Greetings!
We have a trouble with our linked mailboxes and ActiveSync.
Enviroment:
Two forests with full trusts.
In First forest we have Exchange 2013 CU7.
If we move user from First forest to Secondary, or if we create a new user in Secondary forest, and make his mailbox as linked, then users can't connect these with their iPhones (with latest updates).
iOS mail config screen says: Unable to verify account information
But Windows Phone or Android do it well.
I try to use http://testconnectivity.microsoft.com/ and I get a error:
An ActiveSync session is being attempted with the server.
Errors were encountered while testing the Exchange ActiveSync session.
Additional Details
Elapsed Time: 172 ms.
Test Steps
Attempting to send the OPTIONS command to the server.
Testing of the OPTIONS command failed. For more information, see Additional Details.
Additional Details
An HTTP 403 forbidden response was received. The response appears to have come from Unknown. Body of the response: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
...
403 Forbidden. The server denied the specified Uniform Resource Locator (URL). Contact the server administrator. (12202)
So I think that it's maybe a TMG issue, but maybe somebody knows why is Windows Phone and Android do it well, but iOS don't? And when I try to log iOS connection - there is no TMG errors.