iPhone exchange mail working for one user but not another

lemonville used Ask the Experts™
Hi All,

We are currently having a problem where we have some users who can connect to Exchange via iPhones and others who can not.

Obviously the variable here being the user I would have assumed this would be a setting in Active Directory, although I've been through every setting I can find and there is no difference (apart from Group Memberships).

The error they are receiving is "Cannot get Mail,  The connection to Server failed".

We are running Windows SBS 2003 SP2.

As I've mentioned, if I reconfigure the device to use my own, or both of my bosses usernames in the exchange mail configuration, it works.

It would be good to note, I had been looking into getting exchange working for iPad for both of my bosses and also used my own account during this testing phase, so there could have been some user-based setting changed during that time, although I can not for the life of me remember what it is (proof that documentation is priceless!)

We are trying to connect using the OWA address secure.example.co.nz, which all users have access to.

I have run the Microsoft Active Sync Testing (testexchangeconnectivity.com) tool for myself which comes back clean. If I run it for a user which is not working is comes back with the following error:

        ExRCA is attempting the FolderSync command on the Exchange ActiveSync session.
       The test of the FolderSync command failed.
      Additional Details
       An HTTP 403 forbidden response was received. The response appears to have come from Unknown. Body is: <body><h2>HTTP/1.1 403 Forbidden</h2></body>

I also noticed in the Event Log of the server that there are multiple HTTP 409 errors coming up (this is regardless of which user is connecting so I don't believe this is related).

I have ensured that Forms Based Authentication is turned off on the Exchange HTTP Protocol.
I have ensured all the IIS settings are correct.
I have tried connecting with both SSL enabled and disabled.
We do have a purchased SSL certificate.

I am about to read and follow through the article:
How to reset the default virtual directories that are required to provide Outlook Web Access, Exchange ActiveSync, and Outlook Mobile Access services in Exchange Server 2003 (kb 883380).

I have read through quite a few forums and experts-exchange articles / questions and have tried all instructions included in them to no avail.

Please any help would be very much appreciated.
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
My guess is that someone was tinkering with IIS and not using the SBS wizard to configure IIS.  Check this article out.


The bosses probably work because they are admin/power users which have more rights.


Thanks for your reply Brian.

Amazing work - your help was very much appreciated!


FYI - Issue was that annonymous access was enabled on the Microsoft-Server-Active Sync virtual directory.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial