Database Users

Solved: Howto connect PPC to network share on Samba server

I - like a few others, from searches I've done - have been pulling my hair out trying to figure out how to connect my Exec to a share on a Samba server. I could connect to an XP share without too much difficulty, with a bit of help from PocketLAN which is excellent.
However I just couldn't connect to Samba at all. Much googling later, the solution is to add the line:
use spnego = No
to my smb.conf. This has some security implications if your context involves untrusted users with lan access whom you don't want to be able to access the samba server (I think) but that's not a problem for me, or for the typical user with adsl and a wireless router using a private address range like 192.168.x.x (well, I'm not saying that's perfectly safe, but safe enough). And the flexibility of being able to listen to music on my exec that's on my samba server, is worth a small risk.
here's the article which finally showed me the answer:
http://cri.ch/linux/docs/sk0014.html
Hope this helps someone,
Matt S.
--- To aid searchers: smb cifs samba network share spnego map drive wifi --

Thank you, thank you, thank you.
I looked all over for this, and I have royally screwed my smb.conf file, but I restored my backup (I backed up halfway through) and now I am back in business. I'm running WM5 on the hTC Wizard (cingular 8125 incarnation) and this works like a charm!

i have always just typed
\\linuxts\**sharenamehere**
in file explorer and its worked fine
running fedora core 4

alex2cool67 said:
i have always just typed
\\linuxts\**sharenamehere**
in file explorer and its worked fine
running fedora core 4
Click to expand...
Click to collapse
Yea, this always has worked for me also. Didn't have to add anything to the conf file

A fix for Windows 2K3 servers file shares, can't map to them
Well based on that if you are having a problem with Windows 2K3 Domain controllers and shares try this;
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\lanmanserver\parameters]
"requiresecuritysignature"=dword:00000000
Hopefully this will allow you to map to them now.

80072fd Push with SBS2003

My IT guys have been trying to get this push email thing working and it seems to be one difficulty after another and is not as simple as pressing "push email" in the connection icon....
Our latest error appears on my device with the above error code stating
"the security certificate on teh server is invalid. contact your exchange server administrator or ISP to install a valid certificate to the server".
I have read that I need to buy a public certificate from a public authority (CA) or similar such as Verizon or Thawte. Is this the case, or is there a simpler way to get this push email working using the existing configuration and setup of the server?
We use exchange SP2, with outlook 2003 all around. Internet based webmail works correctly with full access, and activesync via PC works perfectly, but push email encounters the above error.
Any suggestions.

are you sure it's 80072fd or 80072efd ?

I don't have a solution, but the problem is described in M$ knowledgebase article: 915438 - see attached Acrobat .PDF.
I had already tried the suggestion in KB915840 to import the certificate from my sbs2k3-domain, but this had failed with "cannot access the certificate" - even with them on the device. However, certificates from my clients' servers, both sbs2k and sbs2k3, import without problems. This happened both before and after o2's AKU2 ROM update - so AKU2 is not the problem. In addition, I spent Easter *totally* reinstalling sbs2k3 and tested it immediately afterwards. All the sbs2k3/Exch2k3-Sp2 boxes are fully patched. The certificate itself is correct/working, since it works for Outlook Web Access via the web with laptops and even the Exec (Universal).
Whilst sync'ing from the workstation via ActiveStink/USB, if you turn off the SSL requirement the sync suceeeds, but that's obviously not a working solution via the 'Net.
Update:
Just had a thought, and checked the various certificates in a hex-editor. The one from my sbs2k3 box is a completely different format. :? I'll see what I can find out.....

maybe not related, but here's a list of all ActiveSync Server Error Codes: http://blogs.flaphead.dns2go.com/archive/2005/11/21/3202.aspx

80072f0d
Sorry, the correct code is 80072f0d.
I know your pains astage, but there is no way we are pulling the box down and putting it back up again, our server hosts 30 + staff simultaneously and I cant take it down just to fix my one desire to have push email.
But I do find it painful and frustrating that microsoft do not adequately support their own platforms and systems dont integrate as they should and as they are promoted.
M$ sks.

Re: 80072f0d
simon_darley said:
....I know your pains astage, but there is no way we are pulling the box down and putting it back up again, our server hosts 30 + staff simultaneously and I cant take it down just to fix my one desire to have push email.....
Click to expand...
Click to collapse
I'm not sure if it was clear from my reply - too tired - but rebuilding the server did not help at all.
Yeh, the pains of rebuilding SBS and having it all configured and running correctly when the staff arrive in the morning is not something I do willingly - hence the use of the holiday. It was done only as a last ditch attempt to solve this and another problem that had Micro$oft totally stumped - not related.
There is a difference in the certificate formats, so that's where I'm concentrating my efforts now. Will let you know what I find.

80072f0d error - the fix!
Just spent the past hour kicking and calling myself an £$%&* idiot.:x
Anyway, to cut the story short, the problem *is* indeed the damn format of the SSL certificate exported by sbs2k3. For the WM5 device to import it, it needs to be in DER X509 format.
If you have imported it into your PC/laptop for OWA/OMA/RWW, then you can easily export it from IE's Internet Options into DER format.
From Internet Options:
- go to Content-tab
- click Certificates-button
- find and highlight your certificate - I had imported mine into Trusted Root Authorities
- click Export-button
- click Next on wizard page
- enable the "DER encoded binary X.509 (.CER)" radio-button, and click Next
- enter a suitable path & filename, e.g.: "myserver.cer"
- click Next, click Finish, click Ok.
- Now copy the certificate to your PDA via ActiveSync.
- Open File Explorer on the PDA,
- Find the certificate file and launch it.
- click Yes to import it and you're done!
I think the reason why my sbs2000 certificates worked was that I had installed Certificate Services on those boxes and exported those certificate from there. I don't understand why some of my client's sbs2003 certificates were in DER-format, and others weren't, but we are talking about Microsoft software, so what else should I expect......

msfp and 80072f0d
After testing a few different certificate variations, the engineers that maintain our servers was able to send me two alternative certificates, one or bother of them appear to ahve worked effective.
So it imported, and now my active sync works for receiving these emails, now I need to look at these heartbeat pings and find out how I set the periodic checking.
Just wondering, normally if you dial a gprs/3g connection, you pay once, and stay connected all day. Does this now mean that it connects, downloads, disconnects, then 5 minutes later reconnects, downloads, and disconnects, thus paying a much larger reconnect fee everytime?
I am playing with this as a new toy, but I can see the costs are going to go ballistic....

and... perhaps for all those that are already experienced here, how does one send an email that remote wipes the device?
is there a command, or a key word or something that makes the system realise the remote wipe command....
sorry, I know this is off the topic of my original post, but thought you might know.
if not, I can start a new topic....!!!
The certificates that I was given was a server.cer and a root.cer.
If anybody needs to know, I can ask the engineers how they did what they gave me to get it to work.

The remote wipe is done from the sbs2k3 box - or rather the box running Exchange2k3Sp2. Your admin needs to install a small tool that he (Domain Administrator credentials needed) then accesses via IE.
Microsoft has published a new white paper (Feb 2006) that describes the whole procedure - just a shame they missed the need for the certificate to be in DER format. The white paper is: "Deploying Windows Mobile 5.0 with Windows Small Business Server 2003".

owa access

I'm trying hard to like my x1, can anyone help?
Whenever I try to access OWA using either PIE or Opera I get a page cannot be displayed error. Anyone else seen this and got a solution? OWA works fine using my E90 S60 browser.
Thanks, Martyn.

Just tried it on Opera 9.5 build 15202 and it renders really nicely - pleasantly surprised!

Doesn't work in my Opera Mobile. Can't remember the build. It's the one with Manila favs from Itje's thread.
It works nice and is really fast (as always) in latest Opera Mini.

martynb said:
I'm trying hard to like my x1, can anyone help?
Whenever I try to access OWA using either PIE or Opera I get a page cannot be displayed error. Anyone else seen this and got a solution? OWA works fine using my E90 S60 browser.
Thanks, Martyn.
Click to expand...
Click to collapse
Try Opera Mini.

I'd not like to use Opera Mini for sensible sites
like OWA. It transmits logins over a proxy,i don't
think it's a good idea...
why don't you use Active Sync? You can sync it
manually and e.g. only for the last days. But for
the most it uses less traffic then visiting
the OWA site everyday...

Better yet, set up your push email. It keeps a HTTPS session alive. You just need to install the certificate on your PC to set up the sync, which you can get from OWA.

bedlam_au said:
Better yet, set up your push email. It keeps a HTTPS session alive. You just need to install the certificate on your PC to set up the sync, which you can get from OWA.
Click to expand...
Click to collapse
How?
Will it work without OMA (mobile access)? I don't think so. We don't have a frontend server to support ssl connection from mobile devices, and I'm pretty sure I've tried everything.
If you have a magic way to make it work I would really like to know.

I've been having the same problem...
...and I tried Activesync, but I get a 'certificate' error. I can't figure out how to get the certificate on my device.
I spent days searching the web for an answer... and I gave up after a while.

Oms said:
I've been having the same problem...
...and I tried Activesync, but I get a 'certificate' error. I can't figure out how to get the certificate on my device.
I spent days searching the web for an answer... and I gave up after a while.
Click to expand...
Click to collapse
If you have the .cer file, you just copy it to your device like any other file and run it from there. It should install. I had a few weird cert errors when trying to get mine to work but random poking and prodding seemed to get it up and running eventually.

maedox said:
How?
Will it work without OMA (mobile access)? I don't think so. We don't have a frontend server to support ssl connection from mobile devices, and I'm pretty sure I've tried everything.
If you have a magic way to make it work I would really like to know.
Click to expand...
Click to collapse
To be honest, I don't know, I'm not the exchange admin.
My company's fairly tightfisted when it comes to IT expenditure, so I'd be surprised if they forked out anything extra.
A cursory glance at MS's documentation implies that it shouldn't be necessary because as far as the exchange server is concerned, it can't tell the difference between WinMo's client and a regular web browser. I stand to be corrected by someone who actually knows what they're talking about.
Try installing the cert and setting up your server in Active Sync. It should just work.

I had problem in my work getting this working but after a clean install of OWA on our front end server everything worked properly. The only think needed on the X1 was to import the cer file if you going to use Exchange/Active Sync connection as someone has already suggested.
IE and Opera always worked it was just Active Sync which had problems.

I've just recently got an X1 and been trying furiously to get active sync to work. But as I don't have access to the exchange server at work, I've been trying to find out how to obtain a copy of the cert from my outlook.
Haven't been able to find anything, any suggestions would be much appreciated!

Grab the cert from the OWA website, cause it should be SSL encrypted. The browser shows the encryption with a small lock symbol. Click on it an get more information about the cert. When you opened it, open the cert for the CA shown on the last register. In there choose "save to file" and copy it to your phone.
On the phone open the cert with any file explorer, that will import it into the phone's cert store. From now your phone will trust your company internal CA.
This way is only useful, if your company uses self generated certs with an internal CA. You can see this, if your browser at home (the pc there has nothing to do with your company) show an cert warning, if you open the OWA website. If you really can't get acces to this site from the internet, forget all of the above

Brilliant! I'll give that a go when I get home! I'll let you know how I get on.
Thanks again mcfisch!

I just realised what I did wrong the first time. Under server, I put the wrong address didn't I. However, I've come across another problem, Where it asks for the login credentials, there' username, password and domain, what do I put under domain?

Its all sorted now! I can't believe I was being such a dumbass! I was over complicating things way too much!
Happy days!!!!!!!!

Citrix for Android - "You have not chosen to trust..."

I've installed the Citrix app and have an External Account created which allows me to connect to my work's Citrix farm. Whenever I try to run an application after logging in I am told that I haven't chosen to trust the certificate authority (Entrust.net). I was never given an option to choose to trust Entrust.net in the first place and all the error provides is an OK button that takes me back to the application list.
Is there something I can do on this stock, non-rooted, first generation T-Mobile MyTouch 3G phone to get this working? Why was this so poorly coded in the first place? One should be provided with the option to trust the certificate and the app should then try to download it or use it if the cert already exists on the device, etc, etc...

i would contact citrix, or the app dev if its someone else
seems like an app problem...

Can't access wifi hotspots because of Certificate Authority

I have searched high.. and I have searched LOW... and I can find no solution for this problem:
}{Alienz}{ said:
Well the thing is I tried several browsers.
1. The default one that comes with Android
2. Opera mini
3. DolphinHD
All same thing. I'm now going to test with a beta build of Firefox for android (fennero was it called I forget) but its SUCH a stupid thing to not work. Every other device WORKS. Blackberries, Iphones, tablets, laptops....everything.
EDIT: The EXACT error I get is:
"There is a problem with the security certificate for this site. This certificate is not from a trusted authority." I get this AS it attempts to load the redirect login page (both university and at work now). Same issue. It's browser/certificate related. And its ANNOYING as hell.
EDIT 2: Found the problem. It's that stupid certificate.
"This is a result of your corporation using an in house Certificate Authority to provide SSL encryption on your mail server and clients.
Basically....the computer that issued the certificate isn't trusted by the android phone. I'm new to android so I'm not sure if you can add a trusted CA (I haven't seen any options for it).
I don't know about future updates like the above poster mentioned.
Most companies will purchase a certificate from one of the major Certificate Authorities on the internet, which are pre-programed into most operating systems to be trusted. Internal CA's are trusted by the domain environment at your work, but not by anyone else. External (Internet) CA's are trusted by everyone.
if you want an example, open up IE (gross I know) and go to your options. Click the content tab, then there should be a button label certificates. inside the certificates window select Trusted Root Certification Authorities.
That is a list of all the builtin trusted CA's provided by Microsoft and the companies that govern the internet. "
I STILL have no idea how to fix it and to make the phone accept the certificate though.
EDIT 3: Fennec (Mozilla Firefox for Android beta) managed to pull up the login page for my work network. Not sure if it will work for the university yet.
Click to expand...
Click to collapse
I can't use firefox because the Galaxy 3 isn't supported. (Hence, why I'm asking in the Galaxy 3 section.)
But there MUST be a way to accept a simple TOS.
Maybe an AP? Or a script that can be written?
I've rooted my phone... Maybe I can find a way to add the McDonald's certificate?
HELP!

Oh come now..
Sixty views, somebody could at least take a JAB at it.

TeamRainless said:
Oh come now..
Sixty views, somebody could at least take a JAB at it.
Click to expand...
Click to collapse
Alright the hell with it... I'LL take a jab at it:
I can't load the McDonald's site because Android doesn't like their certificate. So all I should have to do is add the McDonald's certificate to the list of sites that Android accepts and it should be sugar in the gas tank right?
So where is this list held?