iOS-Gerät (iPhone und iPad)

Barrier-free

This page contains alternative texts for images/graphics.

There are two ways to set up your Exchange account on your iOS device (iPhone and iPad). You can do this via a profile which you can download as iOS_Ex-Profil.mobileconfig. The alternative is to set it up manually.


Setup with profile

Open the profile and confirm with install. If you have configured a code, you must enter it in the following step.

Window Install Profile, left clickable Cancel, right clickable Install. Icon Gear, Exchange, Leibniz Rechenzentrum. Signed by, Not signed. Contains, Exchange Account. Accounts, right tip bracket to the right. In red font, Remove Downloaded Profile.


Then confirm the installation of the profile again.

Dimmed window Warning, left marked clickable Cancel, right marked clickable Install. UNSIGNED PROFILE. The profile is not signed. Overlaid by the small window, Install Profil, Clickable Cancel, marked clickable Install.




Now enter your Email address, in the example this is "Max.Mustermann@lrz.de".

Window Enter Email, clickable Cancel on the left, clickable Next on the right. ENTER YOUR EMAIL ADDRESS FOR THE EXCHANGE SERVER LRZ-EXCHANGE. Input field Max.Mustermann At lrz.de, right X-symbol for delete. Required by the 'Exchange' profile.


As the user name, enter your account together with the domain "ads" in the following form: "ads\account". In the example of Max Mustermann, it is "ads\di69soz".


Window Enter Username, clickable Cancel on the left, clickable Next on the right. ENTER YOUR USERNAME FOR THE EXCHANGE SERVER 'LRZ-EXCHANGE'. Input Field, ads backslash di69soz, right X-symbol for delete. Required by the 'Exchange' profile.

In the next step, enter the password of your account.

Window Enter Password, clickable Cancel on the left, clickable Next on the right. ENTER YOUR PASSWORD FOR THE EXCHANGE SERVER 'LRZ-EXCHANGE'. Input Field, emtpy, right X-symbol for delete. Required by the 'Exchange' profile.



The profile was added in the settings under "General" and "VPN, DNS & Device Management". Here you can also delete the account if you no longer want to have your Exchange account on your iOS device.

Left part, settings. Many items with icon and naming, individual separations by light gray bars. Selected General. Right part, Profile, left of it lace bracket to the left, back. Symbol gear, Exchange, Leibniz Rechenzentrum. Signed by, Not Signed. Contains, Exchange Account. Accounts, right point bracket to the right. In red font Clickable, Remove Profile.



Manual setup

Open the settings and select "Mail". For the Exchange account, select "Accounts" and "Add Account" and then "Exchange".

If this is the first account you are setting up, you can also do this from the Mail app.


Enter your Email, your Password and an (arbitrary) Description. Then select "Next".


Enter "xmail.mwn.de" as the server and your account and the domain "ads" as the user name. In the example of Max Mustermann it looks like this:


Once the settings for your account have been verified, the next step is to select whether you want to have only your emails on your device or also use the calendar and contacts. In the example, everything was selected.

Window Exchange, Cancel clickable on the left, Save clickable on the right. 5 items with icon, naming and on the right a slide switch turned on. Mail, Contacts, Calendars, Reminders, Notes.



Shared mailboxes

If you are using iOS 14 or 15, it is unfortunately not possible to include a shared mailbox on an iOS device. With iOS 16 it is again possible to include a shared mailbox.

Shared mailboxes cannot be included like an Exchange account. You have to include them as an IMAP account. 
It is also not possible to include the calendar of a shared mailbox on mobile devices.

Including a shared mailbox

Open the settings and select first "Mail" and then "Accounts". 

When you tap on "Add Account" you will get a selection of options on how to include your account. There you have to tap on "Other". You can add the mailbox via "Add Mail Account". 


Enter the information in the fields. For Email, enter the address of the shared mailbox. Be sure to use your own password and not the password of the shared mailbox.

Window New Account, left clickable Cancel, right clickable Next. Name, input field Musterteam. Email, input field musterteam At lrz.de. Password, input field empty. Description, input field Musterteam Shared Mailbox.



Incoming Mail Server:

Enter "xmail.mwn.de" for Hostname.

It is important to specify the user name in the following form:

ads\<your account>\<account of the shared mailbox>

Example: Your account is di69soz and the shared mailbox account is di69kim. The correct username is then ads\di69soz\di69kim.

Here you have to enter your own password again, if it is not already entered. In the example it is the password of di69soz.

Outgoing Mails Server:

For Host Name, enter "postout.lrz.de".

For the user name enter your own account, without the shared mailbox identifier or the preceding "ads\", and again your own password.

Window New Account, left clickable Cancel, right clickable Next. 2 alternatively selectable fields, selected IMAP, POP. Name, input field Musterteam. Email, input field musterteam At lrz.de. Description, input field Musterteam Shared Mailbox. INCOMING MAIL SERVER. Host Name, input field xmail.mwn.de. Username, input field ads backslash di69soz backslash di69kim. Password, input field emtpy. OUTGOING MAIL SERVER. Host Name, input field postout.lrz.de. Username, input field di69soz. Password, input field empty.





Encrypt and sign

In order to send messages signed or encrypted with S/MIME, you need a personal user certificate.

As a member of TUM, you can find information on how to apply for a certificate at https://www.it.tum.de/en/it/certificates/. If you have any difficulties in doing so, please contact the IT support of TUM (it-support@tum.de).

For the other institutions of the MWN, we are currently not aware of any way to obtain a personal user certificate.

Please pay attention to the correct format when downloading your certificate. Unfortunately, some operating systems (e.g. Windows, MacOS) only support TripleDES-SHA1.

For further information, please visit https://doku.tid.dfn.de/de:dfnpki:tcs:usercert#auswahl_des_key_protection_algorithms_in_formularen_fuer_p12-dateien.

Please note that the encryption method with S/MIME described here is not compatible with the PGP method which is especially widespread under Unix/Linux. PGP is not supported by Outlook and Outlook on the Web.

Briefly, the essential properties of signed and encrypted e-mails:

  • Signing an message ensures that it cannot be manipulated unnoticed on its way from the sender to the recipient. Whether the message is transmitted in encrypted form depends on whether the mail systems involved support transport encryption.
  • By encrypting an message, the content is already encrypted before it is sent and is therefore transmitted in encrypted form (and also stored in the mailbox in encrypted form) regardless of the properties of the mail systems involved. When working with encryption, it is essential to keep your own certificate (especially the private key) in a loss-proof manner, as otherwise encrypted messages can no longer be read - neither those you have encrypted yourself nor those you have received.

General preparations


Before you can sign or encrypt messages, you must import your user certificate to your device.

If you want to send digitally signed or encrypted messages from multiple devices, you must import the certificate on each of them. This also applies if you want to read encrypted messages on multiple devices.

Transfer your certificate to your iOS device, for example, via Email. Open the message and tap the attachment, then the following message opens: 


Smaller sign Inbox, right arrowhead up, arrowhead down. Symbol E in circle, Exchange-Admin, below To colon Max Mustermann, greater sign. Certificate. Framed field , symbol sheet of paper, PN_-_Max...-11-02.p12, 9 KB. Smaller Window in the middle. Profile Downloaded. Review the profile in the Settings app if you want to install it. Button Close.

Then install the certificate. To do this, open the Settings, as already described in the notification, and tap on "Profile Downloaded".

Settings. Marked Profile Downloaded, right greater-than symbol. 5 dots, each preceded by a symbol. Airplane Mode, right Switch off. WLAN. Bluetooth, right On. Mobile Data, Off. VPN, Not Connected.

Then tap Install and enter your password for the certificate. Then confirm twice more that you want to install the unsigned profile.


Window Install Profile, left clickable Cancel, right marked and clickable Install. Symbol clock gear, Identity Certificate Signed by, Not Signed. Contains, Certificate. More Details, right Larger sign. In red Font, Remove Downloaded Profile.



Window Profile Installed, right highlighted and clickable Done. Symbol clock gear, Identity Certificate. Signed by, Not Signed. Contains, Certificate. More Details, right Larger sign.






When you have successfully installed the profile, it will appear in the list of your profiles.

Now switch to "Mail" in the Settings and select "Accounts".
Then select your Exchange mailbox for which you have the certificate you just installed.

Left part, Settings. Many items with icon and naming. Selected Mail. Right part, Accounts, clickable on the left Smaller sign Mail. ACCOUNTS. iCloud. iCloud Drive, Stocks, right point bracket to the right. Selected Exchange. Mail, Calendars, Reminders, Notes, right point bracket to the right. Musterteam Shared Mailbox. Mail, right point bracket to the right. Add Account, right point bracket to the right. Fetch New Data, right Push point bracket to the right.

Now tap on your email address to open the mailbox settings.

Window Exchange, clickable on the left Smaller sign Accounts. Light gray bar with the text EXCHANGE. Marked line Account, right Max.Mustermann At lrz.de Larger character. 5 items with icon, naming and on the right a slide switch turned on. Mail, Contacts, Calendars, Reminders, Notes. Mail Days to Sync, right 1 Month, Larger sign. Auto reply, right Off Larger sign.

Then select "Advanced settings".

Window Account, left clickable Cancel, right clickable Done. Email, input field Max.Mustermann At lrz.de. Server, input field xmail.mwn.de. Domain, input field ads. Username, di69soz input field. Password, empty input field. Description, input field Exchange. Marked line Advanced Settings, right greater than sign.

In the Advanced Settings you will find the S/MIME options at the very bottom. To encrypt or sign, you have to assign your certificate here at both points.



Window Advanced Settings, clickable on the left Smaller sign Account. Use SSL, slider switch on the right. MOVE DISCARDED MESSAGES INTO, colon. Deleted Mailbox, right icon tick. Archive Mailbox. Drafts. Store Drafts on Server, slider switch on the right. S slash MIME. The following 2 lines are marked. Sign, right No greater than sign. Encrypt by Default, right No greater than sign.

Window Encrypt by Default, left clickable Smaller sign Advanced Settings. Encrypt by default, on the right marked enabled slider. CERTIFICATES. Marked line symbol tick, PN - Max Mustermann, right symbol i in circle, larger than sign.

Window Sign, clickable on the left Smaller sign Advanced Settings. Sign, on the right marked enabled slider. CERTIFICATES. Marked line symbol tick, PN - Max Mustermann, right symbol i in circle, greater sign.