On the device within any mail client, the user keeps getting prompted for password over and over. Although the correct password is keyed in, we see an error within a dialog box that states
"Password Incorrect" and when we send an email we get "An error occurred while delivering this message"
The Customer is leveraging the AirWatch Secure Email Gateway.
The images below display the exact screens on the device.
Within the SEG server, we observe some errors in the Web Listeners logs.
There could be range of reasons. Some are listed below.
- Exchange does not have required Authentication Enabled.
- SEG does not have required Authentication Enabled.
- Ensure that Basic Authentication is enabled on the Exchange Server for the Microsoft Server Active Sync Endpoint.
- Ensure that Anonymous Authentication is enabled for the Endpoints on the SEG.
There could be other reasons for this issue. To identify the cause for such a problem. The Weblistener logs on the SEG, the Failed Request Tracing logs on Exchange should provide information about the reasons why we are getting these errors.
In this current issue, the error code was 401 Unauthorized. Enabling and inspecting the Failed Request Trace logs on exchange revealed that access was denied. We were attempting to authenticate using credentials, hence checking the authentication settings on the MSA endpoint revealed that Basic Authentication was disabled.
The image below displays the screenshot of the Failed Request Trace.
The error shown here is HTTPStatus 401 with Substatus 2. That is a 401 2. Researching about a 401 2 in MSDN, IIS blogs revealed the information below.
Error message 401.2.: Unauthorized: Logon failed due to server configuration Verify that you have permission to view this directory or page based on the credentials you supplied and the authentication methods enabled on the Web server.
Enabling Basic Authentication on the MSA endpoint got things rolling.