Quantcast
Channel: Exchange Server 2013 - Mobility and ActiveSync forum
Viewing all 1206 articles
Browse latest View live

Publish EAS client certificate authentication

December 12, 2016, 9:32 am
$
0
0

Hi,

We're trying to publish Exchange Active Sync (Exchange 2013) client certificate authentication using ADFS/WAP Windows 2012 R2). We managed to publish OWA through WAP with ADFS pre-authentication, and it works fine. However, when trying to publish EAS (WAP with pass-through), it fails. Testing connection using tool from http://mobilitydojo.net/2010/05/19/securing-exchange-activesync-with-client-certificates-lan-access/, it gives the following error: 

Testing HTTP GET:
Response: The remote server returned an error: (403) Forbidden.
Explanation:
The server requires SSL and will not let you connect over HTTP.
(For instance trying to connect over HTTP while IIS requires SSL.)
Status: Further action required
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Testing HTTP OPTIONS:
Response: The remote server returned an error: (403) Forbidden.
Explanation:
The server requires SSL and will not let you connect over HTTP.
(For instance trying to connect over HTTP while IIS requires SSL.)
Status: Further action required

Thank you for any help.


alfa21

Search

ActiveSync work with old password

December 15, 2016, 2:38 am
$
0
0

Hi,

We have recently observed that though we change the user password in AD, ActiveSync still works with old password without prompting new password for many hours.

The above behavior considered to be security breach. 

Can someone advice if there is any workaround to have the activesync device prompt for the password immediately once its changed in AD.

Regards,

Sridhar

Activesync test environment

December 25, 2016, 2:13 am
$
0
0

Hi

I have Exchange 2013 , 400 users connected with MDM with standard authentication "ignore client certificate"

I wont to start working with Certificate Authentication and test it before

How I can create environment for testing without disconnect all production users ?

   

How Can I Restrict ActiveSync users to Sync only during office working hours?

December 26, 2016, 4:15 am
$
0
0
Hello all,

Our CEO raised a question (we think after reading the article "French Legislation Suggests Employees Deserve The Right To Disconnect" regarding users working (Reading e-mails and responding to them) after normal office hours and specially during the weekend, he asked how can we as the IT restrict the users so that they will not receive e-mail's via "PUSH" e-mail to their Mobile Devices (if they want to manually receive e-mails via "Fetch" or manual sync they  should still be able to do so but the server should not "Push" the e-mails to them during non working hours).

as far as i can remember from exchange 2003 at least while using the ActiveSync we would have been able to choose if the device would "Fetch" / Manually sync e-mails and even configure Off Peek hours during which the device will not sync automatically (only manually), of course that this was done to conserve the Internet Data consumption and in turn conserve the charges to our mobile bill at the end of the month.

as of a couple of IOS versions ago (don't remember when it changed) the off peek times are no longer available as an option and you can only configure "PUSH" / "FETCH" / "Manual" sync but even when you configure it to "FETCH" the device has only 15m / 30m / Hourly / Manually options available, the Off Peek is no longer available.

don't know if the same is true with Android / Windows Mobile devices.

in any case the question is: is there a way to confine the activesync users ot work in "FETCH" / "PUSH" mode only during working hours and still be able to sync manually during non working hours?



Thank you.


Certificate Based Authentication (iOS) - initially connects fine then "The connection to the server failed"

May 31, 2013, 5:10 am
$
0
0

I've setup certificate based authentication for activesync on Exchange 2013.  We're using primarily iOS devices and that's all I'm testing with for now. 

I apply the profile using Apple's iPhone configuration Utility, install the profile on the phone and my mailbox syncs as expected.  I can send and receive messages for a short time, somewhere between 2 and 5 minutes.  After that I cannot get a connection again and get the message "The connection to the server failed."  I am able to access the server through safari so network connectivity is OK.  The only way to regain a working activesync connection seams to be either rebooting the phone completely or instructing the iPhone to "Reset Network Settings" which also ends up rebooting the phone.

I have verifiied that "Include inheritable permissions from this object's parent" is selected in the users AD security settings which was the only item I have found that may relate to this error in my searching.

I did have certificate based auth working in my Exchange 2007/2010 environment and also in my Exchange 2013 test environment.

The Exchange remote connectivity analyzer test for activesync fails but only because of the certificate auth which it doesn't seem to be setup to handle.  Everything else passes.

MS Outlook 2016 inability to connect to an Exchange Server using ActiveSync

December 27, 2016, 1:45 am
$
0
0
Hi,
I have Exchange Server 2013. To communicate with the server I use mail clients Ms Outlook 2010-2013 with Exchange ActiveSync.
On the DNS server I have a record A autodiscover.domain.com.
In the case of Ms Outlook 2010-2013 configuring e-mail accounts using Exchange ActiveSync (EAS) everything is fine.
When I installed MS Outlook 2016 and Configure Exchange ActiveSync this mail client can not connect to the server.

what can I do?

ActiveSync server name and domain name changed

December 31, 2016, 8:18 am
$
0
0

Hello everybody,

I make a coexistence between exchange server 2010 and exchange server 2013, and make new accepted domain and new certificate cause the client want to change the domain name to be @<new domain name>.org instead of *@<old domain name>.org, everything works fine but the autodiscover and activesync.

shall the server name changed manually for activesync or there is a way to do that automatically?

Mohammad Naji senior exchange administartor

Coexistence 2007 and 2013 ActiveSync not working

January 4, 2017, 5:35 am
$
0
0

I am hoping somebody can help or has ran into this. We installed Exchange 2013 CU15, and everything is working. We changed all of our URLs to Legacy.domain.com and autodiscover and mail.domain.com point to 2013. Outlook and OWA work fine for both users on 2013 and 2007. The issue is our mobile devices. Users on 2007 can not get connected on the mobile device. Users on 2013 work fine without issues. I have set the External URL on 2007 for Active Sync to $null as well. When running the exchange connectivity test and the error I get is below. Anybody have any ideas?

Attempting to send the OPTIONS command to the server.
 	Testing of the OPTIONS command failed. For more information, see Additional Details.

	Additional Details

A Web exception occurred because an HTTP 400 - BadRequest response was received from Unknown.
HTTP Response Headers:
request-id: 5032f128-653d-461b-ae4a-725f5d107543
X-CalculatedBETarget: Internal_Server_Name
X-MS-BackOffDuration: L/-470
X-DiagInfo: Internal_Server_Name
X-BEServer: Internal_Server_Name
Cache-Control: private
Content-Type: text/html; charset=us-ascii
Set-Cookie: ClientId=RT0VAICUKYNZLSMKPQCG; expires=Thu, 04-Jan-2018 13:33:39 GMT; path=/; HttpOnly,X-BackEndCookie=S-1-5-21-576079393-3807162691-548639514-56446=u56Lnp2ejJqBy8jJmcnIyMfSyM7HmtLLyMua0p6emcjSmcqazMzJx8vLnJnOgYHNz87I0s/N0s/Mq87MxczMxczG; expires=Fri, 03-Feb-2017 13:33:39 GMT; path=/Microsoft-Server-ActiveSync; secure; HttpOnly
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-FEServer: Internal_Server_Name
Date: Wed, 04 Jan 2017 13:33:39 GMT
Content-Length: 346
Elapsed Time: 412 ms.



Anthony Zepeda

Search

Custom Activesync Aural Notifications based on mail type (rules) ?

January 5, 2017, 6:08 am
$
0
0

Hello group.

I am using an android device with ActiveSync.

I wonder if it is planned to add custom notification sounds based on a mail rule natively on all activesync ports.

It would indeed allow us administrators to manage at once important monitoring alerts without having to look at the phone everytime a mail pops-up.

If there is a possibility of external management through a third party app, it may be a good temporary solution, or if the feature is standard on Windows Phones it could also be a temporary workaround.

I hope some Developpers  will look at this and figure out something. ;)

Thank you !

Shared calendars not syncing between mobile clients and Outlook-desktop

January 5, 2017, 12:50 pm
$
0
0

On Exchange 2013, I setup a public folder and a calendar-enabled subfolder for one office to use.  I added permissions, and everyone can see it and use it as intended in Outlook 2013.  When the calendar was added to the user's mobile devices (the calendar shows up just as intended) the appointments are not there.  When a user adds an appointment from their mobile device to the shared calendar, it syncs across all shared mobile devices, but not with Outlook.

Has anyone else seen this behavior, and are there any suggestion to overcoming it?

I thought about just creating a common mailbox that everyone adds as a separate account to their mobile devices, but I don't want mail to flow to or from that account by anyone.

Smart Phone Active Sync using http

January 6, 2017, 5:40 am
$
0
0
I have a customer that insists on using http for their OWA.  I'm having difficulty setting up their phones to sync with their mailbox.  I've had no issue at other sites when using https for OWA is their something different I need to do for http when using OWA and active sync with Smart Phones?

Issues with Syncing Android to Exchange - Error log attached -

January 6, 2017, 11:32 am
$
0
0

Hi,

I hope someone can help. My android device running 7.1.1 will connect to exchange and most instances will download all of my contacts except for 20-50 (depends on the sync). I have 2500 contacts.  Once the sync is done and my contacts are there, no changes made on my device to existing contacts or two new contacts will update exchange.  I have tested a small number of contacts in another exchange account that that would work fine. I read online about the ability to track a sync log from Exchange within Office365 portal which I did do and found the following errors.

I didn't post the entire log as it does have some email info in there but happy to share with you if it can help. This is a big problem because third party apps like outlook for android don't support bi-directional sync so if you have a contact change, you're unable to make it which is almost useless.  I also need my address book to be local in the contacts app so you can use messaging, phone, favorites, whatsapp and so sorth.  I've spent way too much time trying to figure this out and driving me crazy to ....as i'm sure you can imagine.  This error while somewhat helpful, isn't helpful at all as i have no idea what exactly it means nor does it address specific contacts that may be causing the issue. Then again, this error may not be the problem at all.

Please assist if you can.

thank you,

Damon

ResponseHeader : 
HTTP/1.1 200 OK
MS-Server-ActiveSync: 15.1
X-MS-ASError: Message = Element 'Contacts::HomeAddressCity' cannot appear more than once if content model type is "all".; Severity = Error
X-MS-ASError: Message = Element 'Contacts::HomeAddressCity' cannot appear more than once if content model type is "all".; Severity = Error
X-MS-ASError: Message = Element 'Contacts::HomeAddressCity' cannot appear more than once if content model type is "all".; Severity = Error
X-MS-ASError: Message = Element 'Contacts::HomeAddressCity' cannot appear more than once if content model type is "all".; Severity = Error
X-MS-ASError: Message = Element 'Contacts::HomeAddressCity' cannot appear more than once if content model type is "all".; Severity = Error
X-MS-ASError: Message = Exceeded maximum number of bad items: 4; Severity = Error


ResponseBody : 
<?xml version="1.0" encoding="utf-8" ?>
<Sync xmlns="AirSync:">
<Status>4</Status>
</Sync>

ResponseTime : 
01/06/2017 01:19:00

Synchronization of mails not working on mobile data works OK on wireless

November 14, 2016, 11:14 pm
$
0
0

Hi

We are expirencing a strange problem with activesync on mobile phones.

The synchronization does not work when we are using mobile data connection. It searchs for connection for a long time, and then we get this error: "Unable to receive mail. The connection to the server was interrupted."

It works OK on Wireless internet.

Sometimes it's working on mobile data but most of the time it doesn't.

The problem started at the start of this month

I called our telecommunications Company, but the problem is not at them.

Our Exchange consultant says that everything looks OK on the server.

Any idears what to try ?

Text to Email. How do I stop it??

January 10, 2017, 6:52 pm
$
0
0

Ok, so every single text message I get, it comes to me as an email as well. The sender is the phone number of the person that texted me, and the "to" is my phone number.

The most common solution to this is in the Exchange settings on my phone, finding the option "SMS Sync" and unchecking it. However, in my settings, that is already unchecked, so I'm at a bit of a loss as to what to do. I've been on the phone with 3 different tech department calls, and an online chat help with my service provider, but nothing has fixed the problem.

My email is getting very backed up very quickly, as I do a lot of my business through texting, you can only imagine how frustrating this is right now!

Delegate ActiveSync Device Approval

October 29, 2014, 10:06 am
$
0
0

Hi there,

anyone worked out full set of permissions needed to delegate permissions to  Allow/Block quarantined Activesync devices in ECP ?

Went over this thread:

http://www.experts-exchange.com/Software/Server_Software/Email_Servers/Exchange/Q_27427812.html

but this does not seem to work with Exchange 2013 SP1

I'm trying to save time before going over the necessary roles one by one.

The goal is to assign helpdesk (or any other group) the minimal set of  permissions to view quarantined devices and be able to click allow/block without seeing (or being able to modify) anything else in ECP.

Any help is mostly appreciated.

Thanks

Search

Smartphone & Tablet sync

January 15, 2017, 10:50 am
$
0
0
I am having sync issues with the notes section of tasks/to-do's when syncing from outlook with Android or iOS. If I create a task in outlook it syncs fine to all my mobile devices. If I create a task on my mobile devices it syncs with Outlook fine also. The problem only occurs when a task that has been created in outlook has the notes edited on one of my mobile devices. This then syncs back to outlook with a different font and format. Any ideas how this can be fixed?

ActiveSync Event ID 4023

November 18, 2013, 7:21 am
$
0
0

Hello MS Community!

Running Exchange 2013 CU2 with all applicable patches.  Server has been in production for 2 month now.  Over the last couple of weeks Event ID 4023 started to appear in the Application Log.

Log Name:      Application
Source:        MSExchange ADAccess
Date:          11/18/2013 10:00:39 AM
Event ID:      4023
Task Category: General
Level:         Error
Keywords:      Classic
User:          N/A
Computer:      server.domain.loc
Description:
Process w3wp.exe (AirSync) (PID=3388). The budget for user 'DOMAIN\username_HTC188c824b2995ba5de8ef4a3ef73ae_htcvigor' is locked out until 11/20/2013 6:20:12 PM.  Max Burst: 240000, Recharge Rate: 360000, CutoffBalance: -600000

This is happening for iOS and Android users.  I reviewed both the Global Throttling Policy and Default Throttling Policy.  There are no other policies in place.   Global Policy is read only and can't be modified.  For Default policy I doubled the  EasCutoffBalance, EasMaxBurst, EasRechargeRate.  Restarted the Microsoft Exchange Throttling service.  Still the same issue.    Checking affected mailboxes with Get-MailBox shows no ThrottlingPolicy assigned, so default must be in effect.  So there are 2 questions: 

1) Why is it happening all of a sudden?

2) Why modifications to the policy make no difference?

Thanks!

Mobile Devices - Behaviour of "Require sign-in after the device has been inactive for (minutes):"

January 18, 2017, 6:20 am
$
0
0

Hi

I have a question about the behavior of "Require sign-in after the device has been inactive for (minutes):"

Require sign-in after the device has been inactive for (minutes):

When changing the time settings, the behavior is not the same on all devices. There is differences between the different versions of IOS and different versions of Android phones.

I have tested it on:

IPad with IOS 9.3.5

IPhone with IOS 10.2

Samsung Galaxy S7 Edge with Android 6.x

Samsung Galaxy S5 with Android 6.x

but the behavior is different(time length available to lock phone) on all devices, for how long you can select the default lock time to be.

On IPad IOS 9.3.5
If you set the "require sign-in af.... " to 6 or 8 min. on the exchange server
the effect on the IPad is that you can select 2 and 5

If you set the "require sign-in af.... " to 4 min. on the exchange server
the effect on the IPad is that it is set to 2 min, and is grayed out so you can't select anything.

On IPhone IOS 10.2

If you set the "require sign-in af.... " to 6 or 8 min. on the exchange server
the effect on the IPhone is that you can select 5, 4,3,2,1 min or 30 sec.

If you set the "require sign-in af.... " to 4 min. on the exchange server
the effect on the IPhone is that you can select 4,3,2,1 min or 30 sec.


Android 6.x

If you set the "require sign-in af.... " to 6 min. on the exchange server
the effect on the Samsung Galaxy S7 Edge is that you can select 3,2,1 min or 30, 15, 5 sec.

the effect on the Samsung Galaxy S5 is that you can select 4,2,1 min or 30, 15, 5 sec.

If you set the "require sign-in af.... " to 4 min. on the exchange server
the effect on the Samsung Galaxy S7 Edge is: Have not tested this yet

the effect on the Samsung Galaxy S5 is that you can select 2,1 min or 30, 15, 5 sec.

This seems like a rather strange behavior, but the good thing though is that it is never possible to set it higher than what we set in the "require sign-in af.... ".

Is the behavior supposed to be like this?


Disabling mobile outlook app for selected user

January 18, 2017, 10:55 pm
$
0
0

Hi,

I would like to know how to disable user from accessing their mail through outlook app on their phone. I have disabled owafordevices and activesync for individual account but they are still able to access their mail. any advice?

How to remove Mobile Device when it cannot be found

January 19, 2017, 2:39 pm
$
0
0

Hi all,

I am running Exchange 2013 and have Active Directory at a functional level of 2008 R2.  Before migrating accounts between subdomains within the same forest, I had disabled Exchange ActiveSync in the ECP. After I had done that I went to ADSI Edit and deleted the leave object.  After those things had been done I proceeded to migrate the account to another subdomain. After that was done I went back to the Exchange ECP and I enabled Exchange ActiveSync again. However I didn't realize that there were existing Mobile devices that had been sync'ed. 

Every time I try and delete them it says that the "mobile device cannot be found". I've went to Exchange Management Shell and tried to do it from their and I got the same error.  It can't find the GUID or anything..  

I've tried to migrate the accounts back to the original place in active directory and then try to delete these mobile devices and got the same error..

Nothing I've tried works.  Is there something else that I can try to remove these?

Viewing all 1206 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>