Question

Q: Connect WP8 via Exchange Active Sync does not work

I would like to connect a WP8 HTC 8X to our corporate environment, but we are not successful!!!

We connect via EAS with the policy that the device should have a strong password and device encryption. In Exchange 2010 we have switched off the option: "allow any unprovisional devices". From security we want to control that devices who connect comply with our secpol.

WP8 does not connect and we get a generic error 86000C29 and nothing in the log files.

 

We don't want to deploy certificates first as this would require an MDM solution. EAS should be the easy way to deploy BYOD devices.

 

Bart



* Please try a lower page number.

* Please enter only numbers.

* Please try a lower page number.

* Please enter only numbers.

Hi UnDutchable,

 

Thank you for posting on the forum.

 

We are currently investigating your issue. Thank you for your patience and understanding, and we will post back when we have some news.

 

Kind Regards,
Sheena M.

Did this solve your problem?

Sorry this didn't help.


I too have this problem with WP7 (& now WP8) at my work organization. My wife's WP7 has worked on her organization's Exchange (2010) for 2 years from the get go. However, the encryption level required by my organization has prevented my WP7 from working with my work email, etc.

 

I really really thought MS would fix this with WP8. Until they do, they are alienating thousands of potential customers. I know of 3 colleagues already who have been turned off of WP because of this reason. To put it in perspective, our organization is >20,000 employees.


This needs to be resolved ASAP if MS really is sincere about going after the enterprise market with mobile. It seems they have thought about it when it comes to W8 and tablets, but they are ignoring the most compelling part of the mobile picture: SMARTPHONES.

 

Did this solve your problem?

Sorry this didn't help.


WP8 supports strong password and device encryption.

Please correct me if I'm wrong, but from my understanding, a non-provisional device is a device that can't enforce some EAS settings. If that's the case, wouldn't all EAS clients be non-provisional since no one OS can enforce all of EAS's policies?

 

I'm trying to find more documentation on this and more about WP8+EAS, but having some difficulty.

"No matter where you are, everyone is connected"

Did this solve your problem?

Sorry this didn't help.


An unprovisional device is at least a device who does not accept the settings of EAS, or does accept it, but does comply to it. So if EAS enforces 8 characters password and the device just accepts a 4 digit pincode as well to unlock the device.

 

But at least good news, we have found the real bug in Windows Phone 8!!!

 

The bug in WP8 OS which results in failing ActiveSync activation is the setting of a policy: " keep emails on the device for n days" If this policy is set to a different value but "umlimited" no EAS connection is possible.

 

We have set this policy to 30 days which did block the EAS activation. For now we have set the policy to unlimited and we can connect via EAS.

 

Microsoft Germany has confirmed this is a bug.

Did this solve your problem?

Sorry this didn't help.


An unprovisional device is at least a device who does not accept the settings of EAS, or does accept it, but does comply to it. So if EAS enforces 8 characters password and the device just accepts a 4 digit pincode as well to unlock the device.

 

But at least good news, we have found the real bug in Windows Phone 8!!!

 

The bug in WP8 OS which results in failing ActiveSync activation is the setting of a policy: " keep emails on the device for n days" If this policy is set to a different value but "umlimited" no EAS connection is possible.

 

We have set this policy to 30 days which did block the EAS activation. For now we have set the policy to unlimited and we can connect via EAS.

 

Microsoft Germany has confirmed this is a bug.

Which policy are you referring to? I don't see any option to "keep emails on the device for n days" in the EAS policy in the EMC.

Did this solve your problem?

Sorry this didn't help.


all i know is that my WP7 or WP8 device will not connect to our organizations EAS which requires device encryption. My wife's organization also runs Exchange 2010 and does NOT require encryption. Hers works great. My WP7 & 8 have consistently not. Our IT could only get it to work by selecting the allow it as a non provisional device which cannot be allowed long term per policy.

 

If WP8 supports device encryption and strong password protection then I'd love to get to the bottom of this and start using my 920. Otherwise it might have to go back. I am not IT by profession. Just an end user trying to get to the bottom of this. A lot of IT always blame it on the device after fiddling with it for a couple of hours.  but I'm not so sure and I'm the one who would like to use my WP7/8 MS device on our MS Exchange.  Just doesn't make sense.

Did this solve your problem?

Sorry this didn't help.


I found that the policy option "Require encryption on storage card" was the one causing this error on my HTC 8X.  If I remove that option but leave all other options enabled including "Require encryption on device" it syncs fine.  This is on the EAS policies BTW, Im going to try to file it as a bug report with my MS rep.
peter

Did this solve your problem?

Sorry this didn't help.


I found that the policy option "Require encryption on storage card" was the one causing this error on my HTC 8X.  If I remove that option but leave all other options enabled including "Require encryption on device" it syncs fine.  This is on the EAS policies BTW, Im going to try to file it as a bug report with my MS rep.


Our IT tried this as well but it did not help. They wondered whether it was an issue where early WP7 had SD slots a d ma h later ones did not.

I believe they built the EAS from the ground up for my 920 to no luck in getting it to work unless the allow non provisional device option was checked.

Did this solve your problem?

Sorry this didn't help.


I really, really hope that the 920 replies that it does support encryption on the storage card - because it doesn't have one - because the chances of getting the corporate beast I am looking to sync with to change it's requirement on that policy are effectively zero.

Did this solve your problem?

Sorry this didn't help.


I wouldn't count on it.  I heard back from my MS tech specialist and apparently this is a bug and the product team is working on it.

I however am an admin for a corporate beast and prefer to give my users a choice so Ill be pushing to have an option to allow devices without an SD card the ability to sync with a custom policy.  We have seen growing demand for WP in our environment and don't like to say no to our users when it doesn't really make sense.  
peter

Did this solve your problem?

Sorry this didn't help.


* Please try a lower page number.

* Please enter only numbers.

* Please try a lower page number.

* Please enter only numbers.

 
Question Info

Views: 6,675 Last updated: February 24, 2018 Applies to: