07-25-2014 02:55 PM
I am currently trying to setup an Exchange/Outlook email account for an employee at my work who just got a new Q10. The employee has an enterprise plan with AT&T and our company uses a BES server to forward Exchange email to all of our BBs. This is my first go around with a Q10 as before this we had been using nothing but Bolds.
The network admin created an account for the employee on the BES server and I went through the very easy setup process. I enter an activation code my admin gave me, the phone verified and went through all the setup prompts for the email account. At the end it asked to enter in an email password as the last step in setting the account up. I used the employees network password that they would use to login to a Windows AD network environment.
After entering in the network password it seems to have successfully created the account but with one problem...I get no emails coming into the phone. I've tried changing the password but it only accepts the network login password (which makes sense).
Our BES server is located out at a branch of our division on the West Coast while our location is on the East Coast. When we tried adding an employee out on the West Coast's email it worked perfectly fine. But out here, we can't get any email forwarded to our employee who does need this capability. We checked our firewall for any block RPC traffic and saw none.
Can anyone help? :-)
Solved! Go to Solution.
07-27-2014 06:06 PM
Ask your BESADMIN to check if the email profile has been assigned to your account ?
Also just in case...do the east and west coast use the same Exchange server?
07-28-2014 07:30 AM
I'm rockin the BlackBerry Passport, Z30, Z10, Q10, BlackBerry Mini Stereo Speaker, 64 gig PlayBook, BlackBerry Wireless Headset HS-700
07-28-2014 09:46 AM
Q10 will not work on BES 5, you need to install BES 10 or use active sync only
BESAdmin's, please make a signature with your BES environment info.
BES 12 and BES 5.0.4 with Exchange 2010 and SQL 2012 Hyper V
07-28-2014 09:55 AM
07-29-2014 11:20 AM
OK, I think I may have found the possible problem. I decided to check my Exchange server Event Viewer App log and found this:
Exchange ActiveSync doesn't have sufficient permissions to create the "CN=Guenard\, John,OU=Staff,OU=Users,OU=PA-Site,DC=edd,DC=l-3com
Active directory response: 00000005: SecErr: DSID-031521D0, problem 4003 (INSUFF_ACCESS_RIGHTS), data 0
Make sure the user has inherited permission granted to domain\Exchange Servers to allow List, Create child, Delete child of object type "msExchActiveSyncDevices" and doesn't have any deny permissions that block such operations.
I googled the error and found this article.
I attempted to run the resolution that it suggested but I am still getting the error. It seems to occur once exactly every hour. Has anyone ever run into this before?
07-30-2014 02:46 AM
Did you try this resolution ? Is this the only user affected?
To work around this issue, assign the Exchange Servers group the right to change permissions against msExchActiveSyncDevices objects. To do this, follow these steps:
Start Active Directory Users and Computers.
Click View, and then click to enable Advanced Features.
Right-click the object where you want to change the Exchange Server permissions, and then click Properties.
Note You can change permissions against a user, an organizational unit, or a domain.
On the Security tab, click Advanced.
Click Add, type Exchange Servers, and then click OK.
In the Apply to box, click Descendant msExchActiveSyncDevices objects.
Under Permissions, click to enable Modify Permissions.
Click OK three times.
07-30-2014 07:18 AM