• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 715
  • Last Modified:

Can not setup iPhone to access Exchange Server 2003 - Gives unable to verify account errors

I am trying to add Excahnge email to iPhone iOS 4.2 and it keeps giving a "Unable to verify Account Info. error".

I follow the steps in the iPhone user manual:

Setup an Exchange account:
1) In settings choose "Mail, contacts.."

2) Add account, then choose Microsoft Exchange

3) Enter email address:  give full email address

enter Domain (optional):  Leave blank or fill in still same error

User name: try user name or user name with full email - same error
Password: provide

The first time it does not automatically find the server and then prompts for all info.
again and asks for server name:.

I enter in the IP address of our Exchange Server - Does not work with error.

NOTE1) Outlook Web access works fine with enter of http://IP address/exchange (tried this syntax also but failed).

NOTE2) Exchange 2003 setup for Outlook Mobile Access enabled and OWA enabled.  

NOTE3: Firewall is open for https (443), 80 etc..

Any ideas on what the problem is?
4 Solutions
Alan HardistyCo-OwnerCommented:
Try using domain\username format as the username
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

also do not use the IP of the server. what is the name the ssl cert is using. you should use http://nameofsslcert.com/exchange

we use http://owa.ain1.com/exchange 

ssl must be checked on the phone
rdwolfAuthor Commented:
I was able to get the iPhone and also an iPad talking to the Exchange 2003 R2 Standard Server (with SP-2) and all updates applied.

I  was able to get it talking by doing:

email: <full user email>

Server: <IP address of Excahnge Server>

Domain:  <The Domain of Local Exchange Server>

User Name:  <User name to login to Server (not full e-mail address>

Password: <the Password>

Every time I setup the account it would  say:
"Exchange Account
Unable to verify account information"  

I then clicked "OK" and then choose save.  Then I went back in to the new email account
and turned off "SSL".   This then allowed the e-mail to work properly but without SSL enabled (whiich I need).

The hardware firewall and Server firewall both have SSL port 443 allowed and the "HTTP SSL" serivce is started (listed as manual start).  

When I do extrernal test of port 443 it says it is closed.  

What else did I need to change to get SSL port open on the Server 2003 with Exchange?
Alan HardistyCo-OwnerCommented:
You may find that port 443 is being grabbed by your router / firewall for remote management.  What sort of device is it (make / model)?

You can test for the port on www.canyouseeme.org and test port 443.
Alan HardistyCo-OwnerCommented:
My article has all you need for how to get Activesync working using SSL - once you get the port open properly.
rdwolfAuthor Commented:

Thanks, right now I am trying to determine why the 443 port is not open per my last post.  

Alan HardistyCo-OwnerCommented:
Please check your router as per my last but one comment.
rdwolfAuthor Commented:
The hardware firewall is a Juniper Netscreen NS-NGT-001
Alan HardistyCo-OwnerCommented:
Can't seem to find that model on their website.
rdwolfAuthor Commented:
That Juniper Firewall is a bit older (End of Life for new sale) but still supported for few more years.

I checked the Admim -> Management screen and found:

HTTP port: 80
x SSL (SSL is checked)

HTTPS (SSL) port 443

cert- Default
ciph.. PC4_MD
Telenet 23.

So, friom above are you saying the Juniper firewall is not letting the access to port 443 through to Server?  

If I change the port to 8080 (or other) can I still access the firewalll using  http://a.b.c.d/8080?  I do not want to make a change to my firewall that prevents me from accessing etc..

Alan HardistyCo-OwnerCommented:
Yes - it will be grabbing port 443 for itself - so you need to change it to another port like 444 for example.

Change it to whatever you like and then test on www.canyouseeme.org for port 443 - you should see SUCCESS if all is well.
Alan HardistyCo-OwnerCommented:
Changing the port to 8080 should allow you to control it remotely from http://a.b.c.d:8080 instead or https://a.b.c.d:8080
rdwolfAuthor Commented:
I updated the Juniper Hardware firewall and changed to port 8080 from 80 and even changed 443 to 1443 but this did not help.

Port 443 is still listed as closed when I do a port test from outside the network on Internet.  The iPhone will not communiate with SSL enabled eiither of course but only with SSL OFF.

Any other ideas on how to get the SSL port open and working for the iPhone?  I noticed Exchange IMAP4 service is disabled.  Is this Service needed on Server 2003 R2 Standard (SP-2 and latest updates)?  
Alan HardistyCo-OwnerCommented:
IMAP4 is not needed for Activesync - only port 443 for SSL or port 80 for Non SSL.

Do you use OWA and does it work?
rdwolfAuthor Commented:
I isolated the issue to SSL. I need to get SSL working properly on the Server.  Suspect expired certificates is the rason for SSL Failure now.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now