SBS 2011 - Exchange 2010 Server und Windows 10 Mail App verbindet sich nicht

[Dirk-HH-83 14]

Hallo, 

 

Problem: SBS 2011 - Exchange 2010 Server und Windows 10 Mail App verbindet sich nicht mit u.g. Fehlermeldung:

 

Die EAS Richtlinien sind eigentlich auf DEFAULT.

Mit EM Client über Active Sync funktioniert es.

 

Falls dazu eine Idee besteht, danke für eine Info.

 

Gruß Dirk

 

https://support.office.com/en-us/article/This-device-doesn-t-meet-the-security-requirements-set-by-your-email-administrator-87132fc7-2c7f-4a71-9de0-779ff81c86ca?ui=en-US&rs=en-US&ad=US

 

 

 

This device doesn’t meet the security requirements set by your email administrator

If you see this message, see the possible causes below, then follow the instructions to resolve the issue and try syncing again.

For Mail or Calendar apps on your computer Your computer must be compliant with security requirements set by your email administrator

Check with your administrator about the policies that apply to your mailbox. Most of the policies can be automatically applied by Mail and Calendar apps, but there are certain cases where you need to take actions first, such as the items below:

• Make sure your user account has Administrator rights on the computer.

• Set strong passwords for all the Administrator accounts on the computer.

• Make sure all users on the computer can change their password.

• Disable guest accounts.

• Encrypt all partitions on the computer with encryption software.

Reboot your computer and try syncing after making these changes.

Password length and complexity supported by account types

Check with your email administrator to know the password policy values for your mailbox. Different account types have different levels of support for password length and complexity policies.

• MinDevicePasswordLength policy defines the minimum length of a password.

• MinDevicePasswordComplexCharacters policy defines the number of minimum character types that should be present in an account password to meet the security requirements. The character types are defined as:

  • Lower-case alphabetical

  • Upper-case alphabetical

  • Numbers

  • Non-alphanumeric

For example, if the value of MinDevicePasswordComplexCharacters is 2, a password with both upper case and lower case alphabetical characters would be sufficient, as would a password with lower case alphabetical characters and numbers.

Different account types have different levels of support for password length and complexity policies, as explained below.

Local accounts

Local accounts can support the full password length policy, but they can only support three character types, not the full four that Exchange Active Sync (EAS) protocol can specify. If an EAS policy is set to require four character types, all local accounts will become non-compliant. This is because the Windows operating system does not explicitly support choosing the number of complex characters in a password. Rather, it requires that passwords meet a certain complexity level. This complexity translates to three character types, therefore, an EAS policy that requires MinDevicePasswordComplexCharacters greater than 3 cannot be supported by Windows accounts.

Microsoft accounts

Your Microsoft account, (formerly known as Windows Live ID) is what you use with Microsoft devices and services. Microsoft accounts enforce a minimum password length of 8 characters and 2 character types in a password. Therefore, Microsoft accounts can comply if the MinDevicePasswordLength policy is set at less than or equal to 8 characters, and the MinDevicePasswordComplexCharacters policy is set at less than or equal to 2.

Non-compliance errors result if EAS policies are stricter than those that Microsoft accounts can enforce. To sync emails in this scenario, go to accounts settings and disconnect all your Microsoft accounts.

Domain accounts and Azure Active Directory Accounts

Domain accounts and Azure Active Directory Accounts are not evaluated locally for password policies that are set by EAS, because it's assumed that the EAS policies and the domain account policies belong to the same account authority. These policies include complexity, length, expiration, and history settings.

For Outlook Mail or Outlook Calendar apps on your mobile device

Your device must be compliant with security requirements set by your email administrator

Check with your administrator to see which policies apply to your mailbox. Most of the policies can be automatically applied by Mail and Calendar apps, but there are certain cases where you need to take action. For example, make sure to:

• Encrypt all partitions on your mobile device with encryption software.

• Reboot your device and try syncing after making that change.

Applies To: Outlook Mail for Windows 10, Outlook for Windows Phone 10, Outlook Calendar for Windows 10

 

[testperson 1.534]

Hi,

 

Autodiscover und Zertifikate passt? Exchange und SBS sind aktuell gepatched?

 

Gruß

Jan

[Sunny61 773]

Hier noch ein Link, der zeigt wie man die Build auslesen kann: http://blog-schulenburg.de/index.php/kategorie-als-blog/87-exchange-build-nummern