insanegain
asked on
Setting up Exchange Server Oma with IIS and Outlook03 on SBS2003
June 15/06
When I am away from the network I type in this url and then I get the response following:
http://24.67.32.244/
Response: "You are not authorized to view this page"
I type in this url and then I get the response following:
https://24.67.32.244/
Response: Prompts to accept a certifiacte, and the
"You are not authorized to view this page" is displayed
I type in this url and then I get the response following:
http://24.67.32.244/oma
Response: Changes url to https://24.67.32.244/oma and then displays "You are not authorized to view this page"
Same thing with
http://24.67.32.244/owa and https://24.67.32.244/owa
When I am local to the network:
Type in
https://24.67.32.244/oma
It prompts me for a certificate granting and then username and password and I put it my FQDN and corresponding password
Response: Item no longer exists. The item you are attempting to access may have been deleted or moved.
Home And then Changes the address bar to read https://24.67.32.244/oma/(myz3kn45tt5h2155w3kd5e3z)/oma.aspx
I type in this url and then I get the response following:
http://24.67.32.244/oma
Same thing as above
Now for the punch line READY??
When I go to https://24.67.32.244/oma and grant the certificate and login as the administrator user, enter the username and password I get this:
Inbox (4 new)
Calendar
Contacts
Tasks
Find Someone
Compose New
Preferences
Mail Folder Tree
About
I assume this is the Outlook Mobile Access that I need to set up for device Synching with Activesync. Problem is my own username is part of the Administrators group and also the Mobile Users group.
I am runnning SBS2003 with Exchange 03. I have enabled permissions for the user to connect to Outlook Mobile Access, user initiated sychronization and up to date notifications. OMA was not on the list in IIS so I made a new entery and called it that, so the identifier number on the list is 833712 which stands out as unusual as the other 4 sites have id numbers between 1 - 4. No ssl is currently being used, I have toggled that back in forth according to other things I have read about it.
OMA is enabled Globaly as well.
I feel that something must be wrong in IIS, please be very descriptive if possible in terms on what I might do to configure it.
Thanks in advance
Insangain
PS (I am making this question worht 500 points because the solution will probably require me asking really dumb follow up questions such as "Click where? ........Like with the mouse you mean?"
When I am away from the network I type in this url and then I get the response following:
http://24.67.32.244/
Response: "You are not authorized to view this page"
I type in this url and then I get the response following:
https://24.67.32.244/
Response: Prompts to accept a certifiacte, and the
"You are not authorized to view this page" is displayed
I type in this url and then I get the response following:
http://24.67.32.244/oma
Response: Changes url to https://24.67.32.244/oma and then displays "You are not authorized to view this page"
Same thing with
http://24.67.32.244/owa and https://24.67.32.244/owa
When I am local to the network:
Type in
https://24.67.32.244/oma
It prompts me for a certificate granting and then username and password and I put it my FQDN and corresponding password
Response: Item no longer exists. The item you are attempting to access may have been deleted or moved.
Home And then Changes the address bar to read https://24.67.32.244/oma/(myz3kn45tt5h2155w3kd5e3z)/oma.aspx
I type in this url and then I get the response following:
http://24.67.32.244/oma
Same thing as above
Now for the punch line READY??
When I go to https://24.67.32.244/oma and grant the certificate and login as the administrator user, enter the username and password I get this:
Inbox (4 new)
Calendar
Contacts
Tasks
Find Someone
Compose New
Preferences
Mail Folder Tree
About
I assume this is the Outlook Mobile Access that I need to set up for device Synching with Activesync. Problem is my own username is part of the Administrators group and also the Mobile Users group.
I am runnning SBS2003 with Exchange 03. I have enabled permissions for the user to connect to Outlook Mobile Access, user initiated sychronization and up to date notifications. OMA was not on the list in IIS so I made a new entery and called it that, so the identifier number on the list is 833712 which stands out as unusual as the other 4 sites have id numbers between 1 - 4. No ssl is currently being used, I have toggled that back in forth according to other things I have read about it.
OMA is enabled Globaly as well.
I feel that something must be wrong in IIS, please be very descriptive if possible in terms on what I might do to configure it.
Thanks in advance
Insangain
PS (I am making this question worht 500 points because the solution will probably require me asking really dumb follow up questions such as "Click where? ........Like with the mouse you mean?"
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
So many issues.
First question - what you are using for email? An ISPs domain? It is almost unheard of for a company to not be using their own domain - especially considering that they are so cheap.
You can deploy OMA and EAS without SSL, but I don't do that. It would mean usernames and password going across the internet in the clear.
The folder for EAS in IIS is "Microsoft-Server-ActiveSy
Couple of things.
1. Check that the authentication settings and application pools are set correctly in IIS Manager. I have the correct settings on my web site here: http://www.amset.info/exchange/mobile-eastrouble.asp
2. Rather than fiddling around with a mobile phone or Pocket PC, get your hands on the Windows Mobile emulator. It makes life so much easier for troubleshooting as you can reset the device quickly and easily.
http://www.amset.info/pocketpc/emulator.asp
Simon.
First question - what you are using for email? An ISPs domain? It is almost unheard of for a company to not be using their own domain - especially considering that they are so cheap.
You can deploy OMA and EAS without SSL, but I don't do that. It would mean usernames and password going across the internet in the clear.
The folder for EAS in IIS is "Microsoft-Server-ActiveSy
Couple of things.
1. Check that the authentication settings and application pools are set correctly in IIS Manager. I have the correct settings on my web site here: http://www.amset.info/exchange/mobile-eastrouble.asp
2. Rather than fiddling around with a mobile phone or Pocket PC, get your hands on the Windows Mobile emulator. It makes life so much easier for troubleshooting as you can reset the device quickly and easily.
http://www.amset.info/pocketpc/emulator.asp
Simon.
ASKER
Hi again, please excuse my absence,
We are using a third-party mail server for email, POP3, no email gets routed through our exchange server. Just contact, calendar, task sharing etc.
The domain name set up on the server is servername.local, this was intended for use only as an internal server until we exposed it as a gateway. I'm sure that having an extension that doesn't end in com, net or org will hinder us even more.
The folder EAS in IIS is "Microsoft-Server-ActiveSy
I'm not too worried about the lack of using SSL for the sake of usernames and password going across the internet in the clear at this moment.
I'll start playing around with the tools that you have linked me to. Any more suggestions based on this new info?
Thanks again
Insane
We are using a third-party mail server for email, POP3, no email gets routed through our exchange server. Just contact, calendar, task sharing etc.
The domain name set up on the server is servername.local, this was intended for use only as an internal server until we exposed it as a gateway. I'm sure that having an extension that doesn't end in com, net or org will hinder us even more.
The folder EAS in IIS is "Microsoft-Server-ActiveSy
I'm not too worried about the lack of using SSL for the sake of usernames and password going across the internet in the clear at this moment.
I'll start playing around with the tools that you have linked me to. Any more suggestions based on this new info?
Thanks again
Insane
If you aren't having your email delivered directly, then the value of features like this becomes limited. OMA is primarily designed for email - it does everything else very poorly.
Exchange is an email server primarily and needs to be treated as one. Being a glorified calendar sharing product is wasting so much of the services that it can offer to you.
Ideally you need to have email delivered by SMTP to get the best out of it. If you have a permanent internet connection then I would switch over. Your users will love you for it as email will come in immediately instead of the delay with the POP3 connector doing its thing.
Without a .com host name you are going to continue to struggle. Everything is setup primarily for host names. Plus a host name is so much easier to remember than the IP address.
Have you got the mobile options enabled in ESM? It is part of Global Settings. I usually suggest enabling every option.
Simon.
Exchange is an email server primarily and needs to be treated as one. Being a glorified calendar sharing product is wasting so much of the services that it can offer to you.
Ideally you need to have email delivered by SMTP to get the best out of it. If you have a permanent internet connection then I would switch over. Your users will love you for it as email will come in immediately instead of the delay with the POP3 connector doing its thing.
Without a .com host name you are going to continue to struggle. Everything is setup primarily for host names. Plus a host name is so much easier to remember than the IP address.
Have you got the mobile options enabled in ESM? It is part of Global Settings. I usually suggest enabling every option.
Simon.
ASKER
But to respond to your question" What is my actual question?" here it is
I need to have this thing setup up to host activesync for mobile devices. Its not working and after 2 weeks screwing around with the pocket pc phone and calling tech support for days and days and days. I always arrived back at the same conclusion: There is a problem with the server allow access to the mailboxes. Not sure what to do at this point.
So yes, OMA is not working and Exchange Active sync is not working.
Another question, should Exchange Active sync be on the list of IIS? (cuz its not)
Thanks again, what should I do at this point?
Insanegain