?
Solved

ActiveSync Problems with Exchange 2003 and ISA 2004

Posted on 2006-11-29
8
Medium Priority
?
444 Views
Last Modified: 2007-12-19
I have the following setup:
Exchange 2003 Server on Windows 2000 Server (Internal Netowrk)
ISA 2004 on Windows 2003 Server (External Network)
I have SSL and Form Based Authenication running and OWA works perfect.

I am trying to setup ActiveSync my Treo 700 W. I have checked the require SSL box and have mail.company.com in the server adress. When I try to Sync I receive a message saying that Certificate is expired. The message also says that the problem maybe with the clock on my device. The clock on my device is right and the certificate isn't expired.

I have read a ton of articles which all pretty much contradict each other. Some say that ActiveSync can't use SSL others say it can. Does anyone have any clue how to resolve this issue? On a side note what is the difference between OMA and ActiceSync?

Thanks
JP
0
Comment
Question by:vtjp1
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 4
8 Comments
 
LVL 104

Expert Comment

by:Sembee
ID: 18038915
ActiveSync can use SSL.
However if you are getting an SSL certificate warning then the feature will not work.

Try browsing to OMA on the device - https://host.domain.com/oma

If you get a certificate prompt the feature will fail to work.

Simon.
0
 

Author Comment

by:vtjp1
ID: 18038941
I did get the certificate prompt. What should I do?
0
 

Author Comment

by:vtjp1
ID: 18038964
By the way when I went to https:\\host.domain.com/oma it took me to the Outlook Web Access page is that what should happen?
0
 [eBook] Windows Nano Server

Download this FREE eBook and learn all you need to get started with Windows Nano Server, including deployment options, remote management
and troubleshooting tips and tricks

 
LVL 104

Expert Comment

by:Sembee
ID: 18039002
If you are getting the certificate prompt then you need to deal with whatever the certificate is prompting about.

There will be three elements that could be causing the issue...

- name. The certificate is in mail.domain.com but you are entering mail.domain.net in the web browser

- date. It is has expired

- trust. If the certificate is not a commercial certificate then it will not be trusted by the device. Even some commercial certificates are not trusted by Windows mobile.

As for the OMA issue - ensure that OMA is being published separately through ISA. Try it internally on http://servername/oma. You should get a username and password prompt. Enter the username in the format of domain\username and then the password. The result should be a plain text version of your mailbox.

Simon.
0
 

Author Comment

by:vtjp1
ID: 18039028
How can you tell if it is a commercial certificate? I just got it from Verisign.  I know it hasn't expired and I know the name is right.
0
 
LVL 104

Expert Comment

by:Sembee
ID: 18039168
If you purchased the certificate then it is a commercial certificate. If you generated the certificate yourself, then it is a home grown certificate.

Check the ISA server as well. I have seen a number of times where the ISA server has its own certificate and is using that, not the certificate on your Exchange server.

Simon.
0
 

Author Comment

by:vtjp1
ID: 18039222
I know ISA is working because I can get to OWA and that is published through ISA. Is it possible that a redirect can be causing a problem?
0
 
LVL 104

Accepted Solution

by:
Sembee earned 2000 total points
ID: 18040570
If you have some kind of redirect in place then there is a chance that is causing a problem. It depends on what the redirect does.

I don't use redirects myself. I open 443 only for OWA access. The users soon get used to putting the https in. I do not want any port 80 traffic coming in to the network.

Simon.
0

Featured Post

Prepare for your VMware VCP6-DCV exam.

Josh Coen and Jason Langer have prepared the latest edition of VCP study guide. Both authors have been working in the IT field for more than a decade, and both hold VMware certifications. This 163-page guide covers all 10 of the exam blueprint sections.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Learn to move / copy / export exchange contacts to iPhone without using any software. Also see the issues in configuration of exchange with iPhone to migrate contacts.
After hours on line I found a solution which pointed to the inherited Active Directory permissions . You have to give/allow permissions to the "Exchange trusted subsystem" for the user in the Active Directory...
This video discusses moving either the default database or any database to a new volume.
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…
Suggested Courses

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question