Solved

WM5 Device accessing network shared areas over VPN

Posted on 2006-11-29
18
224 Views
Last Modified: 2010-04-19
I have a windows mobile 5 device that can connect to our SBS Server via VPN
however when you try to access a network shared area
it asks for the username and password when i type that in,
it does not seem to authenticate and continues to keep asking for your username and password

the users i have tried this with are part of the Remote users group, they can access the areas using VPN connections with their laptops and obviously when they are at the office connected to the local domain

is there something else i need to enable to allow them to do the above. i tried also with the administrator account but that too does the same thing, which leads me to believe that its possible that the device itself (o2 xda mini s and we also use one Orange SPV5000) needs to be allowed to connect

Any Ideas would be greatfully received


Many Thanks

0
Comment
Question by:teknite
  • 8
  • 7
18 Comments
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 18053557
Just to clarify... you stated that users are part of the "remote users group" but they should be members of the "MOBILE Users Group" if the account was created properly using the Add-User Wizard with the Mobile Users Template.

If the accounts were not added this way, please run the Change User Permissions Wizard (also in the Users section of the Server Management Console) and reapply the Mobile Users Template.

Then, you also didn't confirm whether or not these devices have been configured to use ActiveSync.  Which, in doing so, would place the server's SSL certificate on the device... which I think is what you are missing here.

Please follow the detailed instructions at http://sbsurl.com/mobile to correct the problem.

Jeff
TechSoEasy
0
 

Author Comment

by:teknite
ID: 18083651
Hi TechsoEasy,

Yes i meant to say mobile users anyways i did what you said to check to make sure they have the same permissions as the mobile user template and they seem to be member of the same groups etc...

i then tried the other option to try and use the ssl certificate. i copied the certificate onto my device (o2 xda mini s) however it said the certificate wasnt valid, even when you also follow the link and try using the exe file to run on your WM5 device and the certificate still says invalid, however other services that use ssl like owa etc... they all seem to be working fine.

Any other Ideas??
0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 18084261
Apparently the o2 XDA Mini has been problematic.  Since we don't have those over here, I don't have any direct experience with them.  However they are mentioned in the Exchange Team's Blog here:  http://msexchangeteam.com/archive/2006/04/03/424028.aspx  

Jeff
TechSoEasy
0
 

Author Comment

by:teknite
ID: 18084381
How about the orange SPV5000s because we was also gonna try do the above on these as well, and i was going to test on my XDA first before rolling them out. I do know though that when my colleague tried in file explorer on his SPV5000 when he is connected up to the VPN he gets this repeatingly asking for a password (like a rejection)

I think you are right it has something to with the device needs to be authenticated to access the system, but not quite sure what else is required

Thanks
0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 18084726
The thing is that you really have to follow the configuration instructions explicitly, or you'll never know what is working or what isn't.  So I can't really give you an opinion as to one device or another.

Jeff
TechSoEasy
0
 

Author Comment

by:teknite
ID: 18209326
Hi Techsoeasy

I followed and got my certificate installed onto my PDA and it works wonders with my direct push with SSL turned on
but unfortunatly it still didnt help in my quest to view my network files over the VPN

IS this something that actually can work i mean everytime i try to access a network share it rejects my login.

One thing i admit i didnt try was register the PDA onto the SBS server like as you do when a PC joins the Domain, maybe this is what i need to do

Any Idseas?
0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 18211431
If it's rejecting your login, what is the error code it gives?  Have you tried logging in with DOMAIN\USER or user@domain.local?  

Jeff
TechSoEasy
0
How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 18211434
You don't need to "register" the PDA onto the SBS because that's never necessary for a VPN connection.

Jeff
TechSoEasy
0
 

Author Comment

by:teknite
ID: 18214009
i tried username and doman\username and still no joy

I dont seem to get an error code on the PDA all that happens is that when you click ok with the password credentials it says Login Failed at the top and displays the fields to re-type the username and password
if you cancel out of that it says access denied.

The users can access the files in question when they logged in onsite on the local LAN and over VPN on their laptops so this is why i thought might have something to do with the PDAs

0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 18217865
It might have to do with the PDA, what version of ActiveSync are you using?  Because this will configure some of the PDA's settings.  If you aren't using at least 4.3, you should be.

Jeff
TechSoEasy
0
 

Author Comment

by:teknite
ID: 18223472
the 2 PDAs i have are using 4.1 so i will try with 4.3 today will let you know how it goes
0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 18223853
Oh, yeah... because there is a big difference between 4.1 and 4.2.

Jeff
TechSoEasy
0
 

Author Comment

by:teknite
ID: 18239076
Installed 4.2 couldnt c a 4.3
re-created the exchange profile on my pda so that it was from the new active sync
all looked promising

connected to my GPRS sync'd online excellent

Connected to VPN tries to access my server
asked for a password, ok typed it in
Login Failed still :(
0
 
LVL 74

Accepted Solution

by:
Jeffrey Kane - TechSoEasy earned 500 total points
ID: 18242103
Sorry, that was a typo on my part above.

4.2 comes with a troubleshooter that works quite well... you'll find it on the Help Menu in ActiveSync on your PC.

Jeff
TechSoEasy
0
 

Author Comment

by:teknite
ID: 18318213
Thanks for all your help with this Jeff

the project been placed on the backburner for a while

what puzzles me about the whole situation is that direct push works perfectly well and not got any problems with that (except are GPRS connection didnt work in the US) but yet this doesnt allow you in , where as with the same user you can VPN in from any PC, laptop or server known to man

Crazy

Thanks

Eliot
0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

In the event you manage a Small Business Server 2003, and you are audited for PCI compliance, there are several changes you must make in order to pass the audit. I can take no credit for discovering any of these fixes or workarounds, but there is no…
Written by Glen Knight (demazter) as part of a series of how-to articles. Introduction One of the biggest consumers of disk space with Small Business Server 2008(SBS) is Windows Server Update Services, more affectionately known as WSUS. For t…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
This tutorial demonstrates a quick way of adding group price to multiple Magento products.

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now