Configure iPhone for use with Exchange Server

Posted: June 14, 2010 in Exchange Server, Small Business Server 2008
Tags: , , , ,

With more and more people using iPhones and iPads for email collection we are seeing more problems arising from misconfiguration.

Preparation

  • The first thing to be aware of is that for ActiveSync to work correctly you must be using Exchange 2003 SP2 or higher.
  • There should be a commercial SSL Certificate installed.  Whilst it will work without a commercial certificate, it can be fraught with problems and for the sake of $60 for a SAN/UCC Certificate is it really worth the hassle?  See http://www.exchangecertificates.com for cheap SSL Certificates that will work with Exchange.
  • If still using Exchange 2003 then a SAN/UCC certificate is not required.
  • You will need to ensure that you have port 443 forwarded from your router/firewall to the internal IP address of your Exchange Server.
  • NOTE: Whilst ActiveSync can be configured to work without SSL this is not recommended as port 80 is required to be forwarded from your router/firewall to the Exchange Server.  Also all usernames/passwords/data transmitted between the portable device and Exchange will be in clear text and not encrypted.

Configuration

To setup the Exchange Server account on the iPhone or iPad we need to first select the Settings option.

From settings select “Mail, Contacts, Calendars” as highlighted in red in the image below.

You will then be presented with the screen below.  From here select the Add Account option.

Once selected you will then see the screen below that will display all the options for setting up email accounts on your iPhone.  The one we want is Microsoft Exchange.

Once we have selected Microsoft Exchange you will be presented with the screen below that will ask you for some details regarding your account.

In this screen, you will need to enter your email address, username & password.  I normally enter the email address as the username thus negating the need for the domain name.

If you find this method does not work then you will need to enter the NETBIOS domain name associated with this Exchange Server.  You can find this by right clicking on the user using Active Directory Users and Computers and select properties.  Then under the Account tab the NETBIOS domain name will be listed.  If you enter the domain name on this screen then the username should also be the one that appears on the accounts tab.

Once you have entered the details press Next, at this point the iPhone will attempt to autodiscover your Exchange Server details.  If this fails then you will be presented with the screen below.  Please note it is not unusual for the first check to fail.

If you see the screen above then it might be a little confusing as it looks very similar to the previous screen.  What we have here is the option to enter the server information.  This is the same details that you would use for Outlook Web Access.  So if you use https://outgoing.gkvirtualdomain.co.uk/owa for OWA then the server information you would enter here would be outgoing.gkvirtualdomain.co.uk.

Once you have entered this press Next.

At this stage if you are using a self-signed certificate you will be presented with a certificate dialog box and you must select “Accept”.  If your account has been successfully configured you will see the screen below that will allow you to select what options to synchronise with Exchange.

Further Reading

There are known problems with administrative users when using ActiveSync and this has been covered in an article here by Alan Hardisty: http://alanhardisty.wordpress.com/2010/03/05/activesync-not-working-on-exchange-2010-when-inherit-permissions-not-set/

Troubleshooting ActiveSync with Exchange 2003: http://alanhardisty.wordpress.com/2010/02/28/exchange-2003-and-activesync-configuration-and-troubleshooting/

Advertisements
Comments
  1. Nick says:

    You state in your article that “If still using Exchange 2003 then a SAN/UCC certificate is not required.”

    Are you impying that if you use Exchange 2007 or above then a SAN/UCC certificate is required?

    Thx.

    • demazter says:

      The SAN/UCC certificate requirement is a requirement for Exchange 2007 and newer. Itsnot an iPhone requirement.

      There are ways around the requirement for a SAN/UCC certificate but it’s not overly reliable and it’s not a default configuration which could make it difficult to support.

      Fir the sake of $60USD is it really worth the hassle? Visit http://www.exchangecertificates.com formore information on cost.

  2. […] Configure iPhone for use with Exchange Server « Demazter’s Blog […]

  3. Do I need to add a new certificate called autodiscover.domain.com? I’m only have the one I use for owa and rww called remote.domain.com

    • demazter says:

      No, it’s not necessary, you can just use the remote.domain.com.
      All it means is that the autodiscover won’t work and you will have to make the configuration manually.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s