2

We have an Exchange Server 2010 that seems to be running fine.

Currently, we have most people able to connect to Exchange via various means and have a rich exchange email experience. Two of our users can't connect, though -> and I'm hoping someone can help explain some steps I can take to troubleshoot the server problems (assuming it's a server configuration issue).

Firstly, the following people can connect fine to Exchange 2010

  • Dad: iPhone (3Gs) + Mac Air (using Mail)
  • Mum: iPad (wifi) + iPhone (3G)
  • Sister: iMac (using Mail)
  • Wife: iMac (using Mail) and iPhone (3G) and iPad(wifi)
  • Everyone: OWA (any web browser)

Now, when I and my sister use our iPhone's (3Gs and 4G respectively) it keeps failing to connect.

It starts out saying:

Exchange Account. Unable to verify account information.

I'm assuming that i've entered our username/passwords correctly. I've also checked this by logging onto OWA with my username/password .. to confirm my credentials.

Now -> there's only ONE similarity between all these devices.

  • The ones that work -> our exchange account is the ONLY mail account on those devices.
  • For myself, I have another exchange account already in my phone. For my sister, she has an existing GMail account setup on her phone. So we're both trying to add a SECOND email account to our phones. Sounds weird, but that's the only pattern I can see.

So - i'm assuming this is some weird Exchange Server configuration issue. I'm not sure how I can see what is happening on the server.

Can someone suggest some things I can tick on/turn to verbose to get some info about what is happening, please - so I can troubleshoot any mobile user connection attempts?

splattne
  • 28,348
  • 19
  • 97
  • 147
Pure.Krome
  • 6,338
  • 17
  • 72
  • 86

2 Answers2

1

My first question is are the affected users members of (or have ever been a member of) a privileged group (such as Domain Admins or Enterprise Admins)? If so, ActiveSync has issues with administrative accounts.

You can turn up the diagnostic logging for ActiveSync to hopefully give you some pointers to the problem. Open up the Exchange Management Console and go to Server Configuration => Mailbox and chose Manage Diagnostic Logging Properties from the action pane.

Turn the MSExchange-ActiveSync options up to High and try to sync your iPhone and see if you get anything useful. Be sure to change the logging back down to Lowest when you've done - your server will love you for it.

Ben Pilbrow
  • 11,995
  • 5
  • 35
  • 57
  • cheers for the suggestions :) this *exactly* what i was looking for. So, i added those options in ... and nothing happens in my event log (administrative) logs :( no MSExch info about activesync or requests or what :( – Pure.Krome Nov 23 '10 at 02:11
  • Which log are you looking in - they should be logged in the **Application** log. I'm surprised it didn't log *anything* - I'd expect it to log attempts for your iPhone as well as the others iPhones and iPads. You can try flipping logging to **Highest** and see if you get something I guess. – Ben Pilbrow Nov 23 '10 at 11:47
  • For the record, I had to create a new mailbox for myself, because i was the default admin account (even though it was renamed). Secondly, for my sister's iphone, i had to 'reset network settings' .. and then things started to just work. weird / wtf! :) – Pure.Krome Jan 11 '11 at 22:46
1

If you're concerned about device problems you can do a test for your account using this Microsoft tool.

https://www.testexchangeconnectivity.com/

The error output from that tool also helps with troubleshooting.

As suggested by Ben the issue may also be permissions on your user accounts due to them being in privileged groups (either currently or in the past).

You can check whether inheritable permissions is enabled on the user objects by following these steps (refers to OWA issues but its the same tickbox to check).

http://exchangeserverpro.com/users-unable-to-access-outlook-web-access-after-mailbox-moves

As a general rule you'll have these sorts of problems with mailbox-enabled accounts that are in those privileged groups. Its less hassle to use a normal user account for your email and a separate account for admin tasks.

Paul Cunningham
  • 281
  • 1
  • 4