Exchange 2016 HMA - Unable to sign into outlook for iOS/Android

Michael Herman 0 Reputation points
2024-04-24T15:50:34.6666667+00:00

Hi,

My organization is using Exchange Server 2016 CU23 Apr24HU. We have established a hybrid configuration with our GCC tenant. Recently we are no longer able to log on-premises users into the outlook mobile application. They authenticate successfully and then are prompted saying no mailbox was found for this user in the gov community cloud, would you like to add as an exchange account?

If I click add as exchange account, I am then prompted to sign in using basic authentication. I have tried with multiple accounts and multiple different devices both iOS/Android. Our exchange server is updated to the latest available version. I have verified all necessary ports have been opened.

Outlook mobile previously worked with HMA. I have approximately 25 users who have successfully used HMA to sign into the on-prem exchange mailbox with outlook mobile. These 25 users who previously setup outlook mobile is able to still authenticate and connect to their mailbox. New users who have not previously setup outlook mobile are unable to add their mailbox due to the error previously provided.

HMA is functioning as intended for desktop client users, only mobile users seem to be affected at this time.

Thanks for any help you can send my way! This has been an issue for about 2 months. The only change I can thing of in my environment is related to Exchange Extended Protection.

Outlook
Outlook
A family of Microsoft email and calendar products.
3,007 questions
Microsoft Exchange Hybrid Management
Microsoft Exchange Hybrid Management
Microsoft Exchange: Microsoft messaging and collaboration software.Hybrid Management: Organizing, handling, directing or controlling hybrid deployments.
1,896 questions
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Noah Ma-MSFT 610 Reputation points Microsoft Vendor
    2024-04-25T09:02:08.68+00:00

    Hi @Michael Herman,

    According to your description, I suggest you check whether the user's email address/SMTP and login address/UPN match. Based on my experience, if the two do not match, it will cause login problems:

    1. Check email address/SMTP: · In the EAC, navigate to Mailbox under Recipient Configuration. · Find and select the corresponding user mailbox, select "edit". · In the "Email Address" tab, you can see a list of all the user's email addresses, including the primary SMTP address, which is usually shown in bold and preceded by the "SMTP:" prefix. A screenshot of a computerDescription automatically generated
    2. Check the user login address/UPN: · In Active Directory Users and Computers (ADUC), find the corresponding user account, right-click and select "Properties". · In the "Account" tab, you can see the user's login name and domain, which is the user's UPN. A UPN is usually in a format like an email address, such as "[user@domain.com]".

    User's image

    If you have any questions, please feel free to contact me.