Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 4852
  • Last Modified:

Active Sync with Verizon Wireless

I am trying to setup Active Synch between Exchnage 2003 and a verizon phone (Samsung 600) running 2003 Mobile.  I have OMA working but would like to get the up to date notifications working.  I spoke with Verizon and no one seemed to know how to set this up.  

1) I know you need to make an entry for the mobile carrier with an SMTP domain.  Does anyone know what SMTP domain to use for Verizon Wireless?
2) On the desktop and Smartphone active sync options I selected synch with server and entered the URL of our Front-End Exchange Server.  Would this be correct?

I have looked around and read several articles but I haven't found one with the steps to accomplish what I am looking to do.   I am assuming this will work similar to a blackberry.  Am I expecting too much?

Thanks
0
geneki
Asked:
geneki
  • 8
  • 5
1 Solution
 
atheluCommented:
yes, you would put the FQDN of the front-end server in the activesync prompt. make sure that you are putting the username in like: username@mydomain.com.

Is SSL running on the exchange server? if so, make sure you check the ssl box in activesync.

 You are only trying to sync with server too. you should be able to ignore the other settings.
0
 
atheluCommented:
Please ignore the above: I was think PalmOS for some reason.

anyhow, the setup inside of Activesync is pretty straight forward:

for the server, put in the fully Qualified domain name of your Front-end server (i.e. frontend.mydomain.com)
Check the SSL bos if you are using it.
check boxes of the items you wish to synchronize with exchange
Proceed to the options tab and fill in the username, password and domain name. It is easiest to allow it to save this information.

You should not have to worry about enabling support for unsupported devices since you are using active sync.

the Microsoft-server-activesyen object inside of IIS should have Anonymous, Integrated, and basic authentication enabled.

Anonymous should NOT be used if you are not using SSL.

0
 
atheluCommented:
I just cant type today. Basic should not be used i meant to say.
0
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

 
genekiAuthor Commented:
Thank you for the information.  Are there certain ports that need to be opened on the firewall other than 443? Do you need the entry for the mobile carrier and the smtp domain of the mobile carrier in order for this to work?

Thanks
0
 
atheluCommented:
ActiveSync requires the following Winsock Transmission Control Protocols (TCP) to be available:
• 990
• 999
• 5678
• 5679

With the activesynce configured as above you would be able to read and receive email, calendar and task items. If you composed a message on your handheld, it would not be delivered until the next time you ran the synchronization. I know this is true of my PocketPC device. Your configuration may require a seperate SMTP service configured on the phone itself. The exchange server does not need to know anything about the phone's SMTP setup.
0
 
genekiAuthor Commented:
Ok, I am having trouble connecting with Verizon, but I want to make sure the config is right on my end.  I am setting up an iPAQ and testing over our internal wireless LAN, but I am still unable to sync wirelessly. For the server I entered FE Server.mycompany.com and tried it with both SSL on and off.  I get an HTTP_500 error.  
0
 
atheluCommented:
Do you have an SSL cert installed in IIS? does the cert have the same FQDN as the server?
0
 
genekiAuthor Commented:
Yes the server has a self signed cert installed and it is the same as the FQDN.
0
 
atheluCommented:
did you confirm the permission on the virtual server?

Windows integrated authentication needs to be on on both servers. Basic can be on on the backend as well if you are using SSL.

It may be necessary to resart the IIS services for the rights changes to go into affect. Issue the command iisreset  at the command prompt on the FE and BE server.
0
 
atheluCommented:
IT does sound like ssl may be the issue here.

" SSL negotiation failure may indeed be a problem, but it is likely not due to your phone cert list. Unless your carrier has deployed a WAP2 end-to-end SSL capable gateway, your phone is probably communicating to gateway machine on carrier network using WTLS, and that gateway computer initiates an SSL session with Exchange server on phone's behalf. If the gateway does not trust the SSL certificate installed on your Exchange server, the SSL handshake will fail and you may see an error 500. This is likely to occur if the Exchange server has a self-issued certificate - most carrier gateways will trust SSL certs issued by large companies in that business, such as Thawte, Verisign, Baltimore, etc. Since the IE client uses a direct IP connection to Exchange and does not have a carrier network/gateway to deal with, this might explain it working properly. If this is indeed the problem, purchasing an SSL certificate from a well-known issuer is probably the easiest workaround. "

you could install a trial SSL cert from verisign and see if the issue goes away?
0
 
genekiAuthor Commented:
Thank you for the help.  I have it working with my iPAQ on our WLAN.  Now to work on the Verizon phone.
0
 
atheluCommented:
what was the issue if i may ask?

BTW- also found out that temporary verisign certificates are non-standard and will sometimes not be accepted by mobile devices.

another article to look at in regards to the 500 error message to:

http://support.microsoft.com/default.aspx?scid=kb;en-us;886346
0
 
genekiAuthor Commented:
The issue was with authentication.  The FE and BE servers were not set for integrated.  Once I set them both to integrated it worked.  BTW...It is also worked if the BE server was set to integrated but the FE server was not.

The cert seems to work ok with the iPAQ.  I am looking at getting a Verisign cert to elimanate any possible issues with that.
0
 
DarthModCommented:
PAQed with points (250) refunded

DarthMod
Community Support Moderator
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

  • 8
  • 5
Tackle projects and never again get stuck behind a technical roadblock.
Join Now