none
Exchange 2010 - Unable to verify account information

    Question

  • I am getting the same error on my newly installed Exchange 2010 "Exchange Account Unable to verify account information." My existing Exchange 2003 is working just fine using different URL (i.e., webmail.domain.com).  The new Exchange 2010 has a url of mail.domain.com.

    Someone posted that they resolved it by removing the OWA redirection on exchange 2010.  How do you this? This may fix my problem too. Thanks!

    Monday, November 07, 2011 12:12 PM

Answers

  •  

    I solved the problem by resetting virtual directory in CAS and creating a brand new Activesync.


     Thank you for reply. 

    Relfe


    Relfe
    Tuesday, November 08, 2011 6:13 PM

All replies

  • Could you please paste the output of Get-OWAVirtualDirectory |FL?

    Also, do you have any page redirect enabled on CAS servers?

    Could you please check the application log on CAS servers to see any related errors?

    Is this a problem with all users? If yes where are their mailboxes, Exchange 2003 or Exchange 2010?


    Milind Naphade | MCTS:M (Exchange 2007 and 2010) | http://www.msexchangegeek.com RSS Feed
    Monday, November 07, 2011 12:21 PM
  • Hello Mr. Naphade,


    Here's the information.

    I did redirect  OWA to legacy.domain.com so that I can allow my users to still connect to my exchange 2003.  This works after I enable the form based on exchange 2003. 

    No errors on application log

    The active-sync on iPhone does not work to all users on Exchange 2010.  Users on Exchange 2003 still works using the external url.

    Current external URL on Exchange 2003 - webmail.domain.com

    Current external URL on Exchange 2010 - mail.501c.com

    Everything is functioning on Exchange 2010 (i.e., Outlook, OWA, email flows) except for Active Sync.

    Note: I replaced domain.com with our domain name.


    [PS] C:\Windows\system32>get-owavirtualdirectory |fl


    RunspaceId                                          : 104c3514-9980-413d-a582-705ff5d7acfd
    DirectFileAccessOnPublicComputersEnabled            : True
    DirectFileAccessOnPrivateComputersEnabled           : True
    WebReadyDocumentViewingOnPublicComputersEnabled     : True
    WebReadyDocumentViewingOnPrivateComputersEnabled    : True
    ForceWebReadyDocumentViewingFirstOnPublicComputers  : False
    ForceWebReadyDocumentViewingFirstOnPrivateComputers : False
    RemoteDocumentsActionForUnknownServers              : Block
    ActionForUnknownFileAndMIMETypes                    : ForceSave
    WebReadyFileTypes                                   : {.xlsx, .pptx, .docx, .xls, .rtf, .ppt, .pps, .pdf, .dot, .doc}
    WebReadyMimeTypes                                   : {application/vnd.openxmlformats-officedocument.presentationml.pre
                                                          sentation, application/vnd.openxmlformats-officedocument.wordproc
                                                          essingml.document, application/vnd.openxmlformats-officedocument.
                                                          spreadsheetml.sheet, application/vnd.ms-powerpoint, application/x
                                                          -mspowerpoint, application/vnd.ms-excel, application/x-msexcel, a
                                                          pplication/msword, application/pdf}
    WebReadyDocumentViewingForAllSupportedTypes         : True
    WebReadyDocumentViewingSupportedMimeTypes           : {application/msword, application/vnd.ms-excel, application/x-msex
                                                          cel, application/vnd.ms-powerpoint, application/x-mspowerpoint, a
                                                          pplication/pdf, application/vnd.openxmlformats-officedocument.wor
                                                          dprocessingml.document, application/vnd.openxmlformats-officedocu
                                                          ment.spreadsheetml.sheet, application/vnd.openxmlformats-officedo
                                                          cument.presentationml.presentation}
    WebReadyDocumentViewingSupportedFileTypes           : {.doc, .dot, .rtf, .xls, .ppt, .pps, .pdf, .docx, .xlsx, .pptx}
    AllowedFileTypes                                    : {.rpmsg, .xlsx, .xlsm, .xlsb, .tiff, .pptx, .pptm, .ppsx, .ppsm,
                                                          .docx, .docm, .zip, .xls, .wmv, .wma, .wav...}
    AllowedMimeTypes                                    : {image/jpeg, image/png, image/gif, image/bmp}
    ForceSaveFileTypes                                  : {.vsmacros, .ps2xml, .ps1xml, .mshxml, .gadget, .psc2, .psc1, .as
                                                          px, .wsh, .wsf, .wsc, .vsw, .vst, .vss, .vbs, .vbe...}
    ForceSaveMimeTypes                                  : {Application/x-shockwave-flash, Application/octet-stream, Applica
                                                          tion/futuresplash, Application/x-director}
    BlockedFileTypes                                    : {.vsmacros, .msh2xml, .msh1xml, .ps2xml, .ps1xml, .mshxml, .gadge
                                                          t, .mhtml, .psc2, .psc1, .msh2, .msh1, .aspx, .xml, .wsh, .wsf...
                                                          }
    BlockedMimeTypes                                    : {application/x-javascript, application/javascript, application/ms
                                                          access, x-internet-signup, text/javascript, application/xml, appl
                                                          ication/prg, application/hta, text/scriplet, text/xml}
    RemoteDocumentsAllowedServers                       : {}
    RemoteDocumentsBlockedServers                       : {}
    RemoteDocumentsInternalDomainSuffixList             : {}
    FolderPathname                                      :
    Url                                                 : {}
    LogonFormat                                         : FullDomain
    ClientAuthCleanupLevel                              : High
    FilterWebBeaconsAndHtmlForms                        : UserFilterChoice
    NotificationInterval                                : 120
    DefaultTheme                                        :
    UserContextTimeout                                  : 60
    ExchwebProxyDestination                             :
    VirtualDirectoryType                                :
    OwaVersion                                          : Exchange2010
    ServerName                                          : 501C-COOLIDGE
    InstantMessagingCertificateThumbprint               :
    InstantMessagingServerName                          :
    RedirectToOptimalOWAServer                          : True
    DefaultClientLanguage                               : 0
    LogonAndErrorLanguage                               : 0
    UseGB18030                                          : False
    UseISO885915                                        : False
    OutboundCharset                                     : AutoDetect
    GlobalAddressListEnabled                            : True
    OrganizationEnabled                                 : True
    ExplicitLogonEnabled                                : True
    OWALightEnabled                                     : True
    DelegateAccessEnabled                               : True
    IRMEnabled                                          : True
    CalendarEnabled                                     : True
    ContactsEnabled                                     : True
    TasksEnabled                                        : True
    JournalEnabled                                      : True
    NotesEnabled                                        : True
    RemindersAndNotificationsEnabled                    : True
    PremiumClientEnabled                                : True
    SpellCheckerEnabled                                 : True
    SearchFoldersEnabled                                : True
    SignaturesEnabled                                   : True
    ThemeSelectionEnabled                               : True
    JunkEmailEnabled                                    : True
    UMIntegrationEnabled                                : True
    WSSAccessOnPublicComputersEnabled                   : True
    WSSAccessOnPrivateComputersEnabled                  : True
    ChangePasswordEnabled                               : True
    UNCAccessOnPublicComputersEnabled                   : True
    UNCAccessOnPrivateComputersEnabled                  : True
    ActiveSyncIntegrationEnabled                        : True
    AllAddressListsEnabled                              : True
    RulesEnabled                                        : True
    PublicFoldersEnabled                                : True
    SMimeEnabled                                        : True
    RecoverDeletedItemsEnabled                          : True
    InstantMessagingEnabled                             : True
    TextMessagingEnabled                                : True
    ForceSaveAttachmentFilteringEnabled                 : False
    SilverlightEnabled                                  : True
    CalendarPublishingEnabled                           : True
    InstantMessagingType                                : None
    Exchange2003Url                                     : https://webmail.domain.com/
    FailbackUrl                                         :
    LegacyRedirectType                                  : Silent
    Name                                                : owa (Default Web Site)
    InternalAuthenticationMethods                       : {Basic, Fba}
    MetabasePath                                        : IIS://501C-COOLIDGE.domain.com/W3SVC/1/ROOT/owa
    BasicAuthentication                                 : True
    WindowsAuthentication                               : False
    DigestAuthentication                                : False
    FormsAuthentication                                 : True
    LiveIdAuthentication                                : False
    DefaultDomain                                       :
    GzipLevel                                           : High
    WebSite                                             : Default Web Site
    DisplayName                                         : owa
    Path                                                : C:\Program Files\Microsoft\Exchange Server\V14\ClientAccess\owa
    ExtendedProtectionTokenChecking                     : None
    ExtendedProtectionFlags                             : {}
    ExtendedProtectionSPNList                           : {}
    Server                                              : 501C-COOLIDGE
    InternalUrl                                         : https://501c-coolidge.domain.com/owa
    ExternalUrl                                         : https://mail.domain.com/owa
    ExternalAuthenticationMethods                       : {Fba}
    AdminDisplayName                                    :
    ExchangeVersion                                     : 0.10 (14.0.100.0)
    DistinguishedName                                   : CN=owa (Default Web Site),CN=HTTP,CN=Protocols,CN=501C-COOLIDGE,C
                                                          N=Servers,CN=Exchange Administrative Group (FYDIBOHF23SPDLT),CN=A
                                                          dministrative Groups,CN=501 C Services,CN=Microsoft Exchange,CN=S
                                                          ervices,CN=Configuration,DC=501c,DC=com
    Identity                                            : 501C-COOLIDGE\owa (Default Web Site)
    Guid                                                : 6f9ce45a-11f7-4e42-92cf-59767726b355
    ObjectCategory                                      : domain.com/Configuration/Schema/ms-Exch-OWA-Virtual-Directory
    ObjectClass                                         : {top, msExchVirtualDirectory, msExchOWAVirtualDirectory}
    WhenChanged                                         : 11/5/2011 12:26:04 PM
    WhenCreated                                         : 10/18/2011 11:06:26 AM
    WhenChangedUTC                                      : 11/5/2011 7:26:04 PM
    WhenCreatedUTC                                      : 10/18/2011 6:06:26 PM
    OrganizationId                                      :
    OriginatingServer                                   : Jefferson1.domain.com
    IsValid                                             : True

     

     

    Monday, November 07, 2011 2:05 PM
  • Just to follow-up on the Exchange 2010 Standard/iPhone 4 error:  "Exchange Account - Unable to verify account information." 

    Could the problem be that I don't have a 3rd party trusted certificate like Verisign? Can the self signed certificate work on iPhone 4?

     

    When I perform the www.testexchangeconnectiviy.com the error relates to SSL Certificate.

    Certificate validation failed.


    Relfe
    Monday, November 07, 2011 3:32 PM
  • This could be one of the reasons why iPhone is kicking you off all the time however. I would recommend try turning off your redirection of OWA page for some time and check what happens.

    I was looking at Exchange2003Uri value in the OWA vdir configuration and that seem to be okay as far as your mailboxes are on Exchange 2010 already. You might also want to trust the internal CA certificate on your iPhone store. Keep us posted about how it goes.


    Milind Naphade | MCTS:M (Exchange 2007 and 2010) | http://www.msexchangegeek.com RSS Feed
    Monday, November 07, 2011 4:41 PM
  • Hi,
    Here is my suggestions to you.

    Configure the right Exchange2003Url on the owavirtualdirectory
    Set-owavirtualdirectory owa* -Exchange2003Url https://webmail.501c.com/exchange

    Change the IP Address for autodiscover.501c.com so that it has the same one as mail.501c.com. Today it has the same IP as webmail.

    FBA Authentication doesn't seem to be configured on Exchange 2003. Make sure it is!

    For ActiveSync to work, you need a trusted certificate. That is also true if you are using Outlook Anywhere.
    I wouldn't get a SAN Certificate from Verisign, cause I think they are overprized.
    You can get a UCC certificate from Godaddy for 216$ (3year) and the names you seem to need is

    Common Name: mail.501c.com

    SAN1: mail.501c.com
    SAN2: autodiscover.501c.com
    SAN3: webmail.501c.com
    SAN4: 501c-coolidge.501c.com


    DigiCert has a nice tool to create the Certificate request that I recommend you to use.
    DigiCert's Exchange 2010 CSR Tool
    https://www.digicert.com/easy-csr/exchange2010.htm

    And last but not least, remove the redirection you have configured in IIS on the Exchange 2010 Server


    Martina Miskovic - http://www.nic2012.com/
    Monday, November 07, 2011 5:05 PM
  • After performing the above steps indicated by Ms. Martina, problem still the same - Unable to verify account information on iPhone 4.


    This problem still exist on newly installed Exchange 2010 and coexistent with Windows 2003/Exchange 2003 server.  All is working fine except Active Sync for users on Exchange 2010 database.  Users on Exchange 2003 are working fine so as Active Sync on Exchange 2003.

     


    Relfe
    Tuesday, November 08, 2011 2:50 PM
  • Hi Relfe,
    As far as I can see, you still don't have a trusted certificate installed.

    Have you run ExBPA?
    http://testexchangeconnectivity.com/
    Martina Miskovic - http://www.nic2012.com/
    Tuesday, November 08, 2011 2:55 PM
  •  

    I solved the problem by resetting virtual directory in CAS and creating a brand new Activesync.


     Thank you for reply. 

    Relfe


    Relfe
    Tuesday, November 08, 2011 6:13 PM