Fix Exchange Online Blocking Outlook Mobile

Microsoft rolled out a virtual account change to Exchange Online that broke Outlook on mobile and Mac for thousands of users. They pulled it back, but some mailboxes are still affected.

In late March 2026, Microsoft pushed a "virtual account" infrastructure change to Exchange Online. The update was supposed to improve mailbox security, but it started blocking legitimate access from Outlook for iOS, Android, and Mac. Users got authentication errors or simply couldn't load their inbox.

Microsoft tracked this as incident EX1256020 and retracted the change after widespread reports. Most mailboxes recovered automatically, but some are still stuck.

Check If You're Affected

If Outlook mobile or Mac suddenly can't connect while Outlook desktop and OWA work fine, this is likely the issue.

Verify the mailbox is accessible via Exchange Online PowerShell:

Connect-ExchangeOnline
Get-Mailbox -Identity user@yourdomain.com | Select-Object DisplayName, IsMailboxEnabled, RecipientTypeDetails

If the mailbox shows enabled but mobile clients can't connect, check for active blocks:

Get-CASMailbox -Identity user@yourdomain.com |
    Select-Object ActiveSyncEnabled, OWAforDevicesEnabled, PopEnabled, ImapEnabled

Both ActiveSyncEnabled and OWAforDevicesEnabled should be True.

Fix 1: Re-enable Mobile Access

If either value is False:

Set-CASMailbox -Identity user@yourdomain.com -ActiveSyncEnabled $true -OWAforDevicesEnabled $true

Fix 2: Clear the Mobile Device Partnership

Sometimes the device partnership itself gets corrupted during these backend changes:

# List mobile devices for the user
Get-MobileDevice -Mailbox user@yourdomain.com | Select-Object FriendlyName, DeviceType, FirstSyncTime

# Remove a specific device partnership to force a clean re-sync
Remove-MobileDevice -Identity "user@yourdomain.com\ExchangeActiveSyncDevices\..."

After removing the partnership, the user needs to re-add their account in Outlook mobile. All mail will re-sync from the server.

Fix 3: Wait for Microsoft's Rollback

Microsoft retracted the virtual account change. For most tenants, mailboxes should recover within 24-48 hours without intervention. Check the Microsoft 365 Service Health dashboard for EX1256020 status:

Go to admin.microsoft.com
Navigate to Health > Service health
Search for EX1256020

Verify

After applying fixes, confirm mobile access is working:

Get-CASMailbox -Identity user@yourdomain.com |
    Format-List ActiveSyncEnabled, OWAforDevicesEnabled, EwsEnabled

All three should show True. Have the user close and reopen Outlook mobile to force a fresh connection.

Fix Entra AADSTS50053 Account Locked - Resolve Entra ID smart lockout blocking legitimate logins
Fix Teams Error CAA20003 - Clear cached credentials when Teams can't sign in
Fix Exchange Database Mount Error - Troubleshoot on-prem Exchange mount failures

Microsoft 365 giving your team headaches? Contact Rain City Techworks.

Check If You're Affected

Fix 1: Re-enable Mobile Access

Fix 2: Clear the Mobile Device Partnership

Fix 3: Wait for Microsoft's Rollback

Verify

Related Posts