Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 173
  • Last Modified:

Exchange 2010 Active Sync with iPhone

Hi there

I have a client who cannot access his e-mails when he puts his details in the E-mail settings on his iPhone

the Server is running Exchange 2010

He puts the username / Password / Domain / Server and nothing works

I have tried the same account details on my Android phone it first tells me that there are problems with security certificate for this site and when I press continue I get the following error after checking the incoming server settings : Unable to open connection to Server. Security Error Occurred.

Now I am not very good with exchange in general and Active Sync in particular and have tried to research the issue but got very little information. Can someone please help me to figure out in clear steps what could be the problem?

Thanks
0
M SOS
Asked:
M SOS
  • 5
  • 4
  • 4
  • +2
8 Solutions
 
Will SzymkowskiSenior Solution ArchitectCommented:
I would first start with the connectivity analyzer.
https://testconnectivity.microsoft.com/

Also does this happen with all accounts or just this users account? Does he have activesync enabled on his mailbox?

Will.
0
 
HaroldNetwork EngineerCommented:
Try this, open AD Users and Computers, go to the OU that contains the user to Authenticate, rht-clk the user, left-clk Properties. You should she a Security<tab>, click.

Under Permissions for Administrators, click Advanced. Tick the box "Allow inheritable permissions from parent to propagate to this object and all child objects. Include these with entries explicitly defined here." click apply and/or ok.

Had similar issue on some company phones and some had to restart after applying the permissions. Different phones, reacted differently.

My article was listed as "Exchange 2010 activesync broke", don't see where to share it. Worked for me.

http://www.experts-exchange.com/Software/Server_Software/Email_Servers/Exchange/Q_28417907.html
0
 
M SOSAuthor Commented:
I run the analyser here is the result

 
Attempting to test potential Autodiscover URL https://domain.com:443/Autodiscover/Autodiscover.xml

Attempting to contact the Autodiscover service using the HTTP redirect method.
       The attempt to contact Autodiscover using the HTTP Redirect method failed.

ttempting to contact the Autodiscover service using the DNS SRV redirect method.
       The Microsoft Connectivity Analyzer failed to contact the Autodiscover service using the DNS SRV redirect method.

Any Help?

Thanks
0
Microsoft Certification Exam 74-409

VeeamĀ® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

 
Will SzymkowskiSenior Solution ArchitectCommented:
Based on the test results, it does not appear that you have autodiscover configured externally. Have you tried the manual method using your mail.domain.com address?

Do activesync work for any users?

Will.
0
 
M SOSAuthor Commented:
Thanks for your help so far ... I will check for other users

Can you please guide me through how to check if its configured correctly?

Thanks
0
 
Alan HardistyCommented:
If you have auto discover.yourdomain.com included in your SSL certificate, then you need to create an AUTODISCOVER A record in Public DNS.

If you don't then you need to create an SRV record that points to an FQDN that IS included in your SSL certificate (see the following guide for info:)

http://support.microsoft.com/kb/940881

Alan
0
 
Thomas Zucker-ScharffSystems AnalystCommented:
is this user using the new Outlook app from Microsoft for iOS?  If so, the problem is that it doesn't use activesync yet.
0
 
M SOSAuthor Commented:
Ok Guys your help was great thank you

Now one last request .... can some one point out an article or something on the internet that explains for dummies really how activesync work

Thanks
0
 
M SOSAuthor Commented:
hdoolittle:

What effect or what relation your suggested fix might relate to the issue.

I think it did the trick but I do not understand why.

Thanks
0
 
Alan HardistyCommented:
Basic explanation of how Activesync works:

Each mobile device, when connected to an Exchange Server keeps an open link to the server (which is refreshed periodically by sending a keep-alive ping).

When a new item arrives in the mailbox that a Mobile device is connected to, the server sends a message to the mobile device(s) telling the device(s) to run a sync so that it can pull down the latest content.

The device then syncs and sucks down the latest changed content on the server.

If a user changes something on the device(s), then the device starts the sync to the server to push the changes back to the server.

Alan
0
 
HaroldNetwork EngineerCommented:
M_SOS:  Mr. Alan Hardisty, has explained the activsync. I'm used to this issue now and everytime I setup a new phone for a user. I immediately go the Security<tab> and push these permissions, because I know I'll most likely have to do anyway.

I'm also a little shocked as Alan not forwarding you this link, as it is his posting, that fixed me several months ago.

Good read.....
http://www.experts-exchange.com/Software/Server_Software/Email_Servers/Exchange/A_2861-Activesync-Working-But-Only-For-Some-Users-On-Exchange-2007-2010.html

Another note, even if the phone has sync before you may have to push them again on a previously syncing phone. Also, reboots are required on some phones too.

Another helpful note, if you have timed password changing in AD, they do not push out to the phone, passwords have to be manually updated.
0
 
Alan HardistyCommented:
@hdoolittle:

Didn't see much point posting my article as the link you posted in your earlier post included the link to my article and you outlined exactly what to do in my article too :)
0
 
Thomas Zucker-ScharffSystems AnalystCommented:
Something to keep in mind, although many don't, when setting up accounts with activesync is to give users instructions as to how to change passwords.  I have had too many users locked out because they neglected to turn off their activesync devices when they changed their passwords on their email via OWA.
0
 
HaroldNetwork EngineerCommented:
@Alan  =>  Team Work!   Thanks!
0
 
M SOSAuthor Commented:
Thanks guys for all your great help

But before I close the question I just want to know something about this issue that confuses me a bit.

When I run a test sent to this e-mail username@domain.com on the Microsoft Remote Connectivity Analyser all the steps go fine until the very last step of the test which is ( Attempting to send a test email message to username@domain.com using MX domain.eu.domain.com.)

The server returned status code 421 - Service not available, closing transmission channel. The server response was: Service Temporarily Unavailable
Exception details:
Message: Service not available, closing transmission channel. The server response was: Service Temporarily Unavailable
Type: System.Net.Mail.SmtpException
Stack trace:
at System.Net.Mail.RecipientCommand.CheckResponse(SmtpStatusCode statusCode, String response)
at System.Net.Mail.RecipientCommand.Send(SmtpConnection conn, String to, String& response)
at System.Net.Mail.SmtpTransport.SendMail(MailAddress sender, MailAddressCollection recipients, String deliveryNotify, Boolean allowUnicode, SmtpFailedRecipientException& exception)
at System.Net.Mail.SmtpClient.Send(MailMessage message)
at Microsoft.Exchange.Tools.ExRca.Tests.SmtpMessageTest.PerformTestReally()
Elapsed Time: 789 ms.

But the client is receiving e-mails

How come?

and again thanks for your great help so far
0
 
Alan HardistyCommented:
Could be a resource issue with the Exchange Server (lack of disk space / memory).  Difficult to know without knowing more details / running more tests.

Could also be AV / Anti-Spam rejecting the message connection attempts or something similar.

Alan
0
 
HaroldNetwork EngineerCommented:
Sorry to insert a question here but do you guys/gals run AV on your exchange server?  I was told not to, a big NO NO, corrupting datastores. So that is the only thing on the exchange server is, exchange.
0

Featured Post

Hire Technology Freelancers with Gigs

Work with freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely, and get projects done right.

  • 5
  • 4
  • 4
  • +2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now