Related
My company runs an exchange server that i can connect to via SLL on the web. However, I always got an invalid certificate message. On 2003 devices on ran certchk and i could synschronize my mail, calender and contacts.
Now - with my JJ - i can not get to my mail anymore because of this invalid certificate. I does not help to download the certificate to my device, since it is invalid.
Is there any reg hack, apps or whatever i can use to overcome this?
Thx
Ronaldovic,
Try exporting the root certificate from the Certificate Authority in "DER" format, copy it to the JJ and run it. This should work as the JJ is not certificate locked.
Ferg.
I did - and when i look in settings-certificates - it shows in the list of certificate but with an enddate of somewhere in 2003 (so it is not valid).
Again, with certchk in 2003 devices it all worked flawlessly.
Are the certificates still be the problem now? Or is it something else?
When i sync, i get an error: 0x80072F17
Ah sorry, I read your mail but didn't really read it and assumed I knew what you were saying.
If you can get a reg editor for the JJ (I use something called "Mobile Registry Editor" which is a PC-based app and works through ActiveSync), change DWORD Value under HKCU\Software\Microsoft\Activesync\Partners\[Secure] to 0 I gather this will do it.
On the point of the certi though, can you not get the CA to issue a new certificate to the Exch box? When connecting through SSL, ActiveSync doesn;t give you a "Yeah connect, I don't care!" dialog box as OWA does.
Ferg.
got a good reg editor, but can not find the last [secure] part...what do u mean by that? For example below ..\partners i see two entries(default) and (ServerNameChanged). and two directories with strange numbers.
About the certificate thing...if i understand u correctly i will never connect if i do not have a valid certificate?
I appreciate the help!!
YEAH!!! Great, got it working, thx to u!
I just love this forum.
Glad to hear it!
I am back....
The sync goes ok now, but every time i send a new mail, it gets send twice. In my outbox on the JJ there is one email, when i receive i see two coming in (exactly the same)
Any1?
i can get it to look like its working by turning off ssl. e.g. it says sycing 20/20 emails. However when i go to messages there are none there! Similarily contacts, tasks and calendar items appear to be syncing in active sync, but they just dont show up!
Hi,
I have run into the same problem.
Used the tips on changing the registry (for which I really thank you!!!).
However, it seemed working until I realize that my Treo 700w keeps asking for the password. No matter how many times I enter my password correctly, it just keeps asking the password over and over again. It does not save my password even if I select "save password" option.
Have you run into this problem and found any workaround?
Thanks in advance. Bo.
Boryu,
Remove and re-add the server source.
I've had this a few times and it's well annoying! This seems to do the trick though.
Ferg.
same issue
i have the same issue,
i used registry editor but its not allowing me to add the reg key!!
am i doing something wrong,, and were do i add the Secure Dword?
Why don't you just renew the certificate? Just right click the website folder within IIS 6.0 and select Properties. There is a security tab (Directory Security?) within which you can renew an existing certificate.
I had the same problem getting push email to work, and renewing the certificate fixed the problem.
Why don't you just renew the certificate? Just right click the website folder within IIS 6.0 and select Properties. There is a security tab (Directory Security?) within which you can renew an existing certificate.
I had the same problem getting push email to work, and renewing the certificate fixed the problem.
ronaldovic said:
got a good reg editor, but can not find the last [secure] part...what do u mean by that? For example below ..\partners i see two entries(default) and (ServerNameChanged). and two directories with strange numbers.
About the certificate thing...if i understand u correctly i will never connect if i do not have a valid certificate?
I appreciate the help!!
Click to expand...
Click to collapse
Hi i see exactly the same, but wich value do i have to change ??
please help
thanks in advance
I try to get my mails pushed to my TyTN. Thus I enabled the appropriate services on my Exchange 2003 SP2 server, set the user permissioning and so on. I generated an P12 cert with my CA and imported it using p12import.exe on my tytn. I also installed .cer for the domain and for the CA on the mobile device. Thus I was able to sync and push. Now I am facing the following issue:
After successfully syncronizing and pushing for some hours, I regularely get an 0x85030027. Checking my certificate I can see that my p12 is gone. After reimporting it using p12import, i can change the server settings the following way to force an "reinitialisation" of the link between user settings and cert: I delete the "m" in "blabla.dynaccess.com", go forward to login information - the password is gone then - go back to the server, add the "m", go forward adding the password. Sometimes I am than able to sync again, sometimes I get an 0x85010004. In the latter case I must delete the whole server setting - loosing all my mails - and have set it once again.
Dealing with this issue now for several days and beeing unable to find any description or solution in this forum and the web, I kindly ask for any idea which could be considered beeing helpful...
PS.: Sorry for my English - it is not my native tongue ;-)
I use CACert certificate for my email and have imported it using smartphoneaddcert utiltity from Micro$oft.
Copy your certificate into \Storage\root.cer (has to be named like this) and run SPAddCert.exe, hopefully that should work
thanks for the immediate answer. i already installed my root-certificate with no probs. The issue I have is related to the individual cert for the device, generated and signed by my ca, which is trusted by the tytn. This individual one disappears after some syncs?!
I don't experience the same problem ...
I think your method is ok (Jacco in DDSL.NL) have a nice tools to import personal certificate to device...
You may also look : http://www.httpsync.net
Cheers
André
Now I can describe the problem more precise: the personal certificate disappears after every soft reset?!
I have the exact same problem !!!!
When you do a soft reset the personal Certificate disappears.
I can reimport it directly, but I need to hook it up to a PC in order to validate the Certificate.
Is there no other way. This is really annoying when i'm on a trip, and I have to soft reset the device.
Does anyone know hpw this can be done differently.
Thanks
Micman
I'm rather surprised not to have seen third party support step up to fill in Activesync's worthless inability to sync over wifi or wlan. It would be very nice to revive this forgotten feature. Don't you people remember the uproar it caused when MS removed it?
Anyhow, I'm almost certain there's a work-around. Has anyone seen or heard anything in development?
Why revive this feature?
1. For the sheer convenience of not having to go through exchange servers or third party services especially when they may not be available to you
2. To sync user specific software that's otherwise not syncable OTA
3. Greater freedom share files over a wlan/wifi connection especially with these new and faster broadband networks (ev-do, etc)
4. Not to have to make special trips to your workstation just to sync..
I've found a workaround - sorry it's in German - here:
http://www.mypocketpc.ch/Workshops/15899.aspx
But it seems that since ActiveSync 4.5 you need to configure a DOMAIN on the pocketPC, not only login and password.
Does anybody know how to set something like a "pseudo domain" or if the PC has a "default domain", if no domain is set?
I will try to translate the workaround now:
In earlier versions of ActiveSync WLAN Sync was possible (last known version 3.8), since version 4.x it was removed..
You can do a remote WLAN Sync as followed:
Start ActiveSync on the PocketPC. Go to Options > Server OR Configure Server [depends on your ActiveSync Version]
Enter the IP of the Windows PC. [if you don't know do: Start > Run > cmd > ipconfig /all ]
Enter Login and Password which are the same as on your Windows PC. [SSL I think should be deactivated]
IN v4.5 YOU HAVE A PROBLEM HERE: if you don't enter a DOMAIN, the configuration wizard doesn't continue IF YOU HAVE LOWER VERSION PLEASE TELL WHETHER YOU HAVE TO SPECIFY A DOMAIN
Click Next > Next > Finished.
Now you can MAYBE [see the DOMAIN problem] sync via WLAN again..
If anyone has an idea how to workaround the MUST-SPECIFY-A-DOMAIN problem please tell, I think I am not the only one who wants WLAN Sync back!
I think you need an exchange server for sync over wifi or gprs.
NO and YES!
YES: Microsoft WANTS that you use an Exchange Server, therefore they have removed support for syncing via WLAN since v4.x
NO: The posted workaround doesn't need an Exchange Server running!! Instead you are "simulating" that you have one. Earlier this Workaround seem to have worked, but since ActiveSync v4.5 it seems you NEED to specify a DOMAIN of your PC.. maybe just another hurd only!
So, the problem again: since you need to specify a DOMAIN of your PC now, is there a possibility to workaround this? Maybe via Registry or setting up a "Pseudo Domain" ? This MUST-HAVE-SPECIFIED-A-DOMAIN seems now to be the only problem, unfortunately you cannot leave the domain field empty.. but the Handheld tries to connect the PC via WLAN (...WOW! Just one step away from the Solution!!?...), but that fails due the DOMAIN problem.. (most PC are only in a workgroup, and not in a domain..)
Maybe we are only one step away from a working solution!
I think only the wizard is changed by MS so that when no
domain is entered you cannot go forward.
ActiveSync can be configured with Configuration Service Provider (CSP)
through XML file.
Infos here: http://msdn2.microsoft.com/en-us/library/aa456215.aspx
I will try this tomorrow with a configuration without domain and let you know
if it works.
Houser
You said it - the setup wizard seems to be the only hurd.
Hey, great idea. Where to find this config file?
I searched for it on PC and PPC, but found only binary files..
Hope you have success!
Here are the maybe suitable Registry Settings for ActiveSync setup, I will try this way:
http://msdn2.microsoft.com/En-US/library/aa457989.aspx
Here is a tool I have written to configure ActiveSync Settings
without ActiveSync wizard.
You can test it if you want.
Houser
Thx. I launched your tool and entered IP + Login + Pass, activated e.g. Tasks to synchronize, and deactivated SSL, and clicked Save.
Then I launched ActiveSync on the PPC (Trinity HTC P3600).. now there comes a screen:
Microsoft Exchange:
Result: Your account information could not be detected. Choose configure Server on the ActiveSync menu to check your Exchange Server credentials.
Support Code is: 0x85002009
Hmmm maybe because the domain entry is left empty?
What happens if you enter some characters for the domain?
Houser
If I enter a domain it tries longer to sync on the PPC - instead throwing at once the message above - the circling arrows animates for 3 seconds, then it ends ups with:
Waiting for network..
Hm, maybe the ActiveSync software on the PPC checks for the domain entry But.. maybe this check can be removed
Where is the configuration saved? To a file (which one) or to registry (which branch)?
I do not know where the config is saved. In WM2003 it was in the registry
but in WM5 that was removed and stored in some internal database
I think.
Houser
As you speak German, maybe this could be a workaround for the domain problem:
http://www.weyo.de/board/?n=320745&bn=21
I mean, maybe it's possible to enter a Pseudo Domain in the Registry on the PPC under
HKEY_LOCAL_MACHINE\\\\Comm\\\\Tcpip\\\\Hosts\\\\
And entering this Pseudo Domain as Domain in the ActiveSync Setup..
But what to enter in the Registry? The branch is currently empty, so no example exists
Hm, here's how to enter the information:
http://support.microsoft.com/kb/q199370/
ActiveSync uses the domain only for authentication.
The server name (DNS name) or IP is used for the connection.
In the registry you can enter Host names with IP adresses
that has nothing to do with domain name.
ActiveSync uses HTTP oder HTTPS (TCP/IP port 80 or 443) when
you configure a server in ActiveSync.
ActiveSync on your deskstop PC does not listen on this TCP ports
so you cannot connect.
Houser
Hm, any other idea? How crazy whatever..
Today not maybe tomorrow.
Houser
Houser said:
ActiveSync uses the domain only for authentication.
The server name (DNS name) or IP is used for the connection.
In the registry you can enter Host names with IP adresses
that has nothing to do with domain name.
ActiveSync uses HTTP oder HTTPS (TCP/IP port 80 or 443) when
you configure a server in ActiveSync.
ActiveSync on your deskstop PC does not listen on this TCP ports
so you cannot connect.
Houser
Click to expand...
Click to collapse
So what you are saying is, that there is no way to sync over wifi unless you have an exchange server?
freeyayo50 said:
So what you are saying is, that there is no way to sync over wifi unless you have an exchange server?
Click to expand...
Click to collapse
Yes this is the only way I have done it so far.
But may be there is another solution out there to do this
with Outlook on your desktop but I currently do not know
how that can work.
I will do some tests today and let you know about the results.
Houser
I did al the same and no results...
A followed all the steps for my ipaq 9610 as well and get same (no) results.
Maybe anyone a new idea?
Hi,
I have a strange problem with the config of Outlook on my Windows Mobile 6.5 which I hope someone might be able to offer some help with. This is on a HTC HD2 with standard ROM, v 1.48.405.2 (71294) WWE.
I have configured it to connect with our work Exchange Server, and all is well, except for the "from" email address. On our exchange server I have several smtp email addresses associated with my account, for example:
[email protected] ; [email protected] ; [email protected] (a total of 5).
My main address is [email protected], but for some reason when I go to send an email from my mobile device the from address is [email protected], and I cannot find any way to change this.
I checked the device registry and found an entry:
HKEY_CURRENT_USER\Software\Microsoft\ActiveSync\Partners\{xxxx}\EmailAddresses
The contents of this entry showed all my smtp addresses, and had my main address as the final entry, and [email protected] as the first entry. So, I thought it's worth a try to swap them around - I did this, and did a soft reset, but the problem still persists.
Has anyone any suggestions ? Any help appreciated.
(Hope I explained this clearly).
Regards, Jon.
Resolved - using correct default smtp address now
Managed to resolve this, in case anyone is curious / has similar problems. I cannot be 100% sure which action resulted in it working, but I did the following:
- had our IT admin delete then re-add the smtp email addresses to my account, ensuring correct one was marked as default / primary
- deleted the Outlook account from my HD2.
- Created the Outlook account as new on my HD2 (I did this on the phone itself whereas last time I created using Windows Mobile Device Center)
It picked up the correct default email address immediately, and checking registry (location in original post), only the default email address is shown now. Previously all smtp email addresses were listed.
I am suspicious of creating the Outlook account in Windows Mobile Device Center as causing the problem in the first place - my Exchange Server account was previously working fine with a Touch Pro. But cannot be 100% sure without going back and retrying, which as I have it working, I am not going to do at the moment.
Anyway, I shall stop replying / talking to myself now.
Jon.
I have the same problem..
How is it possible to change the adress which you want to use for sending the email?
My Exchange pushes all incoming Emails I receive from different accounts, but sometimes it would be fine to answer with the right Email account.. But I found no solution yet..
Any news from your side jh9957?
Thanks and Regards,
MS
Hi @ll,
we have a bad problem with our HTC mini clients after active sync settings was change for a couple of hours to personal client certificate. Normally and this settings was change back to our exchange server, the mobile clients sync with basic authentication domain username, domain password and domain name + server adress like the exchange owa: for example: https://webmail.domain.com.
Problem what we know have is, that the mobile client couldn't go back to that basic settings. They coulnd't sync anymore. I can delet the mobile outlook account on the device and reconfigured it, it works. But by more than 250 devices is that a realy bad option. Is there a chance or function to delete a special file or something like a sync cache to get that fixed? thanks to all idears.
You don't tell what version of exchange server use.
If your organization use 2007/2010 Exchange servers it will be the best solution to configure autodiscover service.By the way you should already configured that solution.
After configure autodiscover(it should be running by default) and certificates users should only remove Exchanage sync and reconfigure with typing their user name and passwords.
The key point is to make autodiscover working properly.
What type of firewall you are using ?