• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 2161
  • Last Modified:

ActiveSync w/ Nextel i930

I just got an i930 in and I was wonder what I need to do for active sync on the server side, if you could just give me a good link or two that would be fine. I have done the port forwards for the required ports, set the i930 to look @ both the FE and BE using both the DNS name (matches SSL cert) adn the IP address.

For the backend server, whether SSL is enabled or disabled I get the Internet_29 error.

For the frontend server, whether SSL is enabled or disabled I get the HTTP_302 error.

Any help is greatly appreciated! I'm being generous with points because I know for sure I will have follow up questions!
0
AdamHolmes
Asked:
AdamHolmes
  • 9
  • 5
  • 4
5 Solutions
 
Jejin JosephCommented:
0
 
SembeeCommented:
Test it with OMA first.

https://servername.domain.com/oma

where servername.domain.com is the name on your certificate.
OMA uses the same part of the server, so in many cases if OMA works, then EAS works.

Ensure that you haven't got require SSL certificate enabled on the /exchange virtual directory.
Otherwise the only ports that you need open are 443. Nothing else.

Simon.
0
 
AdamHolmesAuthor Commented:
I tested OMA on my desktop computer and it says:

"Your user account has not been enabled for wireless access. Please contact your system administrator for additional assistance."

I checked my user properties under the Exchange Features tab and it says Outlook Mobile Access -- Enabled.

What the heck?
0
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

 
Jejin JosephCommented:
On the Global Settings of Exchange you will have to enable OMA.
0
 
AdamHolmesAuthor Commented:
Ah, I love this board, you guys are awesome.
0
 
Jejin JosephCommented:
You can find OMA Browse settings in ESM, under Global Settings -> Mobile Services -> Properties
0
 
AdamHolmesAuthor Commented:
Cool, found it. OMA is working on the FE server.
0
 
SembeeCommented:
Go in to ESM, Global Settings, Mobile Services and tick every box. You shouldn't have to restart anything, that will let you get access to OMA to see whether it works or not.

Simon.
0
 
SembeeCommented:
Is that with or without SSL?
If you browse to the oma virtual directory with a regular machine using Internet Explorer and Friendly HTTP error messages turned off, do you get an SSL prompts? Any other errors?

Simon.
0
 
AdamHolmesAuthor Commented:
Hey got a new message on my i930.

"Internet_45. The security certificate on the server is invalid. Contact your system admin or ISP to install a valid certificate on the server and try again."

I have my own CA certificates installed on this server, is it required that I have a public certificate?
0
 
AdamHolmesAuthor Commented:
I don't get any prompts or errors. I get the basic authentication popup asking me for my l/p.
0
 
AdamHolmesAuthor Commented:
AfterI turned the required to use SSL off on the i930 it went back to the HTTP_302 error again.
0
 
Jejin JosephCommented:
If you are using a certificate that is not trusted, you can disable certificate validation on the device by running the CertChk.exe tool. The Disable Certificate Validation tool is part of the Exchange 2003 All-in-one Tools package available from http://www.microsoft.com/downloads/details.aspx?FamilyId=E0F616C6-8FA4-4768-A3ED-CC09AEF7B60A&displaylang=en Please see the readme that is provided with the tool for more information.

 Root certificates can also be added to the Pocket PCs with Windows Mobile 2002 softwareby using the process outlined in KB 322956 Sample to Add Root Certificates to Pocket PC 2002.
0
 
SembeeCommented:
The certificate will be causing an issue.
You either have to install the certificate on to your handheld, or get a purchased certificate that is trusted by the device, or you can install the root certificate for. I prefer the latter.
http://www.amset.info/pocketpc/certificates.asp

You must ensure that you have require SSL disabled on the /exchange virtual directory. Even if your users are accessing the server with https. The simple way to deal with that is to only open port 443 to the Internet on your firewall, so that the users have to enter the HTTPS.

Simon.
0
 
AdamHolmesAuthor Commented:
Can you run that software on a phone though? It's not a normal Pocket PC.
0
 
AdamHolmesAuthor Commented:
You guys are awesome, I'm going to try to buy a trusted certificate, and leave this question pending, if this works I'll be splitting the points between all of you.
0
 
SembeeCommented:
Most of the tools can be run on a Smartphone as well as the Pocket PC.
Whether your mobile phone provider will allow you to is another matter. They like to control the devices. If you cannot run any of the tools then you are stuck with one of two scenarios...

1. Usernames and passwords sent across in the clear.
2. Acquire a certificate that is trusted by the device.

Simon.
0
 
AdamHolmesAuthor Commented:
Great help guys! Look slike I got everything squared away.

Here is a link that says how to add your own root certifcate to the i930:

http://support.microsoft.com/default.aspx?kbid=841060
0

Featured Post

Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

  • 9
  • 5
  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now