• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1222
  • Last Modified:

Mobile device users prompted for password when connecting to Exchange 2003 through 2010 CAS

We are running in coexistence with Exchange 2010 and 2003.  I have set up the legacy namespace for OWA access and initially we were getting an "unspecified error" message when attempting to connect to OWA 2003 through our CAS array.  I found a TID that contained the fix, enabling forms based authentication on the 2003 OWA Exchange Virtual Server.  After enabling FBA we could connect to both 2010 and 2003 accounts through the CAS array using a web browser.  We also verified that our Exchange 2010 users with Android, iPhone and tablet devices could use their mail client with the external URL that we use for OWA set as their mail server (mail.xxxx.com).  However we found that our 2003 mailbox users got a pop-up window asking for their password, entering their network password did not work.  We tried recreating an iPhone user's mail profile and after entering her credentials she got a message that the server was unable to validate authentication.

I'm wondering if this is because we enabled FBA on the 2003 OWA server but I'm not sure how to resolve this.  We need our 2003 users to be able to access OWA through a web browser and still be able to use their mobile device mail clients.
0
Marc_Johnson
Asked:
Marc_Johnson
2 Solutions
 
Allan MartinsICT TechnicianCommented:
tried using their credentials with the full username path (domainname\username) ?
0
 
AmitIT ArchitectCommented:
You need to use form based authentication only once. Prefer is 2010
0
 
AmitIT ArchitectCommented:
Ignore my above post, that was for if we have exchange 2010 in multiple sites. For coexist, follow this kb

http://technet.microsoft.com/en-us/library/ee332348.aspx

Read all steps and apply it.
0
Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

 
endital1097Commented:
you need to ensure that you have Windows integrated authentication enabled on the Microsoft-Server-ActiveSync virtual directory on your 2003 backend server
this needs to be set thru Exchange System Manager

you may need to following hotfix to enable this
http://support.microsoft.com/kb/937031
0
 
Marc_JohnsonAuthor Commented:
That was exactly it, I did not have integrated Windows authentication enabled on the ActiveSync on the 2003 front end server.  Once I enabled this our 2003 users were able to connect to Exchange through their mobile devices.  I am accepting the solutions for both amitkulshrestha and  endital1097 because they both referenced the fix in their solutions.  

Much thanks to both of you for the solution!
0
 
Marc_JohnsonAuthor Commented:
I also forgot to mention that I did apply the hotfix referred to in both solutions above before enabling Windows integrated authentication.  Note: if you are running Exchange 2003 in a clustered environment you need to stop the cluster service before applying the hotfix to the nodes in the cluster.
0
 
AmitIT ArchitectCommented:
Thanks for your valuable inputs.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now