im using resco viewer to browse network shares, because they in intranet there is no protection over shares so you dont need to enter any user name etc, before i used to have security on shares, since i havce removed, my wizard keep asking username and pw to access to shares even there isn't any security, i can simply by pass it by entering no username and pw and just tapping ok, but it is so annoying to do it after every soft reset, why it doesnt remember ? other wierd thing is it remembers username from old share security settings, i have changed shares network name but it didnt work still same, can anybody help me?
Related
I have an 8125 with Summiter's 2.3 Rom installed. I am trying to establish a connection to my exchange server which is hosted. When I enter the server, user ID, password and Domain info correctly, activesync keeps prompting me with "Please correct your Exchange Server password"
My provider insists that the settings were correct on their side and their crack tech support staff told me that WM5 has problems storing the password. They said that the only thing to do is to keep deleting the server connection on the device and recreating it.
Through this persistence, I was able to get it configured once. It was syncing (with push email) for most of the day... until I connected the device to the PC with the USB cable to charge it. Then Activesync on the PC kicked in and the password prompts began.
I have deleted and reconfigured the server on the device in excess of 20 times now with every combination of soft resets in between to try to get this resolved.
Any thoughts? Your help is greatly appreciated!
***EDIT***
email host needed to create a pre-NT4 alias for the userid due to the naming convention ues by our company in their provisioning console. Therefore once I found out the alias the config was a snap. working perfectly now! Thanks.
What tech support for your host meant to tell you is that they do not have a clue what they are talking about. I support numerous WM implementations using AUTD and Push email with WM devices of all flavors that support one of those options (2003, 2003se, 2005) and NONE of my customers have to continually put in ANY information to keep syncing.
It is true that using the special sms tickle method of pull on 2003 devices does sometimes hang up and have to be restarted manually but even then you should not be asked for information you already saved about the connection.
Find a new mail host.
Well, since you have no problems setting up "WM implementations using AUTD and Push email with WM devices", I would love to hear your thoughts on why I keep getting a password prompt over and over again with the message "Please corrrect your exchange Server password".
Using Cingluar 8125 with stock 2.25 ROM.
Mobile services are enabled under ESM
Pre-2k alias is set in the username
SSL is installed on the server with front end virtual directory
I have disabled certificate checking on the device itself by hacking the registry on the device since I'm using self singed cert
Exchange SP2 is installed
Activesync on the PC with USB works like a charm
But, trying to sync over GPRS/EDGE with the exchange server it keeps prompting me to correct exchange server password which I know it's correct since I administer the server myself.
I've seen NUMEROUS posts about this issue but no one seems to have the answer.
This is driving completely bonkers
You say you can sync while connected via USB to a computer but you do not specify whether that computer is INSIDE or OUTSIDE your network. So I am going to assume it is INSIDE, and bet that were you to try the same test from OUTSIDE your network it would fail just as it does using GPRS. If so the indications point to incorrectly putting in your user name/domain information and not the password itself.
I assure you, the domain\username and password combinations are quite right. It's DOMAIN\username and then the password. I mean you can't really get away from that format when you enter the information in the pocket pc or activesync on your pc since it asks you for the domain and the username and the password. I can however login to webmail and oma through the web browser using the exact username and password.
Any more thoughts?
I have no more thoughts until you answer the question I asked. Can you sync while connected to a computer that is OUTSIDE your network?
When putting in your information on the mobile device, in the username field if you are putting domain\user you are wrong. That box is USER NAME ONLY.
Let me start over again. No, usb or gprs outside doesn't work. And yes, the username is put in as just the username with no domain\ in front of it. Activesync substitutes the domain from the domain field as domain\ is what I meant.
So it doesn't work from outside no matter what the connection. Again, the problem is the domain reference. We just have to figure out what is wrong with it.
From outside your network, can you access Ouloook Web Access? If so, EXACTLY what is the URL you use?
I'm using https://servername/exchange
I can also user https://servername/oma from the phone and it works too.
I would really like to see https://servername/exchange work from outside your network. I am interested to know how you got a NETBIOS name to resolve from outside your DNS zone over the internet.
Please read the question asked before answering so I can stop asking you the same thing twice. I asked you:
From outside your network, can you access Ouloook Web Access? If so, EXACTLY what is the URL you use?
Click to expand...
Click to collapse
Your answer might work inside your network but no way will it work outside. And if you are afraid that advertising your domain name will compromise your Exchange box you should just shut it down anyway.
Ok,
I'm REALLY trying to be tolerant here. Unfortunately, I'm starting to reach the end of my patience. You and I BOTH know that I'm not advertising my NETBIOS name on the Internet. We BOTH know EXACTLY what I mean when I say https://servername/exchange. It means a URL accessible from the outside which points to the server via NAT on our firewall and then /exchange. So, here's the URL:
https://mail.glaucomaexpert.com/exchange
When I say that webmail works, I REALLY REALLY mean that it works. I'm not making it up. If you don't know the answer or if you are not sure of the answer, just let me know. That's no problem. I'm really starting to think that this issue is due to the registry hack on the phone to remove certificate checking.
Unfortunately, I'm using a self generated cert and I've tried using the .cab method to import the cert, that didn't work. I simply copied into a file (DER encoded) and tried to import it no workie either. I tried copying as a Base-64 encoded, copied to the phone and when I tried to import it said it was unable to access certificate. Before I disabled certificate checking, it wouldn't accept the certificate. So, now it accepts it but it keeps asking for the password.
I have gone over the exchange settings over and over and over again and I'm simply not seeing anything wrong.
So....here's where I am.
Great. Thanks for answering the question. So in your server configuration fields you are filling in those blanks like this:
Server Address: "mail.glaucomaexpert.com"
User Name: "jdoe" or whatever your user ID is
Password: "Password1!" Your CaSE sEnsiTIvE password
Domain: "myeyessuck" your internal NETBIOS domain name which may or may not be the same as your FQDN
Does all of that sound like what you are using? If you feel more comfortable PMing the information then thats fine. But your settings should resemble what I wrote.
Are you forcing users to use SSL for Outlook Web Access? If so, you might try turning it off TEMPORARILY and test syncing without requiring SSL to eliminate the self signed cert possibility. I won't be much use troubleshooting that as I get my customers fo flip for a Thawte certificate to avoid untrusted root cert authorities.
That's exactly what I'm using:
Server Address: "mail.glaucomaexpert.com"
User Name: "jdoe" or whatever your user ID is
Password: "Password1!" Your CaSE sEnsiTIvE password
Domain: "myeyessuck" your internal NETBIOS domain name
Under secure communications I do not have require secure channel checked.
I just enabled http(port 80) access to the exchange server and it's working like a charm.
So I guess it's still a certificate issue. I guess disabling certificate checking is not doing the trick but instead cause more problems.
I really wish I could import the self signed certificate. This really sucks. Your help is appreciated. Thanks. I should had tried this before. I just assumed this registry hack wouldn't have any bearing on it originally.
@deeztech - I'm also suspicious of the registry hack to disable the certificate checking. This worked for me in the 2003 days with my client's Blue Angels but I've never been able to get it to work with WM5. I have numerous Exchange 2003 servers that I maintain here in So. Fla and they all have self generated certs. I use MMC and add the Certificates snap-in. From the Trusted Root Authorities I'll right click my certificate - all tasks and then export to a Der encoded x.509. Copy to my storage card and execute it from there.
Of course it sounds like your certificate is installed correctly as your logon to OWA and OMA are working which is why I suspect that reg hack you mentioned.
I did read on exchange-experts to check the authentication on the webserver....
Curious if it's just your PDA or are there others with the same issue?
Glad you narrowed it down. Unfortunately I don't have a magic bullet for the self signed certificate piece but I do have some suggestions for you.
1) Enable forms based authentication: http://support.microsoft.com/kb/830827/
2) Require SSL for access
3) Unless you intend to offer services you might turn off the default website at https://mail.glaucomaexpert.com/
If you are interested in a cert from a trusted CA check out Thawte, where you can get an SSL123 certificate in just a few minutes for as little as $149: https://www.thawte.com/process/retail/new_ssl123?language=en&productInfo.productType=fssl2
Runnng WM6 on an i-mate JasJam (HTC clone).
I have wireless working fine and can surf the net. I don't have any proxy configured.
I try to use File Explorer to get to the files on my home server but when it prompts for username, p/w and domain, it keeps prompting or gives an error even though they are correct.
I'm giving it my Administrator login details and have the domain name correct.
I'm able to connect to a NAS directly and access/view files that way. The NAS is running some sort of UNIX and thus doesn't have the same issues that Windows is obviously having. I can connect via USB and ActiveSync works fine.
I've also tried connecting to a PC in the house that's running MCE edition and thus isn't on a domain. I've tried using the main username/password that I use to log in as administrator on that box.
Again, same thing - it just prompts over and over.
I'm familiar with setting shares up and setting security, but none of that is applicable because I'm trying to authenticate as domain administrator. I've also tried using local administrator but that doesn't work either.
The error I get is "Error connecting to resource: -1073741802". (Nothing in Google).
I recall some hidden registry setting that I once had to set on Windows Server 2003 to deal with unencrypted passwords, but I can't find anything on that now. I can't work out a google word combination that comes up with ANYTHING for logging onto a domain from a PPC. Frustrating!
Any ideas or experience in this? If you have please give specific settings where possible!
Thanks
Douginoz
There was an issue with trying to RDP onto W2K3 boxes from a Windows Mobile device - the solution to that was to set the administrator password to blank......not something you'd normally want to do, but it might be worth a try in this case just to see if it works?
Have you tried using an account with less privileges (but with share and/or folder permissions) to see if that works?? The administrator account, be it domain or local, has some special traits that are not always made clear - you could try a domain user account with local admin rights.....
Also, for your Google search, have you tried "clear text" or "plain text" as keywords - I have a vague recollection of the registry entry you mention, but I'm at a loss to remember it myself....
HTH,
Mark.
I want to make a WiFi connection on my school. But I have to make some setting changes. I have the HTC Trinity with WM6.
I have to satisfy to these settings:
- Wlan network name: tue
- Security mode: 802.1x with dynamic WEP keys
- Authentication protocol: PEAP with MSCHAPv2
- Root certificaat: GTE Cybertrust Global Root
Where do I make these changes?
On your's school router or wifi access point in your school
but sadly I have to make these changes on my pda
According to school these are the settings specially made for smartphones/pda
Markos said:
but sadly I have to make these changes on my pda
According to school these are the settings specially made for smartphones/pda
Click to expand...
Click to collapse
If it is set on your's router in school, then your PDA or smartphone will see these settings automatically
Otherwise look in start-settings(instellingen)-connections(verbindingen)-wi-fi, there you can add new network connection and apply these settings
But that's the problem.. I can't apply these settings.
When I configure Netwerk Authentication I'll come till "Use IEEE 802.x network acces control"
When I select this and choose for PEAP and I want to change the Properties I get this message:
Warning
Cannot log on to the wireless network. This network requires a personal certificate to positively identify you
Click to expand...
Click to collapse
Where can I make and/or change this personal certification?
been having the same message, anyone knows where to find the certificate?
Hi,
So,
1. You want to connect wirelessly to your School's network, right? .......and that
2. The network settings that you stated in your opening post were given to you by your School Network Administrator, right? ......finally, that
3. Your School Network Administrator had indeed, ACTUALLY given authority to your device (HTC Trinity) in the Access Control List to access the school's network, right?
In that case, he (the School Network Administrator) MUST have assigned an IP Address to your device (or entered its MAC address and configured it as such, inside the router/wireless access point.
Did you make sure that he did actually do so? Ask him to confirm this for you. I'm saying this because if he (the School Network Administrator) hadn't configured your device to have access to your school's network, you'll be wasting your time trying to access it, 'cos as you know, it is a secure network hence, it can not identify your device.
The only way that your device could be identified to access the school's network (never mind the settings provided in your opening post), is only, and only if, it had been configured in the ACL - Access Control List within the router, otherwise every Tom, **** and Harry would simply access the school's network, willy-nilly and wreak all sorts of havoc. See what I mean?
If indeed, he (the School Network Administrator) had given you access to the school's network, just ask him or her to give you the IP Address that he assigned to your device and then enter it in the Wi-Fi configuration of your network in Trinity, as you had been doing and everything should work fine - no more headaches!!
BOTTOM LINE:
If there is no entry for your device in the Access Control List of the school's router/wireless access point, you've got no chance 'cos your device would be refused access at all times because the router/wireless access point does NOT recognise it.
You ask him (the School Network Administrator) to give access to your device - either by using it's MAC address or IP Address), then you'll be laughing 'cos then you'll be able to have access, wirelessly.
I do hope that this gives you pointers to help solve your problem 'cos that's the only solution that I can offer.
kiwi992.
Sorry to bring alive an old post, but I have been receiving the exact same message requiring a "personal certificate." What I don't understand is that the network prompts me for my username/password - each device is not set up individually. For example, I can take my laptop to school and connect to the network as long as I have my username and password. What is the difference between XP and WM6 in this respect? Why can't I just enter my user/pass on my Wing and connect just like I would with a laptop?
Absence said:
Sorry to bring alive an old post, but I have been receiving the exact same message requiring a "personal certificate." What I don't understand is that the network prompts me for my username/password - each device is not set up individually. For example, I can take my laptop to school and connect to the network as long as I have my username and password. What is the difference between XP and WM6 in this respect? Why can't I just enter my user/pass on my Wing and connect just like I would with a laptop?
Click to expand...
Click to collapse
This has bugged me for a long time with Windows Mobile 5/6 & 802.1x with PEAP (WEP & WPA/WPA2). You should in theory be able to just use MSCHAPv2 and a Username/Password to authenticate yourself but there seems to be no way of turning off the client checking the servers validity - i.e. having a valid & trusted certificate (you can disable this checking with Windows XP's 802.1x supplicant). So all you should need is the servers public certificate installed on your device.
When I was testing this a while ago I had some sucess but the 'personal certificate' message was a problem. In the end I just enrolled the device with the domains CA and have a personal certificate installed (as well as the CA's certificate which gets installed at the same time).
Enrolling for certificates is much easier now with Windows Mobile 6 and ActiveSync 4.5 since you can enroll the device from ActiveSync on the host PC.
HTH
Andy
Interesting, Andy,
I haven't yet had the chance to test this change yet, but a few searches has turned up a registry key that we can add -
(quoted from somewhere on the internet)
"The only thing you have to do is to add a DWORD Regestry Entry under HKEY_LOCAL_MAICHNE-->Comm-->EAP-->Extension-->25
Name:"ValidateServerCert"
Value: 1 to activate Validation, 0 to turn it off"
Have you tried making this change before just registering a certificate? If it doesn't work, do you remember the basic steps for retrieving a certificate from a computer via activesync? If I do transfer a certificate from a laptop, do I need to register the device with the administrator? It seems that everyone from the IT department I've talkd to has no idea what they're talking about.
I have been dealing with this for some time and am finally reaching out. I really hope this makes sense, if not please tell me and I will try to clarify.
I have two windows 2k3 servers at home with shares on each. I can see and map the shares with my pda on one server just fine but the other doesn't work at all. I can see both computers on the pda and the shares are accessible from 6 other machines both logged as domain users and local accounts. I've made sure the permisions were identical on both machine (along with checking everything I could think of a million friggin times) I finally noticed that if I enter false credentials into the login for the working server then I get a failed security audit with the faulty username along in the event log along with a second separate one showing my wireless network username for school as the attempted username . On the non working machine I only get this school username and nothing else regardless of what I enter into the pda. The best I can figure, one server is allowing the failed attempt and moving on to the good and the other is stopping after the first. Someone PLEASE tell me why a username ONLY entered into the wireless network settings of my schools network (settings that I have removed with no effect) would be forced into my attempts to map a network drive? Ima lose my god damn mind!
FFS!!! Finally found the solution. Evidently the policy setting in 2k3 domain controllers requires SMB signing while member servers don't. This is why I could stream from my regular server and not my domain controller. Resco explorer's FAQ of all things had the answer and the solution if anyone needs it.
Resco said:
Windows CE networking is not able to map the drives from the servers using SMB signing.
This can be solved by changing the following setting in the Domain Controller Security Policy under Local Policies --> Security Options
Microsoft Network Server: Digitally sign communications (always): Disabled
Click to expand...
Click to collapse
__________________
Feathered Access -
Free Live Mobile Television
http://featheredaccess.com
I am having problems mapping a network drive. I have tried the HTC plugin and Resco, but have the same problem. I no longer am prompted for a username or password when using the plugin. When using Resco, I try to connect using a different user with no success. I am able to connect to shares that have permissions to the initial username/password that I used.
That being said, I am convinced that WM6 has stored the username/password in the registry somewhere. How do I get rid of it so I can enter another username/password that does have access to the share that I am trying to connect to???
Ipaq 110
Windows mobile 6
http://forum.xda-developers.com/showthread.php?t=471521
Tried the suggestions in your link. Even changed the LAN Manager authentication level....same problem. It says mapping succeeded yet no files are visable. Never asks for a username or password. Still seems that it is caching the original username/password that I initially used.
thartung said:
Tried the suggestions in your link. Even changed the LAN Manager authentication level....same problem. It says mapping succeeded yet no files are visable. Never asks for a username or password. Still seems that it is caching the original username/password that I initially used.
Click to expand...
Click to collapse
Ever figure this out? I have the same problem on my touch diamond, it says map successful but when I go in the network folder there is nothing visible.