Solved

iPhone 5C Unable to Verify Information when adding exchange 2010 Account

Posted on 2014-01-07
8
4,581 Views
Last Modified: 2014-01-13
Environment Exchange 2010 - I am Domain Admin, used iPhone 4S on ios 6 for 18 months using EAS with no problems.  Recently got iPhone 5C ios 7 for testing purposes and getting the  "Unable to Verify Account Information.

To add the account I have tried using "mobile data" and "Wireless Routers" in both my home and business environment.

My AD account is not locked out.

I have selected the security tab and reconfirmed inherit permissions which was the step required post upgrade from exchange 2003 to 2010 two years ago.  Even though other members of the team do not  have this box ticked and they are able to set up their exchange on this same device.

I have also tried it with it matching a user who can add their account with the inherit box unticked.

I have wiped phone and re set up as brand new handset.

I have migrated my mailbox to a different mailbox database on a different siteand attempted to re add.

I have added the account saved then turned off use SSL at this point i am continually prompted for exchange account password.  It does not accept my exchange password for this.

I have tried using OWA on the handset and it contimually asks for password again this feature has always operated fine.

I believe their is a deeper issue with my AD profile but i would not know where to start.

This has worked for other users and other domain admins so the problem is not the handset.

Anybody had this before? Any solutions?

Can anybody make any suggestions as to if my AD profile could become corrupt in a manner that would affect my authentication like this.  ?
0
Comment
Question by:FMabey
  • 4
  • 3
8 Comments
 
LVL 1

Expert Comment

by:jlipschitz
ID: 39762634
Have you verified that the device is authorized to access Exchange?  
Check out the article below for more information on that:
http://exchangeserverpro.com/creating-activesync-device-access-rules-exchange-server-2010/

If a device is not authorized, you can get the Unable to Verify Account Information message that you stated.
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 39762639
You shouldn't run an Activesync mobile whilst being a domain Admin - whilst it can work, it won't allow you to add new devices because of security permissions.

Please have a read of my article for details:

http://www.experts-exchange.com/Software/Server_Software/Email_Servers/Exchange/A_2861-Activesync-Working-But-Only-For-Some-Users-On-Exchange-2007-2010.html

You could re-add the Inherited permissions on your account and quickly add the iPhone, but the inherited permissions will be removed hourly afterwards, so this is why MS recommend one account for Admins and one account for users and the Admins shouldn't use Mobile Accounts on those Admin accounts.

Alan
0
 
LVL 3

Author Comment

by:FMabey
ID: 39764561
Jlipschitz:
From that post it looks like i need to allow this particiular handset to connect, my colleague who has exactly the same permissions has set up his account on the very handset that does not allow me to connect and it works.

He puts in his credentials all the ticks, delete his account and add my credentials and unable to verify.

Alan:
I believe what you are saying but i find this difficult to comprehend as I was working fine on an iphone 4s for 18 months then mid december i started testing this iphone 5c, there has been no change to how i interact with the network.  I am the only person experiencing this problem in a  department of domain admins.  Its my personal network account (that has admin priviliges) not the administrator account that we complete the bulk of the administration with.

does the information here change any of the suggestions diagnosis?
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 39764570
Can you add your colleagues account to your phone happily?  If you can, that rules out a problem with the handset.

Check your inherited permissions - they are probably unchecked.  If you tick the box, then add the account to your phone, it should hopefully add happily.

Once the sdprop process runs again, the inherited permissions will be removed and at that point, adding new accounts will be a problem again.

Alan
0
Don't lose your head updating email signatures!

Do your end users still have the wrong email signature? Do email signature updates bore you or fill you with a sense of dread? You can make this a whole lot easier on yourself by trusting an Exclaimer email signature management solution. Over 50 million users do...so should you!

 
LVL 3

Author Comment

by:FMabey
ID: 39764638
Colleague account is fine on the very same handset.

I have unticked the inherit apply ok and have just tried it 10 times, i then replicated sites and services just as a precaution proibably not necessary and treid again but nothing.

We tried adding my account to his company phone and it wouldnt work also tried adding it to an iphone 4s on ios 6 that wouldnt work so it is my individual account.  I just dont see anyway around it if everybody is working fine including using my devices.

where do we go from here?
0
 
LVL 3

Accepted Solution

by:
FMabey earned 0 total points
ID: 39764706
SOLUTION:   Several weeks back myself and a collleague were just running some test on the Account Tab of Active Directory. If you select Log On To and specify your machine for the purpose of ensuring a particular user can only use a specified machine.   As we just discovered it also stops the use of mobile phones.....who knew that!

So removed my machine then select allow "allow log on to all computers"  

issue resolved...

Thanks for everybodies input into this, maybe this will come in handy for someone else in the future.
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 39764730
That makes perfect sense - but never seen that before cause problems with Activesync, but one for the memory bank!

Alan
0
 
LVL 3

Author Closing Comment

by:FMabey
ID: 39776046
Self diagnosis
0

Featured Post

Don't lose your head updating email signatures!

Do your end users still have the wrong email signature? Do email signature updates bore you or fill you with a sense of dread? You can make this a whole lot easier on yourself by trusting an Exclaimer email signature management solution. Over 50 million users do...so should you!

Join & Write a Comment

Suggested Solutions

Title # Comments Views Activity
lync 2013 7 33
exchange, transaction logs 3 27
Rename the Clutter folder in Office365 3 36
Active Directory screwed 9 34
We are happy to announce a brand new addition to our line of acclaimed email signature management products – CodeTwo Email Signatures for Office 365.
Find out how to use Active Directory data for email signature management in Microsoft Exchange and Office 365.
In this video we show how to create a Distribution Group in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >>…
In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now