We value your feedback.
Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!
Course Of The Month
5 days, 4 hours left to enrollBecome a Premium Member and unlock a new, free course in leading technologies each month.
Solved
Setting up OWA on an iphoneiphone 4
Posted on 2011-03-07
Hello EE. I am having a hell of a time trying to get one iphone4 user to to access OWA on Exchange 2010. I was able to successfyully set up 3 others with no problem. It keeps giving me "Exchange Account Unable to verify account information."
The only difference between her phone and the others is the OS is running 4.2.1 and the others are running 4.1. Inheritable permissions is checked on her AD profile. I was getting event id 1503:
Exchange ActiveSync doesn't have sufficient permissions to create the "CN=User,OU=XXXXX_XXXXX Administrators,DC=MHACS,DC
Active directory response: 00000005: SecErr: DSID-031521D0, problem 4003 (INSUFF_ACCESS_RIGHTS), data 0
".
Make sure the user has inherited permission granted to domain\Exchange Servers to allow List, Create child, Delete child of object type "msExchangeActiveSyncDevic
Details:%3
After checking allow inheritable rights in security tab I stopped getting that error but I still can not sync the phone. I tried with and without SSL. I do have a valid SSL ceert from GoDaddy. The other 3 phones gave no problems.. I have Exchange 2010 running on Windows 2008 R2 standard with a DC running Win 2008 R2 Enterprise. My luck she happens to be an Executive Administrator and is a domain admin as well. Any help would be appreciated.
The only difference between her phone and the others is the OS is running 4.2.1 and the others are running 4.1. Inheritable permissions is checked on her AD profile. I was getting event id 1503:
Exchange ActiveSync doesn't have sufficient permissions to create the "CN=User,OU=XXXXX_XXXXX Administrators,DC=MHACS,DC
Active directory response: 00000005: SecErr: DSID-031521D0, problem 4003 (INSUFF_ACCESS_RIGHTS), data 0
".
Make sure the user has inherited permission granted to domain\Exchange Servers to allow List, Create child, Delete child of object type "msExchangeActiveSyncDevic
Details:%3
After checking allow inheritable rights in security tab I stopped getting that error but I still can not sync the phone. I tried with and without SSL. I do have a valid SSL ceert from GoDaddy. The other 3 phones gave no problems.. I have Exchange 2010 running on Windows 2008 R2 standard with a DC running Win 2008 R2 Enterprise. My luck she happens to be an Executive Administrator and is a domain admin as well. Any help would be appreciated.
[X]
Welcome to Experts Exchange
Add your voice to the tech community where 5M+ people just like you are talking about what matters.
- Help others & share knowledge
- Earn cash & points
- Learn & ask questions
-
13
12
26 Comments
You have verified that ActiveSync is enabled for the mailbox in exchange?
Can the user use the web browser to access OWA through the phone?
Can the user use the web browser to access OWA through the phone?
Active today
Are you adding /owa to the end of the Fully Qualified Domain Name that you are configuring your iPhone with? If you are - you should not be - you only should be entering something like mail.domain.com and not mail.domain.com/owa
FYI - OWA is Outlook Web Access and has nothing to do with getting mail to an iPhone. What you are referring to is Activesync.
FYI - OWA is Outlook Web Access and has nothing to do with getting mail to an iPhone. What you are referring to is Activesync.
Active 1 day ago
Well I am trying to configure the iPhone to get email. Where it asks for the server i put the OWA link with the /owa. I will try it without it
Active today
With Activesync - you Never add anything after .com and if anyone tells you otherwise, they are wrong!
Active today
Email Address: users email address e.g. user@domain.com
Server: Whatever the certificate name includes e.g. mail.domain.com or www.domain.com or whatever you have configured
Domain: Internal Domain Name e.g., internaldomain (not internaldomain.local
Username: Users username e.g., user
Password: Users network password
Description: Whatever takes your fancy to describe the account on the phone.
Server: Whatever the certificate name includes e.g. mail.domain.com or www.domain.com or whatever you have configured
Domain: Internal Domain Name e.g., internaldomain (not internaldomain.local
Username: Users username e.g., user
Password: Users network password
Description: Whatever takes your fancy to describe the account on the phone.
Active today
Okay - can you please run the Exchange Activesync Test (Not Exchange Activesync Autodiscover Test) on https://testexchangeconnectivity.com and port the results (hiding your domain name / IP Address).
Please run one for the working user and one for the non-working user and post both results.
Thanks
Alan
Please run one for the working user and one for the non-working user and post both results.
Thanks
Alan
Active 1 day ago
I do not have access to the wtestorking one but this is what I got from the non working one
Microsoft-Exchange-Server-Remote.htm
Microsoft-Exchange-Server-Remote.htm
Active today
Sorry - that doesn't work - you can copy / paste the results but the .htm page doesn't show anything other than the Initial site page.
Alan
Alan
Active 1 day ago
It won't let me copy. It complains about the security settings in my browse. Let me try something different.
Active 1 day ago
The last part of the test failed. this is what it said.
An ActiveSync session is being attempted with the server.
Errors were encountered while testing the Exchange ActiveSync session.
Test Steps
Attempting to send the OPTIONS command to the server.
The OPTIONS response was successfully received and is valid.
Additional Details
Headers received: Allow: OPTIONS,POST
MS-Server-ActiveSync: 14.1
MS-ASProtocolVersions: 2.0,2.1,2.5,12.0,12.1,14.0
MS-ASProtocolCommands: Sync,SendMail,SmartForward
Public: OPTIONS,POST
Content-Length: 0
Cache-Control: private
Date: Mon, 07 Mar 2011 21:37:22 GMT
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Attempting the FolderSync command on the Exchange ActiveSync session.
The test of the FolderSync command failed.
Tell me more about this issue and how to resolve it
Additional Details
Exchange ActiveSync returned an HTTP 500 response.
An ActiveSync session is being attempted with the server.
Errors were encountered while testing the Exchange ActiveSync session.
Test Steps
Attempting to send the OPTIONS command to the server.
The OPTIONS response was successfully received and is valid.
Additional Details
Headers received: Allow: OPTIONS,POST
MS-Server-ActiveSync: 14.1
MS-ASProtocolVersions: 2.0,2.1,2.5,12.0,12.1,14.0
MS-ASProtocolCommands: Sync,SendMail,SmartForward
Public: OPTIONS,POST
Content-Length: 0
Cache-Control: private
Date: Mon, 07 Mar 2011 21:37:22 GMT
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Attempting the FolderSync command on the Exchange ActiveSync session.
The test of the FolderSync command failed.
Tell me more about this issue and how to resolve it
Additional Details
Exchange ActiveSync returned an HTTP 500 response.
Active today
Okay - you say you have checked the Inherited permissions - please uncheck - apply - then re-check and apply - then test again.
Active today
Is the user an Admin by any chance?
Check my article:
http://www.experts-exchange.com/Software/Server_Software/Email_Servers/Exchange/A_2861-Activesync-Working-But-Only-For-Some-Users-On-Exchange-2007-2010.html
There is also a workaround for this here:
http://retrohack.com/enable-activesync-outlook-anywhere-exchange-2010/
Check my article:
http://www.experts-exchange.com/Software/Server_Software/Email_Servers/Exchange/A_2861-Activesync-Working-But-Only-For-Some-Users-On-Exchange-2007-2010.html
There is also a workaround for this here:
http://retrohack.com/enable-activesync-outlook-anywhere-exchange-2010/
Featured Post
June’s Course of the Month is now available! Experts Exchange’s Premium Members, Team Accounts, and Qualified Experts have access to a complimentary course each month as part of their membership—an extra way to sharpen your skills and increase training.
Question has a verified solution.
If you are experiencing a similar issue, please ask a related question
Lotus Notes – formerly IBM Notes – is an email client application, while IBM Domino (earlier Lotus Domino) is an email server. The client possesses a set of features that are even more advanced as compared to that of Outlook. Likewise, IBM Domino is…
Read this checklist to learn more about the 15 things you should never include in an email signature.
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012.
Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA).
For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651
If you want to manage em…
Suggested Courses
Course of the Month5 days, 4 hours left to enroll
Earn Certification
MCSA Configuring Windows 7 Exam 70-680
$49.00$44.10
688 members asked questions and received personalized solutions in the past 7 days.
Join the community of 500,000 technology professionals and ask your questions.