Solved

Cannot access Exchange 2010 with smartphone

Posted on 2014-03-04
8
995 Views
Last Modified: 2014-11-12
We have set up an Exchange 2010 server along side Exchange 2003 for testing and have moved a dozen or so users over, including me. I can send and receive mail OK.  I could access my mail before on my Windows phone or Android device before I moved my mailbox by using the IP address on our internet facing router in the settings when I configured my devices.

Inbound connections from the router goes to our Watchguard device which sends mail to the IP of our spam filter, a WatchGuard device. From there it is all sent to the IP address of Exchange 2003 server. Since I moved my mailbox to the Exchange 2010 server I cannot get mail on my phone or tablet anymore. I assume it is because the spam filter is sending everything to the IP of the Exchange 2003 server, but why are the send-receive connectors not putting me thru to the new Exchange 2010 server?
0
Comment
Question by:LarryDAH
  • 3
  • 3
  • 2
8 Comments
 
LVL 10

Expert Comment

by:Vijaya Babu Sekar
Comment Utility
You can enable the inheritance from ADUC-> user's properties-> security->advanced-> enabled the inheritance, then you can check. Thanks.
0
 

Author Comment

by:LarryDAH
Comment Utility
I enabled it for my account but still no email. Also, for some reason, it keeps resetting back to 'disabled'.
0
 
LVL 11

Expert Comment

by:hecgomrec
Comment Utility
If your 2003 Server is still your "MAIN" server you are not going to be able to open a much newer mailbox on your 2010 Server.  This is by design.

Put your 2010 server as your "Main" server by changing in your router and DNS Server all records that points to your old server to point the new one.

You are going to get your messages back in your mobile and in your computer, but this will bring some issues somewhere else, your OWA will need to be setup and redirected to match the new server settings and if someone uses OWA and is on the 2003 server they won't be able to open their mailboxes... like you where not able to open yours from the phone.

Users will get the following error:

"Your request couldn't be completed because no server with the correct security settings was found to handle the request. If the problem continues, contact your helpdesk."


Reason:   You haven’t set Exchange 2010’s CAS server for it to know what is the URL for your Exchange 2010 Outlook Web App and what is the URL for your legacy Exchange 2003 Outlook Web Access.

Solution:  Open Exchange Management Shell and execute the following by replacing the server with yours:

Get-OwaVirtualDirectory -server internalCASserverName | Set-OwaVirtualDirectory -externalURL https://webmail.yourDomain.com/OWA -Exchange2003URL https://legacy.yourDomain.com/exchange


If your mail flow stop, you might need to add in your 2010 using the EMC under Server Configuration->Hub Transport-Default ServerName receive connector, properties, permission groups "Anonymous users".

You will also have to install a certificate, if your internal and external domains are not the same on the certificate and you can get a "general" certificate or one with up to 5 names on it your users will get the following error message on outlook:

Outlook 2007 security warning: "The name of the security certificate is invalid or does not match the name of the site"

Follow this link to fix that: http://support.microsoft.com/kb/940726
0
 

Author Comment

by:LarryDAH
Comment Utility
Well, I was hoping for some time to do testing. Do you mean that any user who accesses their email via a smartphone, tablet, etc will either need to stay on 2003 during the test to keep their connection?

So the 2010 test users won't have phone access or OWA until I move everyone over and point everything to the 2010 server as the main one?
0
Wish Marketing would stop bothering you?

Is your marketing department constantly asking for new email signature updates? Are they requesting a different design for every department? Do they need yet another banner added? Don’t let it get you down! There is an easy way to manage all of these requests...

 
LVL 10

Expert Comment

by:Vijaya Babu Sekar
Comment Utility
If your account has admin permission, it will not work inheritance. That's why Ms recommemdaed xadm id for administrative purpose and normal account should be used for normal operation. If you enabled inheritance for your administrative account, it will disabled automatically, Thanks for understanding.
0
 
LVL 11

Accepted Solution

by:
hecgomrec earned 500 total points
Comment Utility
No.!!! As I explained before:

The 2003 box won't open 2010 mailboxes and 2010 box won't open 2003 mailboxes.

When I say box.... I'm talking about OWA and ActiveSync...  remember... when you use a mobile device you're connecting to the server using any of the virtual directory services (SMTP, IMAP, POP or ActiveSync) therefore you can't expect they will have access to each other specially not from 2003 to 2010 but if you follow my suggestion your 2010 will be able to find your and open your 2003 mailboxes.

Now, I'm not sure about Windows devices (not have configured any yet) but I can tell you that latest Android OS will ask for permission on the devices if not accepted the user can't get or send emails because with 2010 you can do lots of things to the phone remotely, like wipe it, reset it, cancel cameras, cancel wifi, etc. This doesn't happen with iOS or BB they will just get disconnected at about 28% of the transfer from 2003 to 2010 and then back to normal when finish.

When I started mine migration I had same issue... like 3 weeks ago... I fixed the issue with the step I gave you... I'm still not done moving my mailboxes, the new box is in control and all users are getting their emails regardless their connection to the server.
0
 

Author Comment

by:LarryDAH
Comment Utility
Vijaya, does that mean if I use the xadm account to enable inheritance for my account I can sync my phone again to my email box on 2010?
0
 
LVL 10

Expert Comment

by:Vijaya Babu Sekar
Comment Utility
No Xadm account will not work with the iPhone. Because it will not allow inheritance, you may try to your normal account. That means should not have any administrative privileges with inheritance. Thanks.
0

Featured Post

Too many email signature updates to deal with?

Do you feel like you are taking up all of your time constantly visiting users’ desks to make changes to email signatures? Wish you could manage all signatures from one central location, easily design them and deploy them quickly to users? Well, there is an easy way!

Join & Write a Comment

Suggested Solutions

Title # Comments Views Activity
Junk folder 23 108
ActiveSync Report 2007 3 16
outlook 15 42
recover deleted items report from exchange as opposed outlook 2 32
We are happy to announce a brand new addition to our line of acclaimed email signature management products – CodeTwo Email Signatures for Office 365.
Local Continuous Replication is a cost effective and quick way of backing up Exchange server data. The following article describes the steps required to configure Local Continuous Replication. Also, the article tells you how to restore from a backup…
To show how to create a transport rule in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Rules tab.:  To cr…
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now