I decided this morning to test the Exchange ActiveSync connection on my HTC Hero. I went through the account settings and authenticated with the server successfully, specified the data I wanted to sync, and then, when it came to finalizing the settings, it failed with the following error:
Failed to create the account. Please try again later. "
Great. Well, it definitely authenticated fine, so what's the problem? A little further digging and I discovered that this was down to a security setting I use on my Exchange server which forces mobile ActiveSync users to specify a PIN number on their phone to add an additional layer of security on the phone. It seems the HTC Hero can not deal with sending back your encrypted password. So, if you use SSL with your web-facing Exchange server, you will not be able to connect without either turning off the mobile users password policy requirement, or, I assume, using a certified web certificate. Either turning off SSL or turning off the password policy is a particularly good idea, and I daresay if you ask your IT department to do it they'll laugh you out of their office (I know I would), so the best option would be to ask your IT admins to arrange for a web certificate. In the interests of covering all the options for this guide though, I'll detail the method of excluding specific users from the password policy-
* Open Exchange System Manager
* Expand Global Settings and then right click on Mobile Services and choose Properties
* Click the Device Security button
* The "Enforce password on device" tick box is the culprit here, but it's better to turn it off for one specific user rather than the whole domain, so push the Exceptions button
* Push Add and select the user you want added to the exception list
* Push OK three times to get back to Exchange System Manager and you're done
OK, now that's out of the way, the following guide details the method for setting up Exchange ActiveSync on Android. It's based on my HTC Hero, but it should be a similar process for other Android devices.
* Tap the Mail icon then tap "Microsoft Exchange ActiveSync"
* Enter your email address in the top field and your Active Directory password in the second field
* Tap "Manual Setup"
* Enter the full Exchange server gateway URL (or IP address) in the "Server address" field (eg: mail.yourdomain.com)
* Enter your Active Directory domain, you'll probably need to use the full domain name (eg: yourdomain.local). Your domain admin will be able to provide you with these details
* Enter your Active Directory username and password in the relevant boxes
* If your domain uses SSL (again, your domain admins will be able to tell you), make sure you tick the "This server requires an encrypted SSL connection"
* Click Next and the phone will say "Verifying account information …"
* If the connection succeeds, you'll be asked to specify what you would like to synchronize from Mail, Contacts, and Calendar. If it does not succeed, you'll probably have entered in some information incorrectly, go back and re-enter everything. If it still does not work, contact your IT department
* Hit Finish Setup and the phone should begin to sync your mail
Hopefully, the Exchange SSL issue will be fixed in future updates, but I would not hold your breath on that.