Can anyone suggest what I should look at to solve this?
Running HTC standard WM 6.0 -- CommMgr says that DirectPush is "on" but the only way I can get my MS Exchange email is to manually click "send/receive" for this account. I have 5 other email accounts all of which download per my settings, but MS Exchange does not? I'm baffled as to where to look to correct this.
Thanks!
did you open ActiveSync (A.S.) on your phone to see if there are any error messages? also, while in A.S., you should confirm that the sync "Schedule" has not changed to manual... and lastly, check with your Exchange Admin to confirm no changes occurred on the server side.
I once experienced that the SSL sertificate that was used to secure the communication with the server had expired on date. This caused push to stop working. There was a remark about this when I opened ActiveSync.
pananza said:
I once experienced that the SSL sertificate that was used to secure the communication with the server had expired on date. This caused push to stop working. There was a remark about this when I opened ActiveSync.
Click to expand...
Click to collapse
Where did you find a replacement certificate? I've had that msg but was unable to figure out where to find the updated certificate. Thanks.
brucewilsonpa said:
Where did you find a replacement certificate? I've had that msg but was unable to figure out where to find the updated certificate. Thanks.
Click to expand...
Click to collapse
You need to have your exchange administrator install a new and valid certificate. Not much you can do. If your exchange server is using a self-issued SSL sertificate you can use the Enroll Certificate function in Active Sync on your PC to install the issuer (most often domain controller) as a trustet root certificate.
brucewilsonpa said:
Where did you find a replacement certificate? I've had that msg but was unable to figure out where to find the updated certificate. Thanks.
Click to expand...
Click to collapse
if your company uses OWA, e.g., Outlook Web Access, you should be able to export the certificate from IE. I've done this before; the trick is to know which certificate is used to authenticate your access to the email server.
Related
All need some help. I'm trying to utilize the Push Mail technology. I have set up to sync with an exchange server correctly, however within our company we use certificates to authenticate. So I expported my certificate and imported it into my 8125. When I go to look at my certs in my 8125 I see that it imported successfully. Now when I try to sync it asks for the password and it comes back with an error code of 0x85030028 (cannot obtain a valid cert). Now if I use my PIE and go to the OWA which utilizes the cert as well it sees it and authenticates just fine. For some reason activesync isn't seeing it. Any ideas how to fix?
Geno
From what I know, you can't use certificates with Push email. You have to setup a new virtual site on the server running OWA called it Exchange-PPC or something and have it set for Intergrated Authentication, then you would configure your device to hit the new site like http://www.site.com/exchange/username or something like that.
There's a little more than just setting up the site, some registry changes, check Microsofts site for the error number, you'll find a KB document explaining how to setup the Virtual Site for syncing with your device.
I have an O2 XDA mini S.
I have spent about 12 hours trying to configure it, and am having a complete nightmare. Am completly stuck and hoping someone can help me.
I have put in all the settings on the XDA and told it to sync with our exchange server. The device connects and you can see it syncronising eg Calander 6/6, emails 60/60.
So it all looks like it is working I then go into my outlook email folder on the device and all my folders are there but they're all empty. I have altered the syncronisation options so it syncronise all my folders for the last 3 days, but still nothing.
Strangely if I create a calander appointment on the XDA it does get syncronised back to the calendar on the exchange server. The same if I send an e-mail, the e-mail does get sent and ends up on my exchange servers sent items.
So basically anything created on the XDA gets synced back to the exchange server, but anything created on the exchange server does not get synced across to the XDA. Even though when you connect it looks like it does.
We are using Exchange 2003 SP2, and ActiveSync Version 4.1.
Any help would be very much appreciated as we have bought 5 of these XDA's for all the top brass at my company and they are breathing down my neck asking when they are going to be set up.
Hi,
I'm sure you have already checked, but are the folders set to synchronise within Outlook on the device.
Menu/Tools/Manage Folders and put a cross in the appropriate boxes.
Apologies if you had already done this.
Regards,
White.
Thanks for the reply and yes I have already done that.
To clarify some of my earlier statements I am trying to do this wirelessly using GPRS, but to rule out any firewall problems (we use ISA 2004), I have plugged the device into my PC using a USB connection I have then changed the server address to the local address and the same thing happens.
The only slightly odd thing I'm doing is using an HTTP connection as I can't get the certificates to be accepted on the device for an HTTPS connection.
Duplicate post deleted,
Sorry.
Regards,
White.
Try this link
http://www.msexchange.org/tutorials...ng-Part1-Microsoft-DirectPush-technology.html
for me it works fine so I will try to help... but lets try the link first.
Have checked through our configuration with regard to the above link and everything is fine.
I just don't understand as the XDA appears to connect okay, and seem to be uploading from the server, it can also send things back to the server. It just doesn't actually recive anything.
It's so frustrating eg it will say reciving 0/61 e-mails it will then go to 61/61, eg like it has dowloaded them, but when you look nothing is there. It must be talking to the server though as it knows how many e-mails there are.
Not much help here..............
..............but I gave up with our exchange server !! 8-(
I, too, couldn't get past the certificate error.
Really pi**es me off !! Yet I can lie in bed @ home and VPN onto the server desktop via my XDA and my home WiFi switch/router and read my emails via the server's IE via the company intranet.....<shrug>
I HATE MS sooooooooooooooooo much !!
Enough redundant posting already !!
I agree
I agree it's crazy about the certificates, it's just bizarre that it doesn't give you the option to accept the certificate anyway. As I'm stuck with using HTTP now which is obviously not very secure. Well I would be stuck using HTTP if I could get it to work, but as posted before it just doesn't.
So stuck with dowloading my e-mails using IMAP, and syncing my calandar using a usb cable, which is not ideal.
Anyway once again any insight or help would be great.
http://support.microsoft.com/kb/817379/en-us
Method 2 is what I've had to do to my exchange server to get anything working.
Thanks
Have already made the changes discussed in the article, as before I did that it was erroring out, now it appears to dowload the e-mails but nothing happens.
Thanks for the tip!
I needed this info!
Further info............
....................O2 have told me via dataservices support there is a problem with self-certification - This has come from Microsoft who have said there is an issue.
O2 and MS are working on a fix but no timeframe as yet - a number of users have reported the issue.
Third party certificates are OK apparently - I have tracked down a free source - www.cacert.org but whilst i have got a personal email certificate for my PC I can't get throught the documentation to obtain a certificate for the Exchange server at work. This is because, I think, we don't have a domain that's linked to it - we just VPN to an IP address......if anyone can help work out how to submit a valid certificate request, I'd be very grateful
Further info............
....................O2 have told me via dataservices support there is a problem with self-certification - This has come from Microsoft who have said there is an issue.
o2 and MS are working on a fix but no timeframe as yet - a number of users have reported the issue.
Third party certificates are OK apparently - I have tracked down a free source - www.cacert.org but whilst i have got a personal email certificate for my PC I can't get throught the documentation to obtain a certificate for the Exchange server at work. This is because, I think, we don't have a domain that's linked to it - we just VPN to an IP address......if anyone can help work out how to submit a valid certificate request, I'd be very grateful
so you are unable to set up the sync between your O2 and the exchange server? or you cant get the HTTPS to work at all?
my colleague is using a QTEK9100 and he managed to get the push mail to work. the sync with exchange server seems to be working. he couldnt get it work before this because exchange server need to have HTTPS enable, so we endup getting a digital cert from a vendor.
so now he is happily getting email push to his qtek. and sync works fine as well. i am yet to get my unit so i cant say much about the setting need to be done but there must be something missing here.
Hi.
I have Exchange 2k3 SP2 using my own certificates, an XDA Mini and XDA Exec with O2 GPRS all using push email fine. No issues with O2, Exchange, Microsoft or anything - it just works!
The only thing I did need to do on the XDA's was to import a copy of my Certificate Servers root certificate.
Have been using this with Exchange push for a couple of weeks and before then used the same setup with XDA IIi's using Exchange Activesync.
Merlin
Hi.
I have Exchange 2k3 SP2 using my own certificates, an XDA Mini and XDA Exec with O2 GPRS all using push email fine. No issues with O2, Exchange, Microsoft or anything - it just works!
The only thing I did need to do on the XDA's was to import a copy of my Certificate Servers root certificate.
Have been using this with Exchange push for a couple of weeks and before then used the same setup with XDA IIi's using Exchange Activesync.
Merlin
Lucky You, RB............
.............I, too have imported the server certificate but neither I nor O2 could get it to install on mine or their machines.....that's when they told me about the issue..................
It's a valid certificate cos our server works as it should !
The real crazy thing is, I can VPN to our server using my XDA via my home WiFi router, see the server desktop via mstsc and open my exchange mailbox using the company intranet in IE - all on my XDA in my bed !!!
Security ?!!? Pah!!!!
Hi
Which certificate have you imported, the certificate on the exchange server or the ROOT certificate from your Cert Server?
You need the ROOT CERTIFICATE not the Exchange Web Server certificate
Merlin
We're running...........
........SBS 2003 SP2 with Exchange Server
The certificate is the only one we have for the server as a whole.............
If you click on the certificate and look at the certification path tag, what does it say...(Can you post a screen shot of it?)
I have searched and searched for an answer to this problem and have not been able to find anything. Hopefully someone here has run into this before and might have an idea or solutuion. Her is my problem.
I have two exchange servers (2003 SP2) on of which is a front end server handling OWA and OMA. We sync about 18 Windows Mobile 6.1 devices over the air using OMA. We are using SSL. All of our devices have random problems connecting to the server. They will sync fine most of the time but will randomly for no particular reason ask the user for their exchange password. We are not enforcing any password policies on the server and we are always checking the box to save the password. In order to get the device synching again the user has to re-enter their password multiple times and often has to kill and restart activesync on their device.
Any ideas as to what might be causing this?
Any help would be much appreciated.
You could try unchecking the box in Activesync on the phone that requires SSL. We use SSL as well, but we have to uncheck that box on the phone. Although our problem is that the phone never syncs when its checked as opposed to your problem of randomly not syncing and asking for a password.
Unfortunately that is not an option. Our SSL is required for authentication. It will not connect without it. It seems like what is happening is that the device is not always passing the credentials to the server. Usually when it asks me for the password I enter the password once making sure I check the Save Password box then when it asks me the second time I hit cancel. ActiveSync then gives me a could not authenticate error. Now if I just hit Sync again it goes through and works just fine without asking for the password. So my guess is that it is not passing the credentials until after the connection is reinitialized.
From what I understand, Push Email relies on the OMA functionality which uses IIS. The problem my lie there. Although I've never tried, you may have to uninstall/reinstall (or confirm) that the OMA part of Exchange is functioning correctly. Sorry I can't be of more help.
Do the log files on the server show anything when a phone can't log in?
No, the exchange logs don't show much. I almost think it might be something with the device configuration. At this point I just don't know. We will be migrating to Exchange 2007 sometime in the next few months. Hopefully that will resolve the problem permanently. I was just hoping maybe by some chance someone here had seen this problem before. Thanks a bunch for your help.
Is the FE server doing the authentication (NTLM) or is there an ISA server in the way configured with Forms Based Authentication? You should make sure the IIS virtual directory for OMA is set only for Basic Auth - and the following article might be worth a read.... http://searchexchange.techtarget.com/tip/0,289483,sid43_gci1188440,00.html
Hope that helps - good luck!!
Mark.
^^^What he said. Took the words right out of my mouth. You'll still be secured through the SSL certificate, even though you're doing "basic auth" you aren't exactly sending your password as clear text. Requiring SSL on the OMA site will automatically encrypt the connection so you have no need to worry.
Try it out and get back in here. I manage a site with about 50 WM 6.1 Black Jack II's that sync with Exchange 2007 with no issues whatsoever. Also verify that you have all your hotfixes related to OMA installed on your Exchange 2003 server.
Trying to set up ActiveSync on my Telus P4000 (Titan), although the issue should be the same with an WM6.1 phone...
I can't for the life of my figure the right server settings to enter in the Configure Server section, and I have yet to find a definitive "this is how you do it" procedure for it. As near as I've been able to glean, for the "Server address" section, you give it JUST the domain name of the Exchange server, without an http:// or a /exchange or /oma or anything... correct so far? But the catch in my particular instance is that Exchange web access is on port 8080, rather than 80 or 433.
I've tried adding a :8080 to the server address, I've tried adding the http:// and/or https://, I've tried adding the /oma and /exchange to the end, and all combinations of the above, with no luck... when I go back into the settings, it's reverted to JUST the domain name. Is there somewhere else I can tell it to use a non-standard port? Registry key, maybe?
I'm not sure it works with other ports than 80 (HTTP) and 443 (HTTPS).
You just need to put your external A record in the server value.
Try using standard ports first to be sure everything is working, then switch.
Okay, well I managed to get rid of the "Cannot reach server" messages by switching back to "require SLL", and as it turns out, the server wasn't set up for SSL (it is now). So now I'm connecting, but getting certificate errors. At least I've found plenty of info about solving that issue, so on to the next step...
Soundy106 said:
Okay, well I managed to get rid of the "Cannot reach server" messages by switching back to "require SLL", and as it turns out, the server wasn't set up for SSL (it is now). So now I'm connecting, but getting certificate errors. At least I've found plenty of info about solving that issue, so on to the next step...
Click to expand...
Click to collapse
You will probabby have to install a certificate on the phone to be able to communicate with the exchange server. At least i had to...
playerkiller said:
I'm not sure it works with other ports than 80 (HTTP) and 443 (HTTPS).
You just need to put your external A record in the server value.
Try using standard ports first to be sure everything is working, then switch.
Click to expand...
Click to collapse
I've searched everywhere for info on using non-standard ports for activesync, and I haven't found anything, and I couldn't get it to work.
jeen said:
You will probabby have to install a certificate on the phone to be able to communicate with the exchange server. At least i had to...
Click to expand...
Click to collapse
Yeah, did that... still not helping
Go to first new post ActiveSync config for Exchange
Exchange ActiveSync cannot access the server if SSL is set to be required. For
information about how to correctly configure Exchange virtual directory
jeen is right. Unless the certificate is issued form a Trusted Certificate Authority, you will need to import the issuing CA in the Root Certification Authority store of your Phone.
If it's a self signed cert, just export it from exchange server (without Private key) and copy it to your phone. Then, double click it from File Manager. This should be enough.
^Yeah, I did that right off the top (see my reply to jeen). Still no joy.
Perhaps Tendulkar can finish his thought...
To disable SSL requirements for Activesync service is very easy:
Win2003 (IIS6.0)
Open IIS on your cas, expand the Default Website (or the website where ASVritualDir resides) right click on Microsoft-Server-ActiveSync and choose properties.
Go to the tab Directory Security, choose EDIT under Secure Communication.
Remove flag from Require Secure Channel.
Obvsiulsy Click ok.
Win2008 (IIS7)
Open IISManager.
Navigate through site, default website, hilight Microsoft-Server-ActiveSync.
Make sure you have the features view selected (should be by default).
Choose SSL Settings.
Unflag "Remove SSL".
Obviusly click Accept.
playerkiller said:
To disable SSL requirements for Activesync service is very easy:
Win2003 (IIS6.0)
Open IIS on your cas, expand the Default Website (or the website where ASVritualDir resides) right click on Microsoft-Server-ActiveSync and choose properties.
Go to the tab Directory Security, choose EDIT under Secure Communication.
Remove flag from Require Secure Channel.
Obvsiulsy Click ok.
Click to expand...
Click to collapse
Hmmm... "require SSL" was already un-checked. I've re-checked it, let's see what happens with that.
OK lemme know.
make sure you have the same root certificate installed also. you have to trust the same certificate authority as the certificate that you have on your exchange server.
Did anyone find solution
I am having same problem. Certificate installed and tried all connection settings that can find on internet. Cannot get ActiveSync to syn with my server (same certificate error, but hosting company states tested with WM6.1 that all is working fine on their end) and also cannot get Windows Live Messenger to work, states there's a connectivity problem. Funny thing is MMS, surfing net with IE, and Google Maps with GPRS work fine. Only Microsoft network products are not working. My phone is Palm Treo Pro with WM6.1 Professional. Vodaphone version but bought in China and have since added A4 Chinese text editor, which I think could be problem, but need to hard reset phone to check. Any ideas? Better yet, any solutions?
One tip for getting this working in my case (same certificate errors) was that I had to get the certificate off the internally facing OWA server, rather than the externally facing version. Although they're both the same server, the external one goes through an IAS box which seems to be presenting its own certificate rather than the one on the exchange server. Don't ask me - I don't run the system.
As soon as I add the Internal version of the cert, Exchange, OTA Sync and ActiveSync spring into life.
Hey first post! loving the forum by the way. and the HD2 phone. I already have my personal email with pop set up.
Just wanting to set up my exchnage account from work.
It has a self signed cert and i connect to the exchange via HTTP.
Ive saved the .cer file to the memory stick but i dont know what to do with it. Any advice appriciated.
Right, clicking on the cert and installing, Going to the certificates setting, its been placed in the "intermediate" catorgory. To get active sync and outlook working....Now what?
just click it, also, make sure you have trusted the certificate authority from your work, not just the exchange servers cert as it has no way of working out who made the cert...
I have the trusted certificate, when i "just click it" it opens with the detials of the cert... I will try alittle more today but i was assuming there must be an option to set a http proxy like in outlook.