Today is June 25, 2024, and I am writing this post after a week of troubleshooting the Outlook mobile application. To make a long story short, let’s get straight to the point. There was an Exchange Server 2019 with Exchange Online Hybrid.
- Latest CU
- Full Hybrid
- No HCW errors
- Azure Application Proxy for Publishing Exchange
One month ago, Exchange Server 2019 replaced Exchange Server 2016. The migration was done because the company still wants to keep some mailboxes on-premise.
When the migration was finished, some mailboxes could not connect to Exchange On-Premise with the Outlook mobile application. (for iOS and Android)
The error was – Unable to login.
At the same time, it is worth noting that all other Active Sync Applications worked well for these accounts, and before migration, this account also worked with Outlook Mobile.
My troubleshooting logic was the following.
- Make sure that problematic accounts can’t connect from any device.
- Make sure that normal accounts can connect from problematic end-user devices.
- Check if problematic accounts have no admin permissions and blocked permissions inheritance.
- Compare mailbox settings for problematic accounts and normal accounts. (CAS Settings, AD DS attributes)
- Eliminate the potential effect of conditional access policies. (excluded problematic accounts from everywhere)
- Eliminate the possibility of mailboxes having physical breakage. (Moved mailboxes between databases, reconnected mailboxes between users)
- Remove all old mobile devices from user mailbox settings to avoid the number of device limitations.
- Change the password for problematic accounts and read Holly’s Bible.
Nothing has been successful 🙁
IIS Log analysis showed that a client (to be accurate, Outlook Mobile App Service) comes once, and no errors appear, but the communication does not resume.
2024-06-24 17:48:18 192.168.24.227 OPTIONS /Microsoft-Server-ActiveSync/default.eas Cmd=Options&User=adm_irud%40domain.com&DeviceId=OPCC29BE299DCC49E0D38C2C2E62EEF6&DeviceType=Outlook&CorrelationID=<empty>;&cafeReqId=f9841430-9592-4734-a9d1-85711ebb9b20; 443 adm_irud@domain.com 192.168.24.227 Outlook-iOS-Android/1.0 – 200 0 0 78
Outlook Mobile does not connect directly to your email server. Instead, it uses a service architecture where the app communicates with Microsoft Cloud services, which connect to your email server.
Using Outlook Mobile, your email data is routed through Microsoft’s cloud services. This means the app connects to the Microsoft cloud rather than directly to your on-premises email server (like Exchange) or cloud-based email service.
It is a long story that you can read here
Guys from Microsoft confirmed that there is an Outlook Mobile Cache Issue:
But how long should we wait before they fix it? If they fix it.
So, in my case, we found a workaround!
We changed the user principal name of problematic users, and it helped. Even adding any symbol to a username fixes the issue. But if you reverse it, it stops working again.
I hope this story saves some time, somebody.
Mit Freundlichen grüßen
Ilia Rud