I came across this issue recently, where we migrated from a hosted Exchange 2010 server to an on-site Exchange 2013 server and Autodiscover would not fill out the server information on ActiveSync devices.
Setup is as follows:
- Single Exchange 2013 combined CAS/Mailbox/Front/Backend server
- Standard SonicWALL with normal NAT configured to the Exchange via it’s own dedicated IP
- UCC certificate for the domain *.comtoso.com
- Autodiscover SRV and A records pointed to the mail WAN IP of the SonicWALL
- All MX and Mail records pointed at same WAN IP
Setting up Outlook Anywhere seemed to work fine internally and externally. Going to www.testexchangeconnectivity.com and running the autodiscover testalso worked fine. It was green all the way to the bottom. On iOS and Android devices, you would put in the email address and password only to be prompted for the server name and additional credentials.
Most of the time, this can be attributed to inherited permissions (ADUC > User > Security > Advanced > Check Inherited Permissions), but in this case the users had the correct ones and were not any type of administrator. It came down to the default domain listed in the authentication type. Normally, you use Basic Authentication in IIS under ActiveSync and Autodiscover with SSL. If you go into IIS and edit the properties for Basic Authentication under ActiveSync and Autodiscover, you will find a field for default domain. Fill that out with “contoso” for contoso.com and save. Do an iisreset and try to add an ActiveSync device again. Remember to do this to the Default Web Site not the back end.