?
Solved

Activesynch with axim 51 does not work

Posted on 2006-06-27
15
Medium Priority
?
1,925 Views
Last Modified: 2007-12-19
total novice here when it comes to using anything mobile connecting to exchange server, so please bear with me.

we have an exchange server 2003 environment. we're now trying to allow mobile users to check their emails through dell axim 51 pda's.

we have not done anything to exchange server in regards to mobile connection, other than what might have gotten installed by default, however OWA is set up and used successfully.

when we try to connect to the exchange server through the pda activesynch it's giving the following error code on the pda: 85030022,

and the event log on the sever shows the following error  (the ONLY error):

An error occurred while accessing the Active Directory for user [Internet Guest Account]. Information cannot be retrieved from Active Directory due to an unknown error. Verify that the Exchange ActiveSync Server can communicate with Active Directory, and that the user has a valid account.

obviously we have entered the servername (tried IP as well) as well as the user login, pw, and domain before trying to synch on the pda AND on the app through the pc.

the pda synchs fine through the activesync app/pc connection, but we need it to be able to synch directly to the server, since the email accounts we want to set up do NOT have dedicated pcs to synch each account to.

i am sure we're missing some settings on the server but have no idea where to even begin to start looking, so ANY pointing in the general direction would be greatly appreciated!


0
Comment
Question by:daya88
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 4
  • 3
  • +2
15 Comments
 
LVL 104

Expert Comment

by:Sembee
ID: 16995775
What state is the Exchange server in?
SP1, SP2?

What about the PDA? Is that Windows Mobile 2003, 5.0? If 5.0 does it have the MSFP upgrade.

The model of the PDA doesn't really matter, other than whether it has a mobile connection or not. What is really of concern is the version of the software running inside.

Does OMA work?
Are you using SSL?

The error about the internet guest account is odd.
Do you have anonymous access granted to either /exchange, /oma or /Microsoft-Server-ActiveSync virtual directories in IIS Manager?

Simon.
0
 

Author Comment

by:daya88
ID: 16995883
ok:

we have SP2 on that server

the pda is using Windows MObile 5.0 premium edition (with outlook 2002)

not sure how to check if OMA is working?
ssl is not enabled nor are we using form based auth (read another article hinting these should not be turned on for this to work, however we never had reason TO turn them on...)

all 3 virtual directories in IIS have anon auth enabled, with basic auth
0
 
LVL 104

Expert Comment

by:Sembee
ID: 16996117
You should NOT have anonymous authentication enabled on those directories. That will cause the problem.

The settings should be:

/exchange: Integrated and Basic ONLY.
/exchweb: Anonymous ONLY.
/exadmin: Integrated ONLY.
/OMA: Basic ONLY.
/Microsoft-Server-ActiveSync: Integrated and Basic ONLY.

As you are using basic authentication, I would strongly recommend that you look at an SSL certificate, as your username and password information is going across in the clear.

You can check if OMA is working from a web browser on your desktop. Browse to http://servername/oma and then enter credentials when prompted. However I doubt whether it will work until you make the changes I have outlined above.

Simon.
0
Get your Conversational Ransomware Defense e‑book

This e-book gives you an insight into the ransomware threat and reviews the fundamentals of top-notch ransomware preparedness and recovery. To help you protect yourself and your organization. The initial infection may be inevitable, so the best protection is to be fully prepared.

 

Author Comment

by:daya88
ID: 17001067
well i made these2 changes, wasn't going to touch the other 3 since i am afraid of messing up our OWA settings (it's taken us some time to "customize" them to the users' liking so don't really want to change anything there if at ALL possible....)

/OMA: Basic ONLY.
/Microsoft-Server-ActiveSync: Integrated and Basic ONLY.

i now no longer get a server message but do still get attention required on the pda with the following error 0x85010001, stating my account in ms ex serv does not have permission to synch with my current settings....
0
 

Author Comment

by:daya88
ID: 17001103
oh and oma seems to not work even after these sec changes, going to  http://servername/oma i get a http error 404...
0
 
LVL 104

Expert Comment

by:Sembee
ID: 17002601
OMA and EAS make calls on the /exchange virtual directory.

The settings that I have outlined above are the only ones that work. Other combinations, particularly on the /exchange virtual directory will cause problems. You also have to ensure that you do not have REQUIRE SSL enabled on any of those folders, as all the calls are on port 80 only.

Hope you have your "customisations" documented, as you will loose them after any service pack or hot fix is applied to Exchange.

Simon.
0
 

Author Comment

by:daya88
ID: 17003225
ok i was using the wrong server name when testing OMA, it IS working.

so going by your last reply, does this means you really cannot help me any further until we make your recommended security changes on the directories on the server?

if that's the case give me a few days and i'll see about getting them implemented and see how it affects our environment.

thanks for all the input so far!
0
 
LVL 104

Expert Comment

by:Sembee
ID: 17003691
Until the security changes are made, further diagnosis is impossible. As far as I can tell, you have incorrect settings. Until those settings are correct, any other changes or suggestions are invalid, because they may not have any affect because of those security settings.  

Simon.
0
 
LVL 1

Expert Comment

by:tspa
ID: 17045161
I was having almost the same problem (how i found this thread) and found changing those settings to change some things...however, it only got me to the next error...

From a verizon phone (windows mobile) we get a 0x85010001

From the http:// or https://mail/oma we get the following after providing u/p.

  A System error has occurred while processing your request. Please try again. If the problem persists, contact your administrator.

Where are you in your testing...maybe we can figure it out together.


0
 

Author Comment

by:daya88
ID: 17045214
unfortunately i am no furhter oin this issue. i am not the real administrator on the server, so not at liberty to make these changes without a consult to the proper person and he's not been available so far. it will come up soon i am sure.

however, my oma did work with the above mentioned settings(changes), so not sure if we are still on the same thread. but yes any further input would be greatly appreciated.
0
 
LVL 1

Expert Comment

by:tspa
ID: 17052611
I found out the problem of oma not working at all...see KB 817379.  (Method 2 - Which essentially fakes a front end/back end server setup)

The problem is that we're forcing SSL for webmail, and OMA can't talk on SSL, so we create a fake back end that is HTTP for it to chat on...now oma works from web browser...our other problem seems to be that we have published the FBA on the ISA server, and i think our phones are having problems passing the authentication back to the exchange server...we currently get the same numerical error code as before, but now it includes this text: "your account in microsoft exchange server does not have permission to sync with your current settings.  Contact your Exchange Admin.

let me know if this leads either one of us into the light or further in the woods...
0
 
LVL 1

Expert Comment

by:tspa
ID: 17058536
I have gotten my full setup working.  It was all ISA 2004's FBA that was the problem...after a few sneaky tricks from Dr. Shinder, we were able to route the SSL FBA to the right place, and still let active sync come straight on through to what it needs to get to...so you may want to check closely to see what is all between your exchange server and your pda.  Also check the above kb.

0
 

Accepted Solution

by:
CetusMOD earned 0 total points
ID: 17258246
PAQed with points refunded (250)

CetusMOD
Community Support Moderator
0
 

Expert Comment

by:DP-Group
ID: 20439424
I found a simple solution to the same problem.
I had a perfectly working outlook web access interface, but phones would get the same error message.
I discovered that the exchange server had previously been Exchange 2000 and updated. The OMA interface was in the default web site under IIS and there was an entry for exchange.domainname.com with exchweb in it, but no OMA. There were identical settings under detault web site for every entry under exchange.domainname.com. I fixed this by renaming the sitename and host header name setting from exchange.domainname.com to old.domainname.com and added exchange.domainname.com as a host header under default web site and voila... it works.

FYI - A great way to test your settings is to use IE 6.0 or better to go to http://domainname.com/oma, just like you do for http://domainname.com/exchange to get to outlook web access. Hope this helps!!
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Find out what you should include to make the best professional email signature for your organization.
If you troubleshoot Outlook for clients, you may want to know a bit more about the OST file before doing your next job. IMAP can cause a lot of drama if removed in the accounts without backing up.
how to add IIS SMTP to handle application/Scanner relays into office 365.
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Suggested Courses
Course of the Month12 days, 19 hours left to enroll

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question