Inherit Permissions" in AD on test user accounts and have gotten a bit further.  The ActiveSync connectivity test now runs successfully until this final error.

 An ActiveSync session is being attempted with the server.
  Errors were encountered while testing the ActiveSync session
   Test Steps
   ExRCA is attempting to send the OPTIONS command to the server.
  Testing of the OPTIONS command failed. For more information, see Additional Details.
   Additional Details
  A Web Exception occurred because an HTTP 401 - Unauthorized response was received from IIS7
 
 
 
0
 
LVL 28

Expert Comment

by:sunnyc7
ID: 33587874
Check Alan's article and include inhertiable permissions @ EAS error - options command

http://www.experts-exchange.com/Software/Server_Software/Email_Servers/Exchange/A_2861.html
0
 
LVL 1

Author Closing Comment

by:jchismar
ID: 33588146

Thanks guys.  The ActiveSync test pointed out a few of my issues...and Alan's article helped finish it off.
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 33588375
Ah - you migrated from an older Exchange server - this always happens - it is a "feature" that Microsoft has yet to iron out : )
Glad you are sorted and thanks for the points.
Alan
@Sunny - thanks for posting my article : )
0
 
LVL 28

Expert Comment

by:sunnyc7
ID: 33590706
You are welcome alan :)
0
 
LVL 1

Expert Comment

by:jjoz
ID: 35089440
hm.. I'm still getting this error

Checking the IIS configuration for client certificate authentication.
 	Client certificate authentication was detected.
 	
	Additional Details
 	Accept/Require client certificates were found. Set the IIS configuration to Ignore Client Certificates if you aren't using this type of authentication.

Open in new window


i wonder what to do then ?
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 35089461
>> i wonder what to do then ? <<

Posting your own question would be a good place to start.
0
 
LVL 1

Expert Comment

by:jjoz
ID: 35089480
oh yes, thanks mate
0

Featured Post

Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

Join & Write a Comment

Suggested Solutions

Find out how to use Active Directory data for email signature management in Microsoft Exchange and Office 365.
Follow this checklist to learn more about the 15 things you should never include in an email signature from personal quotes, animated gifs and out-of-date marketing content.
In this video we show how to create a mailbox database in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Servers >> Data…
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager

706 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now