how to resolve IMAP connection problems between Exchange and the iPhone





My Exchange and iPhone setup

Here are the relevant details to my scenario in my test lab:

Exchange 2007 Server with POP3 and IMAP services configured
Client Access Server (CAS)
Mailbox Server
iPhone with many mailbox accounts configured for ActiveSync, POP3 and IMAP.
No certificates configured for my Client Access Server


OK. I know that no certificates on my, or for my, CAS is not best practice. But I understand the risks and this is my test lab.

If your scenario is similar to mine then I hope that this document is useful. To successfully work through this document, you will need to have administrative access to your Exchange Server. If you don't, then you may need to enlist the help of your friendly Exchange Administrator.







Troubleshooting an IMAP Account on the iPhone


You'll no doubt remember this familiar error message:



























The first step is to test whether the iPhone can actually connect to the server.

To do this, you'll need to start troubleshooting from the iPhone itself. We will test three areas, as follows:


1. Whether the iPhone can resolve your server name

2. Whether the iPhone can ping your server

3. Whether the iPhone can connect to the server


To do this, you'll need to download some apps to your iPhone.



You will test connectivity using the cellular network. Please turn off WiFi on the iPhone. You might later need to repeat these tests using WiFi if you want to test connectivity with WiFi enabled - useful if you are at home or at the office. You might need to test using only WiFi if you are working with an iPod Touch.




Whether the iPhone can resolve your server name

1. On the iPhone, find the free app 'DNS Lookup' from Nettica and install it.

2. Run DNS Lookup (see picture below)
DNS Lookup will use the DNS servers that your iPhone is already configured up for.



























3. Enter a Server IP address, or a server name.
This will be the server you already have configured on the iPhone, the Host Name.


If the app is able to resolve your server to an IP address, then the iPhone has passed the first test.

But if the app can't resolve your server name then you should check the following to get the iPhone to pass this test:

a) Can the iPhone currently browse the internet?

b) Can DNS Lookup resolve a well known address - news.bbc.co.uk?

c) Is the server name or IP address correct?





Whether the iPhone can ping your server

This test may fail if your network (where your Exchange Server is) is set to ignore ping requests. It's worth performing this test for any information that may be gleaned and for completeness.


1. Find and install Ping Lite to the iPhone. See shot below.



























2. Click on the Ping button.

3. In the resultant screen, paste in the IP address you obtained from the previous test and click the 'Start' button.


Examine the output. If all four packets were received by the server then this is good; it further proves connectivity between your iPhone and the server. But if all packets fail, then this may simply be because your IT department has configured their routers not to respond to ping requests. We move on to the final test.





Whether the iPhone can connect to the server

You'll need a telnet client. A telnet client will allow us to test whether it is possible to connect directly to the Exchange Server from the iPhone.


1. On the iPhone, find the free MTelnet app and install it.

2. Run MTelnet on the iPhone (see image below)


























3. Click on the Menu button to configure a connection.


4. Click on one of the empty connections (see image below).


























5. You should see a window like below.



























6. Enter a Server IP address, or a server name.
This will be the server you already have configured on the iPhone, the Host Name.


7. Enter 143 as the Server Port.
This is the standard, non-secure port that IMAP communicates on. There is no need to enter a User, Password, or any other field.

8. Click Connect.


If you get an error at this stage then the iPhone actually can't reach your server.


Possible reason:
Port 143 is blocked by a firewall or router at the edge of the Exchange Server network.
You will need to verify this yourself if you are responsible for your own network, or by contacting someone responsible for the network. Most organisations will block ports, leaving open only those that are necessary. Those ports are then secured using some form of authentication. Port 110 is not normally a common port that is opened and you might need to negotiate.


But if you do connect at this stage, then you will see a message from the Exchange Server.
You will have proved that the iPhone can indeed connect to the server and that that generic message from the iPhone - The connection to the server "SERVER NAME" failed - is not quite true.




So, ignoring that error message as such, your next test is to try to log in to the server from your telnet connection on the iPhone.




Logon to the Exchange Server IMAP service


You'll need to remember the IMAP command I discussed earlier, the login command.

1. Follow the instructions above and connect to your Exchange IMAP server.
You should find yourself at something like the screen below.
























2. Tap the keyboard icon and type
blah login user_logon_name password and tap the return button.

So, if you logon to your computer as SLJACKSON then you know that you'd better type in:
blah login SLJACKSON password

If, when you tap return, your entry is accepted, then you can move onto Step 3 and try your password.



If on completion of these two steps you are able to login, then there would seem to be nothing wrong, and all is working between the iPhone and your Exchange Server.

Steps to try: Try to delete the Account on the iPhone and recreate it again, taking care with your user name and password.


But if you get an error and you can't login then this might indicate that the Exchange Server IMAP service is not set to accept passwords in clear text.

As mentioned before, not having any form of security or authentication for your login process is not 'best practice'. You would not want to perform this next step, or present this method in your production network if one of your key aims in life is job security. But for your own personal network, or a test lab, this may well be acceptable.


To set up Exchange Server 2007's IMAP Service to accept plain text, follow the following steps:

1. On the CAS, start the Exchange Management Shell
2. Type in Set-ImapSettings -LoginType PlainTextLogin
3. Restart the Exchange 2007 IMAP service


Repeat the login tests as shown above with Telnet on the iPhone.
You should find that you will not encounter that -ERR message again.

If you can now login successfully using Telnet Lite on the iPhone then you should find that your Mail Account will now work.


But if you still get an error, it is likely to be this one:

blah NO LOGIN failed

I believe that this telnet error is equivalent to Apple's error message below:




























As I might have mentioned before, I'm not sure why this error occurs. Somewhere, it would seem that the password is possibly cached somewhere. At a guess, it is cached on the iPhone and this cache perhaps gets corrupted, causing this error message.

One way that I've found always works to correct this is to reset the password on the server. Follow the steps below (don't worry, you are nearly there).

1. Logon to a domain controller, or the Exchange Server
2. Using ADUC, locate the affected user
3. Right click on the user's entry and choose to reset the password

You can reset the password to the same password as before (unless a policy prevents this).

You might have to wait for replication to occur, although password changes are usually very quick. Now try to access the mailbox using the Mail app on the iPhone.



If you are this far, then this last stage should work and all is well.

Your ability to connect to an IMAPService on an Exchange Server is restored and you'll be able to receive incoming messages from the server. Problems with sending messages (via SMTP) are outside the scope of this document.

But if this document hasn't quite solved your problem, then hopefully the troubleshooting steps that you have taken will bring you closer to finding your solution.


Copyright 2010 Cairos Computing Limited
Help Computing is a trading style of Cairos Computing Ltd.
Privacy Policy
Terms and Conditions
What are we
up to?
We'll write about the sorts of things we get up to. It'll be a slightly techy read, but we'll try our best to make it readable!

There'll soon be lots of top tips for the technically minded too.

Want to know more? Click the icon above..
Troubleshooting those error messages for IMAP is a similar process to POP3. But the commands are different and the port numbers are different and so I feel it would be clearer to have a separate page for IMAP.

IMAP is a more advanced version of POP3 and a key difference - at least as far as we are concerned - is in the login commands. Where POP3 used USER and PASS, IMAP uses the login command.

IMAP also uses a 'tag' that must prefix any command the client issues to the server. This tag can be any string you like. The IMAP service uses it as a way of keeping track of several connections to itself. When it responds to your command, that response is also prefixed with your tag.

So, I could type in

blah login sljackson password

Where blah is my tag. And if I got the password wrong then the service would reply with

blah NO LOGIN failed

The blah tag lets me know that its reply was in response to my command. Just so I know it was talking to me!


Related Links
Troubleshooting POP and Exchange and iPhone connectivity problems
Troubleshooting Exchange ActiveSync and iPhone problems
helpcomputing
If you and your computer are in or around London, we could help!