[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

Exchange ActiveSync Problem

Posted on 2006-05-04
38
Medium Priority
?
441 Views
Last Modified: 2008-02-01
Hello All,
The problem I'm faced with looks like a cell phone problem, but its something to do with Exchange ActiveSync. We have a Treo 650 which was working fine all along then one day stopped syncing to the mail server and now throws an error saying:
" There was a problem syncing messages. (Net 123E)There was a problem connecting to server. Check your network or server settings and try again."

Now my understanding is that, the phone is not able to find the mail server. We have an exchange server running in the office, but have hosted our website with a hosting company. MX record has been setup to point to our mail server's ip address. Is there anybody who can help with this or tell me where to look for help. Thanks!!
0
Comment
Question by:emkayd
  • 18
  • 10
  • 7
35 Comments
 
LVL 104

Expert Comment

by:Sembee
ID: 16608311
Can the phone see the server?

Browse to https://servername.domain.com/oma (where servername.domain.com is the name on your SSL certificate (you are using SSL?) and is the name that your server can be accessed under on the internet).

You should get a username and password prompt, followed by your mailbox in plain text format.

If that doesn't work, the confirm that everything else works from outside the network. You can do this with another machine or the tools at dnsstuff.com

Simon.
0
 

Author Comment

by:emkayd
ID: 16701463
The company has SBS 2003 installed and its remote workspace is available at remote.companyname.com the link remote.company.com/oma does not work. Nothing has changed since its original setup when it was working. The only thing that changed was their ISP. People can access outlook web access and everything.
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 16701552
have you re-run the Configure email and internet wizard?
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 104

Expert Comment

by:Sembee
ID: 16701683
For OMA, by does not work, can you be a little more specific? Error message?
If you use a regular computer that can access OWA, does OMA work there? OMA is just a plain text version of OWA, so works with any web browser.

Simon.
0
 

Author Comment

by:emkayd
ID: 16702079
No I haven't re-run the configure email and internet wizard.

Regarding OMA from a regular browser: When I tried to browse the site by http://fqdn/oma (or as a matter of fact by https://remote.companyname.com/oma) a pop up window shows up asking for username and password, but can't go beyond it because it doesn't take any username/pwd. I don't even know if this is the right way of doing it!??

But OWA works fine with admin account on SBS remote web workspace from the same machine. (By accessing via remote.companyname.com). SBS comes with Sharepoint services integrated.
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 16702100
Sembee is the undisputed man for Exchange but if you get a chance later, try the ceiw. As you are on SBS, the wizards are the way things should be addressed.
0
 

Author Comment

by:emkayd
ID: 16702183
Ok will wait for sembee to come up with something. Is it ok to re-run ceiw again? will disrupt anything in the network coz users are all working and I don't want to mess anything up.
0
 
LVL 104

Expert Comment

by:Sembee
ID: 16702261
Username password prompt should be completed with domain\username and then password.
Try that.

Also, look in the event log for any error messages around authentication at the time you try to use OMA. There is a well known bug with OMA/SSL/FBA. http://www.amset.info/exchange/mobile-omafba.asp

Simon.
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 16702286
Just in answer to your question, ceiw should be run out-of-hours, simply as good practice. This is the common-sense approach :)
0
 

Author Comment

by:emkayd
ID: 16702322
Execellent, I did try that before, but accidentally kept using domain.com/username instead of just domain name. Anyway, I was able to see the text version with OMA after rectifying that.

So now that OMA is working fine from a different network (I'm at a another client's place and working remotely), so the Treo also should be able to access the server right? if everything is fine?
0
 
LVL 104

Expert Comment

by:Sembee
ID: 16702345
If OMA works on a desktop, then try it from the handheld. Take small steps. See if OMA works, and doesn't prompt you for anything.
If you get no prompts in OMA and it works correctly, then you are pretty close.
If you get SSL prompts, then you might have an issue with the certificate.

Simon.
0
 

Author Comment

by:emkayd
ID: 16702451
So I will try accessing OMA from the micro-browser on the Treo and see if it works. Thanks.
0
 

Author Comment

by:emkayd
ID: 16702649
Simon,
OMA from the Handheld works just fine. I was able to access 2 different accounts (just for good measure). I accessed the Admin account's inbox and the user's inbox also. It shows up fine. What should I do next?

Thanks very much for doing this, this issue has been haunting me for weeks and I've been avoiding this user. I hope I would get closure on this today.
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 16702763
Simon, thanks very much for your intervention.

Regards
keith
0
 

Author Comment

by:emkayd
ID: 16702804
Keith, Thanks to you as well, I've worked with you before on a couple different issues.

I tried syncing (of course nothing has been changed) the handheld and I keep getting the same error. "There was a problem syncing messages. (Net 123E) There was a problem connecting to server. Check your network settings......."
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 16702827
Your welcome although my sole contribution to this call was moving you to the right topic area :)

Pleased everything has worked out nicely for you. I'll skip off back to firewalls now where I know what I am talking about.

Regards
Keith
0
 

Author Comment

by:emkayd
ID: 16702875
Keith,
The original problem was that the Treo was not syncing, kept giving the above mentioned error. Simon said if I was able to access OMA from the handheld, I'm pretty close. Now that I can access it, just waiting for Simon to show me how close I'm to resolving this issue. I hope I can resolve it today. Please let me know what should I do next? Thanks very much.
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 16703000
As its sbs, I assume you are using https (ssl) rather than http to make your oma connection?

http://forums.palmone.com/pe/action/forums/displaysinglethread?rootPostID=20245288&returnExpertiseCode=__Corporate_em__USCA



0
 
LVL 104

Expert Comment

by:Sembee
ID: 16703037
When you browsed to OMA, did you use http://... or https://...

When you entered the server information in to ActiveSync on the device, did you enter servername, server.domain.com, servername.domain/com/something , http://servername.domain.com or something else?

It should be JUST the name server FQDN: servername.domain.com - nothing els. No http, no /something - just the servername.

If you are using SSL, then you need to enable the option. However if the SSL certificate that you are using is a home grown certificate (ie not a purchased certificate), then the certificate needs to be imported in to the device.

Simon.
0
 

Author Comment

by:emkayd
ID: 16703119
No OMA uses just http. It doesn't seem to use ssl.
0
 
LVL 104

Expert Comment

by:Sembee
ID: 16703135
It can use SSL. It is a matter of entering in the https: at the beginning of the address. I have OMA on SSL at home.

Simon.
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 16703159
Simon, is there anything that needs amending in the ESM or the IIS to let it use both or is that just a native flexibility?
0
 

Author Comment

by:emkayd
ID: 16703198
Simon,
Like I said, to browse to OMA I used just http:// (no SSL).

The server information in the handheld is (mail.servername.com), its known by that name over the web. I can change this to FQDN of the server, but I doubt it would work.
However remote web workplace uses (HTTPS://)

I tried using the IP of the server, it didn't help either.

Also, one more thing I noticed was, this particular User's login account name is JDoe@companyname.local but the email id is John@companyname.com. I don't know if this has anything to do with this.

0
 

Author Comment

by:emkayd
ID: 16703223
Ok. I can access OMA via http:// and https://. They both work. Does it mean that it is using SSL?
0
 
LVL 104

Expert Comment

by:Sembee
ID: 16703425
Support for http or https is native. You can't use require SSL on this application because it communicates internally with the /exchange virtual directory on http.

However, what I do if I want to force SSL is simply block port 80 on the firewall. Then on the public web site I have a special web page that the users hit. That web page detects whether they are using a desktop or a handheld and then directs them to the correct, secure, URL. Means I don't have http open to the world on the Exchange server.

The log in name and email address being different will not be a problem. I have a different email address at home.

Is the SSL certificate purchased or home grown?

Simon.
0
 

Author Comment

by:emkayd
ID: 16703504
I don't know, but I believe its home grown ( I didn't set this up). If you can tell me where to look for it, I will do so. :-(
0
 

Author Comment

by:emkayd
ID: 16703547
I looked at the SSL certificate in Exchange Virtual Dir, it says:
issued to: remote.companyname.com and issued by: remote.companyname.com.

BTW, remote.companyname.com and mail.companyname.com are all the same server (there is only one server in the entire company) and proper A names (with the server's IP) are setup with the hosting company to resolve to this server if those names are requested on the web.
0
 
LVL 104

Accepted Solution

by:
Sembee earned 2000 total points
ID: 16703597
Does remote.companyname.com resolve on the Interent to your server?
If not, then you have two choices.

1. Fix it so that the name does resolve.
2. Reissue the certificate.

However, the certificate is home grown. That means the device will not trust it and will refuse to do anything over SSL.
In that case you also have two choices.
1. Purchase an SSL certificate.
2. Import the certificate in to the device.

I don't use self issued certificates outside of lab environments. I always used a purchased certificate for production stuff. My preferred issuer is RapidSSL, however their root certificate is not trusted, so it has to be installed.

Whether you are using home grown or purchased, installing the certificate is easy enough: http://www.amset.info/pocketpc/certificates.asp

Simon.
0
 

Author Comment

by:emkayd
ID: 16703615
SBS's Companyweb uses SSL 444 and Default web sites use SSL 443. Nothing has changed in the recent past, don't know why all of a sudden Treo stopped snycing with Exchange server.
0
 

Author Comment

by:emkayd
ID: 16703701
Yes remote.companyname.com resolves to this server on the internet.

So if I get this right, I cannot sync the device without SSL. So to sync this with SSL I would need to import the certificate into the handheld. Now that ActiveSync is not usable I will have to use a memory card to import the certificate.

Now where do I download this certificate from? Is it somewhere on the server? or how should find where to download this certificate from? Can you please throw some light on that?
0
 
LVL 104

Expert Comment

by:Sembee
ID: 16703741
You can sync the device without SSL. However I wouldn't advise it, as your username and password is going across the internet in the clear with great regularity.

If you read the article on my web site above, you can export the certificate in the required format. If you open IIS Manager on the server, then the Properties of the Default Web Site and then Directory Security you can open the certificate which will allow you to export it in the correct format.

I have three SSL certificate questions on the go at the moment...

Simon.
0
 

Author Comment

by:emkayd
ID: 16703756
And this phone is a Treo 650, I don't if this is like a Windows 2002/2003 Smartphone?
0
 

Author Comment

by:emkayd
ID: 16703860
I think I found the way to export it. I went to Exchange Vir Dir, and there is an option Copy To:
Once you hit that it asks for exporting private or not? Should I export private key?
The next option gives 3 different formats, Should I go with DER encoded Binary x.509?
And after that what file to specify?

I apologize this is way too much to ask for, I can understand if you can't answer these questions, thanks for all the help.
0
 

Author Comment

by:emkayd
ID: 16703945
Then in theory then it should sync without using SSL (say the user doesn't care about their pwd being in the open). But it doesn't sync. So will it be worth the try to export the certificate and import it into the handheld if it should work otherwise as well?
0
 
LVL 104

Expert Comment

by:Sembee
ID: 16704069
If you follow the instructions on my web page, I have outlined which format you need to use.
In theory the device should sync without https. I have certainly done so using the emulator.

Simon.
0

Featured Post

Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

On September 18, Experts Exchange launched the first installment of the Help Bell, a new feature for Premium Members, Team Accounts, and Qualified Experts. The Help Bell will serve as an additional tool to help teams increase question visibility.
If you have come across a situation where you need to find some EDB mailbox recovery techniques, then here you will find the same. In this article, we will take you through three techniques using which you will be able to perform EDB recovery. You …
This video shows how to quickly and easily deploy an email signature for all users in Office 365 and prevent it from being added to replies and forwards. (the resulting signature is applied on the server level in Exchange Online) The email signat…
Whether it be Exchange Server Crash Issues, Dirty Shutdown Errors or Failed to mount error, Stellar Phoenix Mailbox Exchange Recovery has always got your back. With the help of its easy to understand user interface and 3 simple steps recovery proced…
Suggested Courses

831 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question