Related
Hi all,
I need some advice and help. I have read a hell of a lot of stuff on the pending Messaging and Security Features Pack (MSFP) but no one can offer me a confident answer on whether or not it will work, how it will work, how much it costs etc.
I have a small business but we run a Microsoft Exchange 2003 server. I will install SP2 on it in due course but only once I know I can get emails pushed to my device. Microsoft have not been helpful, either I pay them £199 + VAT for some real advice or just go to the weblinks read out by the operative once he has spoken to an adviser. I had already seen all the weblinks!!!
What I would like to know from someone with proper knowledge is when is this MSFP thing out? (I hear Q1 2006 from iMate but how about on O2 etc.?) How many email accounts will I be able to use with it etc.? Will it only synchronize with email accounts on my Exchange server? Or will it synchronize with email accounts on my ISP's exchange server too? Any idea on running costs, I am assuming linked to GPRS usage etc. I am asking for a lot of answers but frankly am confused been around the houses so many times, not sure what I actually want to know.
Any help is gratefully received.
MSFP is not out yet. It is up to the providers like O2 to make it available in their ROMs early next year. Currently the service providers have not communicated when this will be made available.
My understanding is it will only sync accounts on your Exchange server, not from your ISP.
IT WORKS
Hi folks. I have Qtek 9100 and it seems it already have that feature pack installed. I am synchronizing my qtek with exchange server. Currently I have only scheduled synchronizing with exchange but I will as well try to use push technology but right now I don't have enough time to do this. And of course push technology must be supported by mobile network (operator). I suppose try to install test server and test it through network or wifi. It's a little bit complicated to make it work but now it works for me. That's cool technology.
Hi All,
Just an enquiry really, I've decided to wait for the latest release of SEVEN's Alwaysonmail Internet Edition for Windows Mobile 5 rather than get exchange hosting etc for my push email.
Basicly my question is, any ideas when it will be available (anyone in the know???)
I used it on my M2000 and it was superb and under £30 a year, I still have a contract till Christmas with them hence hanging on.
However according to an email about a month ago the Mobile 5 version will be available during June, but I'm just hoping someone can be more specific on here so I don't need to keep logging into various sites looking to see if it's available yet.
Cheers All
Shaun
PS
Superb forum, very very usefull
i've requested a trail version of the personal edition (for use as an email redirector for my exchange based work account). i've had Smartner's Duality product on previous 2003 devices, and its worked OK.
skywriter said:
i've requested a trail version of the personal edition (for use as an email redirector for my exchange based work account). i've had Smartner's Duality product on previous 2003 devices, and its worked OK.
Click to expand...
Click to collapse
well i got the SEVEN replacement for duality. i installed it, and it didn't work (can't see email accounts on exchange server). updated my ticket, and I've been waiting 2 weeks for someone to reply. sucky support.
SEVEN Always on Mail worked perfectly on my M2000,
I'm STILL waiting though for the Windows Mobile 5 version to be released, its 3months so far, the software has been developed supposedly and i'm waiting on the relay servers to be updated before it is available for download.
tech support have always got back to me within 2 working days for the first query then quicker if you reply to their response message.
Have you tried the following for support from SEVEN??
https://support.smartner.com/requests
yes, i'm using the "Seven International Request Tracking" system. after first just pointing to the new clients, they haven't responded to my subsequent problem yet, which is:
Hi, i have installed the correct PE client. I get to the activation screen on the client and an activation code.
i have downloaded a SEVEN Always-On Mail Professional Edition desktop connector and installation proceeds without error until i get to the activation code step. then the desktop connector "add user" dialog pops up with an empty list, and i get no activation code entry dialog to proceed. i have uninstalled both desktop, and client software, rebooted and installed again - same problem. non of the Q&A or FAQ's address this problem. i have followed all the directions puiblished. but the product still doesn't work. (the previous smartner redirector worked fine - no system software changes have been made since then)
Click to expand...
Click to collapse
perhaps that isn't clear? i don't have any errors, and everything seems to go OK. but when the dialog box for selecting email users comes up, it's empty. and I can't go any further.
Whoa Hooooo
latest SEVEN Alwaysonmail software client for WM5 is available and installed on my M5000, and works a treat.
Finally Push email for me without having to fork out £5 + for exchange hosting
Shaunfarris said:
Whoa Hooooo
latest SEVEN Alwaysonmail software client for WM5 is available and installed on my M5000, and works a treat.
Finally Push email for me without having to fork out £5 + for exchange hosting
Click to expand...
Click to collapse
can you provide some information about your environment for those of use that it DOESNT work for? what exchange server, etc... ?
Nothing special just the M5000 and alwaysonmail for WM5 pocketpc
no exchange servers or anything, but it is for 1 email address only.
its the SEVEN Alwaysonmail Internet Edition
Shaunfarris said:
its the SEVEN Alwaysonmail Internet Edition
Click to expand...
Click to collapse
oh ok. i'm having DOA problems with the professional version; one of the two versions that replaced the smartner applications.
of ourse intellisync, and on-shedule don't work either. and symmetry pro, and visto doesn't support single users any more... and good doesn't either.. blah are their any alternatives for the poor schlep that wants to sync with outlook/exchange but not involve IT (the kiss of death). we can't even get server activesync support, and our VPN doesn't work with PDA's either. and i'm sick of my blackberry... worthless impossible to use thing.
anyway! any help appreciated
FREE!
Get with the program guys...sign up for a FREE mail2web.com live account. This supports full push email from proper exchange servers. Why pay for something thats already free (and works better)
MJB
Re: FREE!
mbial said:
Get with the program guys...sign up for a FREE mail2web.com live account. This supports full push email from proper exchange servers. Why pay for something thats already free (and works better)
MJB
Click to expand...
Click to collapse
this is worthless for me. i use my PDA for work, and need my work email, contact, and calendar. not to mention security.
besides it's a matter of friggin support. i bought the service and the support.
Hello everyone,
Eventhough I have BB Conn on my AT&T 8525, my company would not help me get it paired with our BES, so I had them get me an actual BB. Now I'd like to just pull the SIM card put it in my 8525 and use BB conn. From what I have read, this should not be an issue; but I understand that the device type will show up on the BES. Now I doubt they have someone monitoring with such a fine comb, but since They will not let personal devices on, oh yeah, nor would they let me get a TILT as a BB, is there a way to spoof the device type on the BES or is this something someone would be interested in looking into as my programming skills are long gone. Thanks in advance for all your replies.
As far as i know there is no way of spoofing the BB device so that the BES sees your WinMo device as a BB.
Also i think it would be necessary for you to redo the Enterprise Activation anyway, as from the BES's point of view you would be a new device, this would require the assistance of your BES Admin.
This same solution worked for me.
But I am using BBC 2 on my Wizard.
All I had to do is to get a good (that is: BBC compatible) ROM version(I hacked it) and AKU value in the registry (hacked that as well).
I was then able to connect my WM device to the BES using the BBC desktop software. The BBC desktop software seems to push the device PIN (which is different on the WM device than on the BB device) to the BES.
Works flawlessly. BBC has some drawbacks BTW: I cant cope with big mail or calendar archives, so you have to clean up your Exchange account once in a while. BBC 2 is a memory hog as well (and it seems to have a memory leak). But a weekly / bi-weekly softreset fixes hat.
I am still curious to get BBC 4 on my device. This new version seems to have more difficult catches.
A how to guide on hacking the OS in order to rum BBC is in the development & hackng forum.....
That's as maybe, but if the BES admin has set it up so that only an allowed list of devices are allowed then BBC will not connect.
Also as there is an existing embargo on personal devices could it be against company policy and thus disciplinable to circumvent things?
As a BES Admin I can confirm that non BBs show up as something different. We have a Nokia Communicator running BBC on our BES and it shows as a Nokia RA-6
jrosaly said:
Hello everyone,
Eventhough I have BB Conn on my AT&T 8525, my company would not help me get it paired with our BES, so I had them get me an actual BB. Now I'd like to just pull the SIM card put it in my 8525 and use BB conn. From what I have read, this should not be an issue; but I understand that the device type will show up on the BES. Now I doubt they have someone monitoring with such a fine comb, but since They will not let personal devices on, oh yeah, nor would they let me get a TILT as a BB, is there a way to spoof the device type on the BES or is this something someone would be interested in looking into as my programming skills are long gone. Thanks in advance for all your replies.
Click to expand...
Click to collapse
I ended up doing exactly what you have done due to corporate policy. However I have never even unboxed the BlackBerry they posted me. I had to call the helpdesk to get them to create a password for the Enterprise Activation but that was it. I then installed BBC (4.0.0.97) and just did the activation and it all worked.
I tried version 4.0.0.100 but it didn't work for some reason so I ended up using the slightly older version as I had seen various reports of it working. I think our IT department must know I am using a HTC Kaiser, however I think as long as I don't start asking for support they are OK with it.
When they created the password for enterprise activation it lasts for a day or so and then can't be used and you have to request another activation. I can see this being a pain if you want to play about installing new ROMs.
HTH
Andy
Hi *,
From a long time i'm trying to find a rom for Magic 32B be used for work.
My needs is to have a rom with ActiveSync (Mail, Calendar and Contacts) and, if possible, lookup in the "GAL" of Microsoft Exchange.
I know many software for these features, but it's possible inclusion in a rom?
Thanks in advance!
Ale
Back in the day Eclair ROMs required you to sync your email, contacts, ect. through exchange because Google sign-in was broken. Now-a-days, the sign-in is working, but still. Point of it all is that any Eclair ROM will do what your asking. Just go to the G1 Android Development section here at XDA and find any Android 2.1 ROM you like, then go for it.
DarkOne951 said:
Back in the day Eclair ROMs required you to sync your email, contacts, ect. through exchange because Google sign-in was broken. Now-a-days, the sign-in is working, but still. Point of it all is that any Eclair ROM will do what your asking. Just go to the G1 Android Development section here at XDA and find any Android 2.1 ROM you like, then go for it.
Click to expand...
Click to collapse
Thanks for the reply.
Android 2.1 ROM sync ONLY Email and Contacts. NO CALENDAR
ckale82 said:
if possible, lookup in the "GAL" of Microsoft Exchange.
Click to expand...
Click to collapse
I haven't seen any rom you can do that in ...
1.6 roms seem to use the 'work email' app which is an adapted version of the htc mail app from non-google branded htc devices.
2.x roms have native exchange support, mail and contacts sync only.
I believe you could get what you're looking from the market but you'll probably have to get your wallet out and pay.
But.... the old rom 1.5 with HTC framework had this features... or i'm crazy?
ckale82 said:
But.... the old rom 1.5 with HTC framework had this features... or i'm crazy?
Click to expand...
Click to collapse
That's what I thought too. However I never had a need for it and only basic needs for exchange. gmail for sure did calendar sync.
You'll want to go 3rd party and get a fancy one anyway. Should be worth the money if the feature set is important (not withstanding my opinion).
st0kes said:
I haven't seen any rom you can do that
Click to expand...
Click to collapse
ckale82 said:
But.... the old rom 1.5 with HTC framework had this features... or i'm crazy?
Click to expand...
Click to collapse
yep. the old 1.5 rom with htc framework does exactly this.
i know, because i still use 1.5 for just this reason.
the best rom you'll find that does this without any need for third party apps etc is enomther's the original rogers rom. (not to be confused with his the original donut roms.)
you'll find it in the G1 development forum.
in order to use GAL addresses, you have to use "add receipient" to fill out the "to" field when doing an email. then you can choose between "contacts" (google) or "company" (GAL).
you can't browse the GAL as far as i am aware, but you can search it.
EDIT: by the way, it does full exchange sync. emails, contacts and calendar.
you can get a 2.1 rom and flash the moto apps from droid that includes gal, corporate calendar. that is what i am using now.
you can purchase touchdown and it does everything you ask
on any version you want
includes searchable GAL
I trial a HEAP of different phones for work and this is pretty much what it comes down to when you are talking business use.
While i love the Android and have a N1 myself it falls over on some MAJOR areas.
1: No Client side cert capability.
2: No Encryption
3: No Group Policy Abilities
4: No Remote Wipe of the device
5: Not FIPS rated (no encryption)
The Google phone is great, i love it over an Iphone but until these issues are sorted I would NOT recommend these for business use. As far as personal phones go they are awesome !
The only phones that are correctly rated for use as far as encryption and GPO are unfortunately WM6 and WM6.5 I HATE these phones cant stand them but they are (Believe it or not) the most secure ! Lets hope when the Iphone releases their new OS in the next month or so they may become a more realistic player in the business market.
Or (Fingers crossed) Google and Droid do some real work into making these phones more secure.. If they did i know they would be more popular with the business community !
G.
A.
gymmy said:
I trial a HEAP of different phones for work and this is pretty much what it comes down to when you are talking business use.
While i love the Android and have a N1 myself it falls over on some MAJOR areas.
1: No Client side cert capability.
2: No Encryption
3: No Group Policy Abilities
4: No Remote Wipe of the device
5: Not FIPS rated (no encryption)
The Google phone is great, i love it over an Iphone but until these issues are sorted I would NOT recommend these for business use. As far as personal phones go they are awesome !
The only phones that are correctly rated for use as far as encryption and GPO are unfortunately WM6 and WM6.5 I HATE these phones cant stand them but they are (Believe it or not) the most secure ! Lets hope when the Iphone releases their new OS in the next month or so they may become a more realistic player in the business market.
Or (Fingers crossed) Google and Droid do some real work into making these phones more secure.. If they did i know they would be more popular with the business community !
G.
A.
Click to expand...
Click to collapse
umm android has all those through applications available in the market ....
What are moto apps
markkohfm said:
you can get a 2.1 rom and flash the moto apps from droid that includes gal, corporate calendar. that is what i am using now.
Click to expand...
Click to collapse
What are moto apps - can' seem to find it searching on xda... If anyone could enlighten me, I would appreciate it.
I whole-heartedly recommend Nitrodesk TouchDown. It's a kick-ass app for Exchange. You get push updates for Mail, Calendar, etc.
It might seem expensive relative to your average mini-app, but you have to keep in mind that this is way more useful than those.
My employer's MS exchange set-up incorporates security pin that none of the Android ROMs support - that I'm aware off! I'm currently on day 20 of the 30 day trial with Touchdown and really am impressed. It supports mail, calendar and contacts with GAL and most importantly for me I can finally log on because of the pin security support. The iPhone supports this too however the pin is required every time you want to use it for any app whereas on Android you enter the pin when launching Touchdown. Worth the $20 imo
BigRD said:
My employer's MS exchange set-up incorporates security pin that none of the Android ROMs support - that I'm aware off! I'm currently on day 20 of the 30 day trial with Touchdown and really am impressed. It supports mail, calendar and contacts with GAL and most importantly for me I can finally log on because of the pin security support. The iPhone supports this too however the pin is required every time you want to use it for any app whereas on Android you enter the pin when launching Touchdown. Worth the $20 imo
Click to expand...
Click to collapse
glad we reached a consensus that business users need to stop whining about exchange and drop 20$ for touchdown
is really a stellar exchange client
hopefully there will not always be a need for this as it should be part of the base OS
FYI
The only thing that is needed comparing from the touchdown app to any Android OS to have full Exchange support is to fetch the Active Sync certificates forced by the enterprise security policy.
The enterprise I work for, doesn't use the Active Sync certificates forced and runs on Exchange server 2007. No issues with the Exchange Android OS. No touchdown needed.
The partner who we support has to fetch the certificates and runs on Exchange server 2003. Now, they will migrate everything to Exchange 2007..., than I want to see what will happen because they will keep the security policy or adapt it to the new infra. I'm using the touchdown, because otherwise I'll have my account locked on the Radius server.
iPhone's are even more limited. To sync an iPhone with my partner Exchange server 2003, you need the following:
- On the Inbox folder have less than 500Mb
- Be over the OS version 3.x.x
- If you make a NT password reset, you have to re-create the profile and sometimes hope for a miracle or change the domain to the complete address or insert it on the username.
Once again on the Exchange 2007, no issues.
I had the same issue with android because I use exchange calendar and mail.
CursorSense has exchange calendar, it is 1.5, but works very smooth for me. The main problem was the initially pin, I had to call my exchange IT person to remove that security so I can use it. Otherwise, you are out of luck.
I've never had success with android 1.6. I've tried the Moto apk, and many other names, adb push it to the phone, and it just doens't work. So, for me, 1.6 has no exchange calendar, but only email.
As for 2.1, it does support exchange calendar. But I'm waiting a faster rom to start using it. In the meantime, I use touchdown, which is WAYYYY better than the native software from android. The widget actually works!! The widget from android in 2.1 includes Email and Calendar, but none of them refreshes the information all the time, so you will actually have to go in the email account to see new email, and your calendar to see new updates. With Touchdown, the widget is easier to use and it updates quickly. It is too expensive, I agree.
There is another app, called Roadsync, but I don't like the UI.
ricardomega said:
FYI
The only thing that is needed comparing from the touchdown app to any Android OS to have full Exchange support is to fetch the Active Sync certificates forced by the enterprise security policy
Click to expand...
Click to collapse
Well, that is down to the business running Exchange, not anything to do with Android ... enterprises should be using universally trusted certificates.
If you get a certificate error in activesync it means your exchange admin bought a cheap SSL certificate that your device doesn't trust.
Not agreed.
Ref. 1 (Wiki):
Remote Authentication Dial In User Service (RADIUS) is a networking protocol that provides centralized Authentication, Authorization, and Accounting (AAA) management for computers to connect and use a network service. RADIUS was developed by Livingston Enterprises, Inc., in 1991 as an access server authentication and accounting protocol and later brought into the IETF standards.[1]
Because of the broad support and the ubiquitous nature of the RADIUS protocol, it is often used by ISPs and enterprises to manage access to the Internet or internal networks, wireless networks, and integrated e-mail services. These networks may incorporate modems, DSL, access points, VPNs, network ports, web servers, etc.[2]
RADIUS is a client/server protocol that runs in the application layer, using UDP as transport. The Remote Access Server, the Virtual Private Network server, the Network switch with port-based authentication, and the Network Access Server, are all gateways that control access to the network, and all have a RADIUS client component that communicates with the RADIUS server. The RADIUS server is usually a background process running on a UNIX or Windows NT machine.[3] RADIUS serves three functions:
to authenticate users or devices before granting them access to a network,
to authorize those users or devices for certain network services and
to account for usage of those services.
Click to expand...
Click to collapse
This is GOOD. IT MEANS SECURITY.
Talking about universally trusted certificates... if the windows mobile since 5.1 version and other devices exchange services (like Symbian S60 devices up and others) work flawless ... our new gadgets are the one's who doesn't work ...
The partner that I was speaking are leaders on their security division product for decades.
Sorry, but please point out the Apps.
1: Client side cert import for access to company websites ?
2: Encryption which is FIPS 104-2 certified
3: Group Policy enforcement
Touchdown does work, but its not just exchange email which uses certification
My Mom is thinking about getting the Driod X. Her company said that only the iPhone and blackberries will sync with their exchange server. She currently has a blackberry now but it is not hooked up to the email server because they are making her pay the $15 a month for the corporate email. She would like to get her email without the extra cost so she is thinking about an android phone.
From my reading 2.2 fully supports exchange now but when the Verizon store called my mom's IT department to set up her email for her they said that it and all other Android phones are not supported. Needless to say she canceled that purchase.
My question is, is this true? If it is then are their ways around this?
I have an Evo and it works with my exchange server but I am pretty sure my company allows non provisioned devices to sync.
All lies. Just sounds like her IT department just doesn't want to support her and her Android.
If she knows how to get into her Exchange account via web..she can configure it herself. On the phone, just setup an account for Exchange, plug in username, password, mail server, and domain. Very easy setup.
Mail Server and Domain comes right from her web access address like...
https://mail.company.com
mail.company.com = mail server
company.com = domain
The address to her web account is the only variable. If she has never used it...get her to ask IT guys what it is. She can say so she can check her mail from home. If they are already supporting iPhones...Androids will come in on ActiveSync the same way. IT guys will never know the difference...unless they are network nazis that toggle Active-Sync on/off per user.
I mean they can go in and disable the mobile services in the Exchange tab in AD but i doubt they would do that for every user. I did try her account on my evo once but i didn't get it to work. Maybe i fat fingered something, idk. I need to test it again and maybe try touchdown. $20 one time fee is better than $15 a month and a new blackberry that is already out of date.
Does anyone have a Droid X with a nazi type IT department that can share some info? You guys are on Froyo by now right?
Ya best thing to do is try again on your Evo and verify all her settings. Using Touchdown instead of the built-in app is not going to make any difference. Either they will have her Active-Sync locked down or not.
I don't limit access to our Exchange and have connected some Xs (2.1) and several Incredibles (2.1/2.2).
I am working hard break all our Crackberry addicts, and I'm slowly getting there. I would love nothing more than to shutdown our Blackberry server for good.
Good Luck!
I'm not an exchange admin, but I think its either lies or stupidity
Exchange for android has the same remote wiping capabilities as the iphone I believe. Some companies are concerned about this enterprise functionality in case the user loses their personal phone.
Anyways, an exchange admin has to permit you to use a cell phone, unless they have it wide open. If you can get them to enable it for "iphone" it should also work for android.
you can even log into owa and wipe the phone remotely yourself if you want.
it does identify the type of phone you have though, so they will be able to tell you are not using an iphone.
there might be some reasoning behind them blocking android I am curious
Exchange Is Doable Even On 2.1
I currently have a Droid X. I exchanged it from a Droid 2 because I wanted the bigger screen and more SD memory. In any case, my company uses a hosted Exchange provider. Since I'm the lead System Admin, they had to give me an account that allows for Exchange to work with my Droid. Hell, most of the Senior IT Managers are already using the Incredible.
The bottom line is that the Exchange administrator can allow for a phone to access, just the same way as OWA works for remote users. Since mine is hosted, it cost the company $5 to give me an account allotment. However, if her Exchange server is in-house, then they should be able to provide access for her without any cost. Droid works fine with Exchange. I heard rumours that one of the delays for giving us X users the 2.2 update had something to do with Exchange - maybe they're trying to include Active Sync. However, my phone syncs fine already without Active Sync. So any statement that Droids and Exchange don't get along is a blatant lie or a sorry excuse - and that's coming from a total Noob.
I'd guess that perhaps her company is using a self signed certificate. In earlier versions (dont remember exactly which) of Android there was no "accept all certificates" option and a self signed cert would "fail" auth and not work. In at least 2.1 forward there is now an option for that. I used to have to use touchdown for this exact reason.
/my experience = network/system/exchange administrator.
Unless they explicitly blocked Android with isa or similar then they simply don't know what they are talking about.
Edit: it wasnt until 2.0 that this feature was added to stock email app. I am willing to bet money this is/was the issue.
Deyez said:
https://mail.company.com
mail.company.com = mail server
company.com = domain
Click to expand...
Click to collapse
That's not necessarily true. Mail server, yes but domain no. I would ask them the domain too as they could have named it anything they want (of course other easyways to find it too, but by the sounds of it they aren't saying they wouldn't let her just that it "won't work" which isn't true, so just have her ask.)
It could be that it is because the phone is still on 2.1 which isn't fully supported by exchange.
I actually hate the name "droid" because some people use it for all android phones and others for the Motorola android phones. My mom calls them all Droids and maybe the IT department says that because to them the Droid wasn't supported which had 2.1 and they just don't know the difference or anything about android 2.2
If they can see what type of phone it is then telling them it is an iPhone and then activating a Droid would probably piss them off and she doesn't want to do that.
Android 2.01 and above supported exchange. I believe 2.01 had some issues with self-signed certificates (I had a Droid 1 and took it back largely because of this ... I have a self-signed Exchange server and I had issues with attachments - but mail & contacts came through fine).
2.1 Improved exchange support and 2.2 is supposed to be even better (I've Froyo'd my X and haven't noticed any difference in my exchange experience)
How did you froyo your x???!!! Its not out yet on verizon.
Sent from my DROIDX using XDA App
avirnig said:
How did you froyo your x???!!! Its not out yet on verizon.
Sent from my DROIDX using XDA App
Click to expand...
Click to collapse
Leak has been out for a while. Heck, the second leak just popped up over the weekend.
See original thread here:
http://forum.xda-developers.com/showthread.php?t=758907
I am trying to find her external email server address with no luck. The webmail address she has only works when she is connected to her VPN. When she is outside of the VPN that owa address doesn't work in any browser. So how can I find the external webserver address only knowing the email address?
Sounds to me like owa is turned on but not accessible outside of your companies firewall. If that's the case you are probably out of luck.
Sent from my DROIDX using XDA App
The company had people with iPhones so it can't be entirely turned off. I think that they have an internal webmail address which would require the VPN and then an external webmail address which would work for phones.
Android pre 2.2 did not fully support all of the exchange security features so its not really a "lie" per say.
We use encryption and remote device wipe and all the security featuers to "lock down" our devices if they are lost / stolen because they could contain PHI.
If you have any phone with Android 2.2+ it should integrate seamlessly with exchange now so there is no reason to not allow the devices on the network unless they just made their own company policy saying so.
I'm not an iphone expert by any means, but I think iphones (pre-ios4.0) use some kind of enterprise sever like blackberry.
That server may be outside the firewall.
Sent from my DROIDX using XDA App