Related
I run an SMTP mailserver at home through which I can send my emails from whichever network I'm connected to (home ISP, office ISP, mobile GPRS, WiFi hotspot etc.). Naturally it's a secure SMTP server with simple username/password authentication.
On my XDA2 I used a little freeware email client called nPOPw which worked really well (fast, reliable, simple) to send/receive emails but I'm experimenting with PocketOutlook since it's easier to use with the Exec's keyboard and I thought that maybe things had improved in WM5.
But I can't get PocketOutlook to work with my mail server. It receives mail OK (from the same server with the same auth details) but it won't send through the server. I just keep getting prompted for SMTP auth username/password/domain info. Can anyone suggest a reason and solution? Thanks in advance.
nPOPw can send/receive over my WiFi network with no problems, so it's not a network connectivity or a DNS problem. My mailserver is Kerio on a Win2K box with a fully qualified host name. Everything works. Except POutlook.
I'm trying to synchronizise with the exchange server at my work.
But for some reason it doesn't work. I've filled in everything in the right way (address, domein etc.) the fault code is 80070002.
Can somebody help me with this?
same here at home (no firewalls)
Works fine for me. Exchange server needs just some configuration.
Priit said:
Works fine for me. Exchange server needs just some configuration.
Click to expand...
Click to collapse
What kind of configuration?
First, your Outlook Web Access (yes, OWA!) can not use forms based authentication nor SSL encryption. If you don want to use these (you most probably want to use SSL) then you need to create another virtual OWA directory without SSL and force ActiveSync (and Outlook Mobile Access) to use it.
More information at
http://support.microsoft.com/default.aspx?scid=kb;en-us;817379
Check if you can access OMA (Outlook Mobile Access) using http://yourserver/oma and check also Exchange server logs.
I thought this wasn't supported on WM5 until AKU 2.0 comes out (hopefully soon)
So ur saving I have to turn Forms authentication off and ssl off on OWA for my mobile device to work ?
sounds a bit of a poor show.
I need Forms based auth ideally as it goes through firewalls where as the other type does not.
Ours works here and we use SSL.
For the server name make sure you are using the fully qualified domain name that you use from the internet. IE: mail.domain.com. You don't have to put the /exchange on the end.
username, password and domain are all the same as what you use to log in.
OH, and the certificate you use on the server should be for mail.domain.com and not servername.
Hope this helps.
@spartanrob: DirectPush needs AKU2.0. You have always had possibility to sync manually. Or if your operator provides e-mail to SMS then you have the same functionality already today.
@Karzi:
No, I'm not saying you have to turn off SSL and/or forms-based auth., but you need to create another virtual OWA directory, which does not require SSL and forms-based authentication. You can limit access to this directory to localhost only so there will be no security concerns.
@MrHappy:
Your server is probably set up in that way.
Please go read this it helped me with the same error
http://hardware.mcse.ms/archive35-2005-11-248477.html
Basicly says that you have to download the cert from https://server.domain.com/certsrv then install the certificate on your desktop and your handheld then activesync will work....
I was hesitant but it worked for me.... it changed the path in the cert from my ip to my server.domain.com
I would like to kno if anyone in xda was able to address the problem with the wm5 client address on a forum i read about, i beleive i am havin the same problems
"the Pocket tv team"
we found a bug with the Windows Mobile Email client that prevents using
certain SMTP servers.
i suspect the bug is general to all Windows Mobile devices including Pocket
PCs, but we only tested it and confirmed it on the Motorola Q (a Windows
Mobile 5.0 Smartphone).
the bug prevents using some login names on SMTP servers (i.e. outgoing
email) that require a user name DIFFERENT from the POP3 ou IMAP4 server
(i.e. incoming email) and when the login name is something like
'[email protected]' i.e. when the login name contains an '@' sign.
this type of server login name is common on servers that use shared domains
on a single IP address, and this is a common case. in this case, since
there may be several users with the same name under different domains (on
the same server), the correct user is identified by using the domain name
with the '@' sign.
in fact i found that bug by trying to configure the Motorola Q to use one of
our email servers to send my email.
what happens is that the Smartphone email client removes the @ sign and
everything that follows it when loging to the SMTP server - we confirmed
that by looking in real time in the log files produced by our SMTP server.
i am not aware of any workaround.
the problem does not happen when the SMTP server uses the same login name as
the POP3 or IMAP4 server (in that case, the login name can have an "@" sign,
and it is handled correctly). the problem only happens when the SMTP server
uses a different login, and that this different login has an "@" sign.
once again, MSFT was apparently trying to be "smart" i.e. they assumed that
the @domain part in the login name of the SMPT server was entered by mistake
by the user, but being too smart is not always a good thing.
note that using fully-qualified user-name that include a mandatory @domain
part is very common and even google's gmail uses this, as you can see in the
'Account Name' section of
http://mail.google.com/support/bin/a...y?answer=13287 .
if you use gmail to both receive and send email, it will work, because the
POP3 and SMTP servers use the same login. but if you want to use gmail just
to send (i.e. SMTP), and use another server to receive (i.e. POP3 or IMAP4),
then it won't work, because of that bug.
this is a pretty serious problem.
also, the IMAP4 client configuration does not allow to specify the remote
directory (in the user's account on the IMAP4 server) where the IMAP folders
are located, which may be different from the default login directory. This
renders IMAP4 completely un-usable in some cases.
Of course those bugs are not new to Windows Mobile 5.0. It's just a shame
that MSFT never fixed them.
Click to expand...
Click to collapse
HI guys,
Got my new TyTn out the box, set it up with some of my files, now i am trying to sync with my exchange server.
If I take off SSL, it tells me I don't have permission to initiate sync, which i know i do, cause i set it up on my account.
If i put SSL on, it says the server cannot be reached,
Could someone out there please help me. I have been trying for weeks, in the end i thought it was the unit, so this is my new unit now.
Be sure that the OWA folder (http://yourserver/exchange) has the "require SSL" unticked in security option of IIS, also check that integrated authentification is ticked.
Check that your tytn trust the CA and that the cert match the server name (with both internal/external DNS if possible).
If you want to go without SSL (which is far from being a good idea, everything will go through the network in plain text) have a check in the server log; there will be a critical event explaining you what is going on and what to do in that case
Hi man,
Thanks for the response, how do i issue the CA certificate for the Tytn from the server?
Is that maybe my problem that the relationship between the device and the server hasn't been established properly?
I just want to get my e-mail, why has microsoft made it such an issue?
Surely if you enter in all the correct details for the server and the user account it should work, just like setting up teh IMAP with the send and recieve schedule like u used to on the IIi's?
Appreciate the help mate
Thanks
Microsoft deny you to check your email if you don't trust the CA. This is normal and a part of the SSL security; SSL certs are used to cipher AND to auth.
If the certificat is not issue by a trusted root CA it won't be trusted by your device. You have to connect to http:/ca_server/certsrv and here select "download" CA cert. Just transfert the cert to your device and set it up. If you can not acces the CA web service that way you may be able to gather the certificate while surfing to te OWA with explorer: go to https://your_server/exchange click on the little lock, go to "certification's path" double click the certificat on the top of the "tree" go to detail and select save to file. Select *.cert format and then finaly send this file to your PPC.
No can't connect to the Cert page, and with the OWA page, if you mean the little lock that appears at the bottom of some web pages in one of the blocks, I don't get that with my OWA. I am a bit lost...
ruski said:
No can't connect to the Cert page, and with the OWA page, if you mean the little lock that appears at the bottom of some web pages in one of the blocks, I don't get that with my OWA. I am a bit lost...
Click to expand...
Click to collapse
use https://your/owa instead of http://your/owa. Using the OWA without cipher is far from being a good idea; your user/password (wich is in fact an active directory user, that a some power) goes in plain text through the internet.
aaw, man, Thanks so much, I see now... OK, I will get the certificate off tomorrow and copy it onto my Tytn. I really hope that works! Thanks for your help!
OK, now I have made the certificate and copied it onto the Tytn, Still says The server could not be reached! Support code: 0x80072EE2
Ok, just want to check, when setting up the server, under server name, I have the servers external IP address. SSL is ticked, the user name and password and domain should be correct, username is @domain.local
Other than that, not much complicated, i don't seem to be understanding microsofts issue here, i have searched for white papers, which seem to be very vague and no step by step on how to set it up.
Hooooaarg speaking english is giving me headache
You are only satisfying one of the requirement at now:
-Your tytn trust your CA
In IIS you have issued a certificat to a name, for instance server.domain.local; if you contact this server through a SSL connexion by another name you will get an error; the name you accessed doesn't match the name in the certificate; so for IE and your PPC the security may be compromised. In active sync, under server name, you have to enter the exact same name you entered when you issued the SSL certificat in IIS, if it is internal (server.domain.local) it will only work as long as you are on your network. There are several ways to solve that; you can revoque this certificat in IIS and issue a new one matching your external DNS, with this solution you will be able to setup your activesync to connect through the external name of your server, keep in mind that NAT forwarding must be configured to route the traffic from HTTP socket (80) to the exchange server.
You can also setup a VPN server (L2TP/IPSEC should work fine), so that you will always be on the internal network and so able to get your email. This should be the safest way to go, but I guess that it generate more traffic, thanks to the encapsulation; so if you are greedy and pay per byte, avoid this solution.
You could, at last, also disable the SSL encryption; but in my opinion this FAR from being the good way to go, it should only be used for testing purpose.
If you can speak afrikaans I will happily change! lol
OK, if I turn off SSL and connect to the server external IP, it says I don't have permission to synchronise,
If i turn on SSL it tells me the server can't be reached, wish it would make up it's mind.
I am not very good with IIS, I am staring at it now. I am not sure if i did the certificate thing right. As there are 2 options to export , DER encoded and Base-64, I used DER first time round.
If i try and access the server name ie. https://servername it says i cannot use my existing connection and must check properties.....
Thanks for your help man!
You may want to check that you are also forwarding port 443 or what ever port you are using for https access for external use at the server end.
You had to get ActiveSync permitted for your account (by administring it with "Active Directory users and computers" in one of the tab for your users) but you also need it activated on the Exchange "System Manager" under organisation settings (have a look at www.httpsync.net)
André
hi to everybody,
kindly tell me how to configure the outlook email in my htc touch2.
i'm using my company email id. is it possible to configure company email id in outlook settings. its showing "sync error".
kindly help me
I have made it for my company Exchange server. I put my [email protected],com, then put my pass, i dont put domain name, only server address: mail.company.com.
After that it must ask you what do you want to sync and will begin syncing. If that doesnt work for you, you may have problem with connection settings.
Sync Error sometimes also happens if you don't have the certificates installed. Try installing the certificates and sync again.
Server address
to find your your server address,
Connect up to your company email via VPN on your PC, go to your inbox and the address in the address bar e.g.
https://***companyservername***/Remote/default.aspx
is your server address
setup your VPN on your phone as well, and you should be ready to go
Si86
Find out the public IP address of your company's mail servers (ask your administrator), use that as the server address.
You may have to ask your mail administrator for some assitance, it depends how they have set exchange up. The good thing is, it's only a few configuration changes, unlike having to buy and install new software like you would with Blackberries...
I hooked mine up to my webmail server
and i did my gf's like this too
If you have company webamail you can input the url as your server address (assuming this has beenset up)and use your AD usenrname and password.