Quantcast
Channel: Exchange Server 2013 - Mobility and ActiveSync forum
Viewing all 1206 articles
Browse latest View live

Migrating from SHA1 to SHA2 on Exchange

July 26, 2016, 3:07 am
$
0
0

Recently we had renewed our webmail certificates on digicert certificate authority and had to use the SHA2 SSL certificates as the older SHA1 version deprecated already.

The installation of the certificates was done on all required mail servers within the domain including our barracuda load balancer.

We had some warnings poping up for users within the domain before installing the new certificates because the older ones expired before we do the renewal where users at that time were not able to connect to exchange from outside after certificate expiration.

After renewal domain users restored connectivity to exchange with no warning coming up within office and are able to access Webmail using OWA from outside without a problem.

But these domain users are now unable to connect to exchange from outside due to some reason which we are investigating and I came across several articles which I wanted to consult experts about regarding SHA2 side effects on relation and connectivity to back-end.

Enabling TLS 1.2 on IIS 7.5 for 256-bit cipher strength: http://jackstromberg.com/2013/09/enabling-tls-1-2-on-iis-7-5-for-256-bit-cipher-strength/

Appreciate any help on the matter.
Search

Some Calendar Items Don't Show on iPhone

July 26, 2016, 12:44 pm
$
0
0

Hi,

I have a user who's calendar is shared with his secretary.  She often adds invites/entries to his calendar.  He receives the email notification about a new invite and accepts them.  Most of his calendar entries show up in his iPhone but sometimes a meeting does not show in his iPhone though they still show up in his Outlook Calendar.  We're on Exchange 2013 CU8 and the user is on Outlook 2010, IOS 9.3.2.  Any assistance would be appreciated in helping get this calendar syncing to work 100% would be great.

Thanks,

John

Call Display Settings

August 10, 2016, 1:59 pm
$
0
0

Sorry if you feel this issue isn't right for this forum. I'm trying to get it looked at from many different angles.

This question isn't for a particular model of phone as I've seen it on Samsung and Apple devices. Devices are connected to corporate email via ActiveSync. UserA adds an entry (UserB) from the global address list to their personal contacts. These contact cards have an entry for 'Assistant Phone'. They also add that persons assistant (UserC) to their personal contacts. Now, when UserC or UserB call UserA, the display actually reads'UserC or UserB'.

Sometimes, if UserB calls UserA, the display says 'UserC' but in smaller letters, it says 'Assistant'.  

My question is, how do you get the call display to ignore contact fields like 'Assistant' so that the call display shows who is actually calling? Is this even possible?

Outlook still showing deleted .ics calendars in Windows Phone

July 10, 2013, 1:13 am
$
0
0
Last year I subscribed to a couple of sports fixtures calendars on the internet (.ics). For the Six Nations rugby actually. I deleted them months ago from Outlook (my company Exchange 2010 account) and they don't show up in Outlook 2013 either on my work or home PC. However, I recently got a Windows Phone and added my company Exchange account, and for some reason they still show in the list of calendars and there's no way to remove them, only hide them. 

They must be still hidden away somewhere in my Exchange account, does anyone know how I can purge them? Thanks in advance!

Windows 10 mail client returns 0x86000c2a syncing ActiveSync

July 19, 2015, 6:47 am
$
0
0

When trying to sync with Exchange ActiveSync it works for about a day then starts returning the error 0x86000c2a "We weren't able to apply the security policy that's required by "eas.xxxxxx.com". Contact your company's support person to fix the problem."

But since I'm that support person it doesn't tell me what to do about it or who else I can contact. I can't imagine what I could change on the Exchange server to fix this when it works with every other platform including the Windows 8/8.1 email client.

I've just downloaded the latest version of the email client (version 17.6017.42001.0) and it still has the problem. With Win 10 build 10240.

Any additional information on this problem would be appreciated.

Outlook App, native calendar and shared mailboxes

August 14, 2016, 1:57 pm
$
0
0

Nice App.

Allthough two things annoys me:

1) Can't seem to sync Outlook calendar with native Android calendar (guess the issue is the same with iOS).
I am aware that I can create a Google account in Outlook App... but it will not give me the ability to filter share calendars in Google. Would like the ability to use different calendars as an overlay on native android calendar.

2) I can't open shared mailboxes in the Outlook App. Tried to create an additional account manually and indicating the emailadress, AD domain, login and password for a user with full access to that shared mailbox, but I am getting an authentication error while I am positive that the account typed is correct.
From what I understand is that the upcoming Outlook Web App for mobile can do it... but why is this not possible on the "real" app?

Regards, Lars.



Outlook connecting within premises but not from outside

August 14, 2016, 9:58 pm
$
0
0

We are facing this issue where laptops are able to connect within premises to exchange but not from outside.

Activesync also stopped working for some people but not all.

This behavior occurred after we renewed our SSL certificates recently.

On one of the mobiles I got the following log:

Checking Certificate...Checking to see if server is self-signed :https://***.***.***.**

Server cert IS trusted, disabling accept all certs

SSL handshake aborted: ssl=119476e8: I/O error during system call, Connection reset by peer:Exception performing request

ActiveSync version check returned negative, but still trying for 12.1

Can you force device encryption for EWS

August 15, 2016, 12:55 pm
$
0
0
We are trying to secure our systems that use activesync and EWS. Since activesync stores some items locally we enforce device encryption so even if the device cannot be wiped the data is still encrypted. I'm not sure if there is a similar option for EWS. I can't find anything close when I research it. I understand that EWS can be blocked for specific users or turned off entirely. Is there an option or policy where you can enforce device encryption on a client system that is using EWS to connect to Exchange. Any assistance appreciated.  
Search

Cannot view the history thread of the email forwarded by iPhone

August 17, 2016, 11:24 pm
$
0
0

Hi

I have a weird email forwarded by one user from his iPhone. The history of the email thread is NOT visible from the recipient's outlook client and OWA. However it is visible from the sender and recipient's iPHONE.

The environment i have are;

  1. Exchange 2013 CU12
  2. Outlook 2013
  3. iPhone running on iOS 9.3.4

Did anyone encounter the similar problem before?

Regards

Lin

False Quarantine Emails

August 19, 2016, 6:43 am
$
0
0

We have been running Activesync with our mobile devices with Exchange 2013.  However, in the last few days, we have begun getting emails for a few specific phones being disabled.  It appears to be a few users who have set up new iphones, initially were getting quarantined (by our policy), but when we approve them, they continue to get emails stating that they are quarantined.  This has happened to 3 different users so far, and has happened for several days.  One in particular is getting emails roughly two every hour.  However, if I go check the quarantined devices in exchange, I get zero devices quarantined, and they are still getting other emails.

Any suggestions?

User account automatically CC's itself when replying all to any email on iOS devices

August 22, 2016, 7:38 am
$
0
0

Hi,

To start, yes the "CC Myself" feature is not enabled on any of these devices.  Any new iOS/EAS device the user is setup on exhibits this behavior.  On emails sent only to him, the "reply all" feature is there unlike other user accounts where only "reply" available on direct email messages.  It's like it doesn't recognize his address as belonging to the account.  This is the only account in the org of nearly 2000 user accounts that behaves like this.

This account does have an unusual history.  Our typical naming convention for accounts is {first initial}{last name}: jsmith.  When a mailbox is created, its alias would be jsmith and its primary address would be jsmith@domain.com, which matches the UPN, with a john.smith@domain.com secondary.  A couple years ago, this user wanted another initial added to his primary and to no longer receive mail at his previous primary and secondary.  He was given jdsmith@domain.com while jsmith and john.smith were deleted.  This is the only difference I know of between this account and any other account.  On other accounts, we have varying primaries of first.last@domain.com and even name@otherdomain.com, and they all function perfectly fine.  The only mitigating factor is they never had the email address that matched their UPN and alias base deleted.  That said, I can't replicate this behavior by creating a test account and then editing it to match this.  Do an autodiscover request returns valid results as well.

What else could be wrong with this account?  Unfortunately this is an executive, so I'd like to avoid deleting the mailbox and recreating it given the unforseen issues that may cause.  Likewise I've gone through multiple rounds of device testing, test accounts, etc, and I'm essentially at a place where I'm just throwing stuff against a wall to see what sticks.  Thanks!

Preventing New ActiveSync Devices from Connecting to Exchange Server 2010

August 22, 2016, 2:16 pm
$
0
0 
Hey Guys,
I have problem when a user in ym organization make the active sync configuration, he/she autmatically gets the Email
thier mobile phone without the Confirmation of admin and Admin also didnt receive any Emails about it.
so i have check the activesnyorganization setting and it says th default acccesslevel is qurantine and admin email is set for receiving the 
confirmaion email but this is not happening.
C:\>Get-ActiveSyncOrganizationSettings | select DefaultAccessLevel | fl

DefaultAccessLevel : qurantine
any Advice, what can be wrong ?

Unable to sync shared mailbox simultaneously from more than one iPhone devices using same user account.

August 24, 2016, 5:13 am
$
0
0
  1. Active Sync users are not able to sync shared mailbox simultaneously from more than 1 iphone device if they use common user account.
  2. If they try to sync the same shared mailbox from one device at a time, it works fine on all the iphone devices. Only simultaneous sync requests are having issues.
  3. Wants to now if this is a limitation of ActiveSync which is not allowing shared mailbox to sync from multiple iphone devices using same user account.

Exchange server used is Microsoft Exchange server 2010 sp3 Update Rollup 5.

Quick response will be appreciated!

Event 1033, MSExchangeActiveSync Warning

January 8, 2014, 7:53 pm
$
0
0

Hi there,

We are getting MSexchangeActiveSync warning messages -event ID 1033 on Exchange 2013 CU3. Details can be seen below. As we are in the process of mailbox migration from exch 2007 to 2013, we are also noticing activesync issue once a while. I couldn't come across anything regarding to warning message and I'm curious if this is somehow link to activesync issue that we are noticing?

"The setting SupportedIPMTypes in the Web.Config file was missing. Using default value of System.Collections.Generic,List`1[System.String]."

PS: Restarting activesync pool helps and restart the activesync connections as it is mentioned on the link.

http://social.technet.microsoft.com/Forums/exchange/en-US/2c52ab78-a6b2-4fd0-8239-808b67a6d427/event-logs-repeating-event-id-5011-was-and-6002-ping-of-mdb?forum=exchangesvrmobility

Thanks,

Cem

ActiveSync Server Setting

August 28, 2016, 10:18 am
$
0
0

This is actually for Exchange 2010 SP3, rollup 13. I did not see a category for 2010 listed in the drop down. Hoping someone has come across this before. I am guessing it would be a similar issue in 2013.

Exchange 2010 is setup and working well. OWA, phones, certs all good. My small issue is that when users add their email account to their phone (testing with Galaxy S6), the first attempt fails and then you have to choose manual settings and enter the internal domain name and the name of the mail server. The internal domain name is prepopulated with \username. So the user needed to enter 'domain' in front of the slash. I've gotten around that with the \ and the local domain name in the realm of the basic authentication settings under Microsoft-Server-ActiveSync virtual directory in IIS. But there's a problem...the server name field still defaults to domain.com, when it should be mail.domain.com. Since that makes the process fail and the domain field still defaults to /username, the user still thinks they need to enter domain in front of /username so it kind of renders the first fix useless since the user will still be compelled to fill out both fields anyway. If I choose manual settings and only adjust the server name to mail.domain.com (after fixing the \ part) the setup works, leaving the domain field as is. But the user will never know that and it would be a confusing communique to issue. So i have managed to trick it - for which I am feeling quite proud of myself - On the first setup screen if I enter username@MAIL.domain.com ('mail' just so happens to be the correct name of our server) the process works! Every time. But that might be an even more confusing user communication to users..."Just use username@mail.domain.com" So my first question is WHY does that work?? And then is there a way to have ActiveSync and/or Autodiscover tell the client on the phone what the correct mail server name is? Thanks for reading and for any assistance.



Search

Determine if a Mobile device has a PIN (or other security) enabled

August 30, 2016, 12:08 pm
$
0
0

We currently do not require ActiveSync users to use a PIN or other security method to lock their phones or tablets and we would like to get a view of how many of our users are actually using a pin or other method to lock their device.

Is it possible to determine if an activesync device has a PIN (or any security method, ie pattern, face recognition) enabled on it?

I have looked into Get-ActiveSyncDevice and Get-ActiveSyncDeviceStatistics but do not see a property for security/pin/whatever.

Is this possible to find out?

Possibility to prevent Mail-Sync via EAS

September 2, 2016, 2:46 am
$
0
0

Hi,

one of our customers defined a requirement to prevent Mail-Sync via ActiveSync.
They only want to allow sync of Calendar and Contacts to mobile devices.
Unfortunately they don't have a MDM-solution.

They use Exchange 2013.

I checked the Cmdlets Get-MobileDevicePolicy, Get-ActiveSyncVirtualDirectory, Get-CasMailbox, Get-Mailbox for related Attributes, but there are no options which do the work.

Is there any option i missed?

Regards,
Thomas

Activesync devie and Active directory expire password

September 5, 2016, 2:56 am
$
0
0
Just quick question, if the user's Active directory password expired. Will it shop the mail flow on the ActiveSync mobile device?

ActiveSync Password Policy

September 5, 2016, 6:29 pm
$
0
0

Dear Sir,

I would like to know the relationship between ActiveSync Password policy and Windows Active Directory password policy. If I configured ActiveSync Password policy's length is 4 characters and Windows Active Directory password policy's length is 8 characters. Does the mobile user need to follow which password policy? 

Best regards,

KM Wong

incoming email found in users OWA outbox

September 12, 2016, 8:24 am
$
0
0

Hello,

An email from another company addressed only to one person, that being a single recipient in our company, disappeared from the users iPhone (6s running 9.3.5) shortly after seeing it listed in the Mail app and I later discovered that it was in the Outlook Web Access (Exchange 2010 14.3.123.4 on 20088R2 Standard) outbox for that user/recipient.  The user never viewed it in Outlook or saw it in the Inbox.  I found a copy of it in his Outbox in OWA by doing a search for the email, but did not find it in Outlook’s outbox.  He hadn't accessed OWA.

What might explain the presence of the email in the OWA outbox?

-I’ve since unenrolled/reenrolled the iPhone in AirWatch as a precaution.
-I've removed 4 extra/old devices from ActiveSync for the user so that only his current two devices are shown.
-There were no rules in Outlook or OWA for the user that could cause this that I saw.
-I found nothing unusual in how the email was received through Mimecast (auto allow) or Exchange (Receive and Deliver EventID's in Message Tracking).

Viewing all 1206 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>