Solved

WM5 Device accessing network shared areas over VPN

Posted on 2006-11-29
18
262 Views
Last Modified: 2010-04-19
I have a windows mobile 5 device that can connect to our SBS Server via VPN
however when you try to access a network shared area
it asks for the username and password when i type that in,
it does not seem to authenticate and continues to keep asking for your username and password

the users i have tried this with are part of the Remote users group, they can access the areas using VPN connections with their laptops and obviously when they are at the office connected to the local domain

is there something else i need to enable to allow them to do the above. i tried also with the administrator account but that too does the same thing, which leads me to believe that its possible that the device itself (o2 xda mini s and we also use one Orange SPV5000) needs to be allowed to connect

Any Ideas would be greatfully received


Many Thanks

0
Comment
Question by:teknite
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 8
  • 7
18 Comments
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 18053557
Just to clarify... you stated that users are part of the "remote users group" but they should be members of the "MOBILE Users Group" if the account was created properly using the Add-User Wizard with the Mobile Users Template.

If the accounts were not added this way, please run the Change User Permissions Wizard (also in the Users section of the Server Management Console) and reapply the Mobile Users Template.

Then, you also didn't confirm whether or not these devices have been configured to use ActiveSync.  Which, in doing so, would place the server's SSL certificate on the device... which I think is what you are missing here.

Please follow the detailed instructions at http://sbsurl.com/mobile to correct the problem.

Jeff
TechSoEasy
0
 

Author Comment

by:teknite
ID: 18083651
Hi TechsoEasy,

Yes i meant to say mobile users anyways i did what you said to check to make sure they have the same permissions as the mobile user template and they seem to be member of the same groups etc...

i then tried the other option to try and use the ssl certificate. i copied the certificate onto my device (o2 xda mini s) however it said the certificate wasnt valid, even when you also follow the link and try using the exe file to run on your WM5 device and the certificate still says invalid, however other services that use ssl like owa etc... they all seem to be working fine.

Any other Ideas??
0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 18084261
Apparently the o2 XDA Mini has been problematic.  Since we don't have those over here, I don't have any direct experience with them.  However they are mentioned in the Exchange Team's Blog here:  http://msexchangeteam.com/archive/2006/04/03/424028.aspx  

Jeff
TechSoEasy
0
Optimize your web performance

What's in the eBook?
- Full list of reasons for poor performance
- Ultimate measures to speed things up
- Primary web monitoring types
- KPIs you should be monitoring in order to increase your ROI

 

Author Comment

by:teknite
ID: 18084381
How about the orange SPV5000s because we was also gonna try do the above on these as well, and i was going to test on my XDA first before rolling them out. I do know though that when my colleague tried in file explorer on his SPV5000 when he is connected up to the VPN he gets this repeatingly asking for a password (like a rejection)

I think you are right it has something to with the device needs to be authenticated to access the system, but not quite sure what else is required

Thanks
0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 18084726
The thing is that you really have to follow the configuration instructions explicitly, or you'll never know what is working or what isn't.  So I can't really give you an opinion as to one device or another.

Jeff
TechSoEasy
0
 

Author Comment

by:teknite
ID: 18209326
Hi Techsoeasy

I followed and got my certificate installed onto my PDA and it works wonders with my direct push with SSL turned on
but unfortunatly it still didnt help in my quest to view my network files over the VPN

IS this something that actually can work i mean everytime i try to access a network share it rejects my login.

One thing i admit i didnt try was register the PDA onto the SBS server like as you do when a PC joins the Domain, maybe this is what i need to do

Any Idseas?
0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 18211431
If it's rejecting your login, what is the error code it gives?  Have you tried logging in with DOMAIN\USER or user@domain.local?  

Jeff
TechSoEasy
0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 18211434
You don't need to "register" the PDA onto the SBS because that's never necessary for a VPN connection.

Jeff
TechSoEasy
0
 

Author Comment

by:teknite
ID: 18214009
i tried username and doman\username and still no joy

I dont seem to get an error code on the PDA all that happens is that when you click ok with the password credentials it says Login Failed at the top and displays the fields to re-type the username and password
if you cancel out of that it says access denied.

The users can access the files in question when they logged in onsite on the local LAN and over VPN on their laptops so this is why i thought might have something to do with the PDAs

0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 18217865
It might have to do with the PDA, what version of ActiveSync are you using?  Because this will configure some of the PDA's settings.  If you aren't using at least 4.3, you should be.

Jeff
TechSoEasy
0
 

Author Comment

by:teknite
ID: 18223472
the 2 PDAs i have are using 4.1 so i will try with 4.3 today will let you know how it goes
0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 18223853
Oh, yeah... because there is a big difference between 4.1 and 4.2.

Jeff
TechSoEasy
0
 

Author Comment

by:teknite
ID: 18239076
Installed 4.2 couldnt c a 4.3
re-created the exchange profile on my pda so that it was from the new active sync
all looked promising

connected to my GPRS sync'd online excellent

Connected to VPN tries to access my server
asked for a password, ok typed it in
Login Failed still :(
0
 
LVL 74

Accepted Solution

by:
Jeffrey Kane - TechSoEasy earned 500 total points
ID: 18242103
Sorry, that was a typo on my part above.

4.2 comes with a troubleshooter that works quite well... you'll find it on the Help Menu in ActiveSync on your PC.

Jeff
TechSoEasy
0
 

Author Comment

by:teknite
ID: 18318213
Thanks for all your help with this Jeff

the project been placed on the backburner for a while

what puzzles me about the whole situation is that direct push works perfectly well and not got any problems with that (except are GPRS connection didnt work in the US) but yet this doesnt allow you in , where as with the same user you can VPN in from any PC, laptop or server known to man

Crazy

Thanks

Eliot
0

Featured Post

[Live Webinar] The Cloud Skills Gap

As Cloud technologies come of age, business leaders grapple with the impact it has on their team's skills and the gap associated with the use of a cloud platform.

Join experts from 451 Research and Concerto Cloud Services on July 27th where we will examine fact and fiction.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A lot of problems and solutions are available on the net for the error message "Source server does not meet minimum requirements for migration" while performing a migration from Small Business Server 2003 to SBS 2008. This error pops up just before …
The articles for turning off the Client firewall policy on the internet are for SBS 2008 and don't really help for SBS 2011. They actually moved the Client firewall policy. In 2011, the client firewall policy has moved to the SBS computers conta…
There's a multitude of different network monitoring solutions out there, and you're probably wondering what makes NetCrunch so special. It's completely agentless, but does let you create an agent, if you desire. It offers powerful scalability …
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…

623 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question