Solved

Can not setup iPhone to access Exchange Server 2003 - Gives unable to verify account errors

Posted on 2011-02-26
17
697 Views
Last Modified: 2012-05-11
I am trying to add Excahnge email to iPhone iOS 4.2 and it keeps giving a "Unable to verify Account Info. error".

I follow the steps in the iPhone user manual:

Setup an Exchange account:
1) In settings choose "Mail, contacts.."

2) Add account, then choose Microsoft Exchange

3) Enter email address:  give full email address

enter Domain (optional):  Leave blank or fill in still same error

User name: try user name or user name with full email - same error
Password: provide

The first time it does not automatically find the server and then prompts for all info.
again and asks for server name:.

I enter in the IP address of our Exchange Server - Does not work with error.

NOTE1) Outlook Web access works fine with enter of http://IP address/exchange (tried this syntax also but failed).

NOTE2) Exchange 2003 setup for Outlook Mobile Access enabled and OWA enabled.  

NOTE3: Firewall is open for https (443), 80 etc..

Any ideas on what the problem is?
0
Comment
Question by:rdwolf
17 Comments
 
LVL 76

Accepted Solution

by:
Alan Hardisty earned 375 total points
ID: 34988238
0
 
LVL 74

Assisted Solution

by:Glen Knight
Glen Knight earned 125 total points
ID: 34988243
0
 
LVL 9

Expert Comment

by:djpazza
ID: 34989015
Try using domain\username format as the username
0
 
LVL 8

Expert Comment

by:pmorton23
ID: 35000145
also do not use the IP of the server. what is the name the ssl cert is using. you should use http://nameofsslcert.com/exchange

we use http://owa.ain1.com/exchange  

ssl must be checked on the phone
0
 

Author Comment

by:rdwolf
ID: 35001534
I was able to get the iPhone and also an iPad talking to the Exchange 2003 R2 Standard Server (with SP-2) and all updates applied.

I  was able to get it talking by doing:

email: <full user email>

Server: <IP address of Excahnge Server>

Domain:  <The Domain of Local Exchange Server>

User Name:  <User name to login to Server (not full e-mail address>

Password: <the Password>

Every time I setup the account it would  say:
"Exchange Account
Unable to verify account information"  

I then clicked "OK" and then choose save.  Then I went back in to the new email account
and turned off "SSL".   This then allowed the e-mail to work properly but without SSL enabled (whiich I need).

The hardware firewall and Server firewall both have SSL port 443 allowed and the "HTTP SSL" serivce is started (listed as manual start).  

When I do extrernal test of port 443 it says it is closed.  

What else did I need to change to get SSL port open on the Server 2003 with Exchange?
0
 
LVL 76

Assisted Solution

by:Alan Hardisty
Alan Hardisty earned 375 total points
ID: 35001600
You may find that port 443 is being grabbed by your router / firewall for remote management.  What sort of device is it (make / model)?

You can test for the port on www.canyouseeme.org and test port 443.
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 35001604
My article has all you need for how to get Activesync working using SSL - once you get the port open properly.
0
 

Author Comment

by:rdwolf
ID: 35001646
alanhardisty:

Thanks, right now I am trying to determine why the 443 port is not open per my last post.  

I
0
Highfive Gives IT Their Time Back

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 35001677
Please check your router as per my last but one comment.
0
 

Author Comment

by:rdwolf
ID: 35001828
The hardware firewall is a Juniper Netscreen NS-NGT-001
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 35001865
Can't seem to find that model on their website.
0
 

Author Comment

by:rdwolf
ID: 35001915
That Juniper Firewall is a bit older (End of Life for new sale) but still supported for few more years.

I checked the Admim -> Management screen and found:

HTTP port: 80
x SSL (SSL is checked)

HTTPS (SSL) port 443

cert- Default
ciph.. PC4_MD
Telenet 23.

So, friom above are you saying the Juniper firewall is not letting the access to port 443 through to Server?  

If I change the port to 8080 (or other) can I still access the firewalll using  http://a.b.c.d/8080?  I do not want to make a change to my firewall that prevents me from accessing etc..

Thanks
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 35001951
Yes - it will be grabbing port 443 for itself - so you need to change it to another port like 444 for example.

Change it to whatever you like and then test on www.canyouseeme.org for port 443 - you should see SUCCESS if all is well.
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 35001967
Changing the port to 8080 should allow you to control it remotely from http://a.b.c.d:8080 instead or https://a.b.c.d:8080
0
 

Author Comment

by:rdwolf
ID: 35006636
I updated the Juniper Hardware firewall and changed to port 8080 from 80 and even changed 443 to 1443 but this did not help.

Port 443 is still listed as closed when I do a port test from outside the network on Internet.  The iPhone will not communiate with SSL enabled eiither of course but only with SSL OFF.

Any other ideas on how to get the SSL port open and working for the iPhone?  I noticed Exchange IMAP4 service is disabled.  Is this Service needed on Server 2003 R2 Standard (SP-2 and latest updates)?  
0
 
LVL 76

Assisted Solution

by:Alan Hardisty
Alan Hardisty earned 375 total points
ID: 35019938
IMAP4 is not needed for Activesync - only port 443 for SSL or port 80 for Non SSL.

Do you use OWA and does it work?
0
 

Author Closing Comment

by:rdwolf
ID: 35134217
I isolated the issue to SSL. I need to get SSL working properly on the Server.  Suspect expired certificates is the rason for SSL Failure now.
0

Featured Post

Promote certifications in your email signature

Has your company recently won an award or achieved a certification? They'll no doubt want to show it off. Email signature images used to promote certifications & awards can instantly establish credibility with a recipient and provide you with numerous benefits.

Join & Write a Comment

Resolve DNS query failed errors for Exchange
This article explains in simple steps how to renew expiring Exchange Server Internal Transport Certificate.
In this video we show how to create a Distribution Group in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >>…
In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…

746 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now