Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 446
  • Last Modified:

ActiveSync Problems with Exchange 2003 and ISA 2004

I have the following setup:
Exchange 2003 Server on Windows 2000 Server (Internal Netowrk)
ISA 2004 on Windows 2003 Server (External Network)
I have SSL and Form Based Authenication running and OWA works perfect.

I am trying to setup ActiveSync my Treo 700 W. I have checked the require SSL box and have mail.company.com in the server adress. When I try to Sync I receive a message saying that Certificate is expired. The message also says that the problem maybe with the clock on my device. The clock on my device is right and the certificate isn't expired.

I have read a ton of articles which all pretty much contradict each other. Some say that ActiveSync can't use SSL others say it can. Does anyone have any clue how to resolve this issue? On a side note what is the difference between OMA and ActiceSync?

Thanks
JP
0
vtjp1
Asked:
vtjp1
  • 4
  • 4
1 Solution
 
SembeeCommented:
ActiveSync can use SSL.
However if you are getting an SSL certificate warning then the feature will not work.

Try browsing to OMA on the device - https://host.domain.com/oma

If you get a certificate prompt the feature will fail to work.

Simon.
0
 
vtjp1Author Commented:
I did get the certificate prompt. What should I do?
0
 
vtjp1Author Commented:
By the way when I went to https:\\host.domain.com/oma it took me to the Outlook Web Access page is that what should happen?
0
Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

 
SembeeCommented:
If you are getting the certificate prompt then you need to deal with whatever the certificate is prompting about.

There will be three elements that could be causing the issue...

- name. The certificate is in mail.domain.com but you are entering mail.domain.net in the web browser

- date. It is has expired

- trust. If the certificate is not a commercial certificate then it will not be trusted by the device. Even some commercial certificates are not trusted by Windows mobile.

As for the OMA issue - ensure that OMA is being published separately through ISA. Try it internally on http://servername/oma. You should get a username and password prompt. Enter the username in the format of domain\username and then the password. The result should be a plain text version of your mailbox.

Simon.
0
 
vtjp1Author Commented:
How can you tell if it is a commercial certificate? I just got it from Verisign.  I know it hasn't expired and I know the name is right.
0
 
SembeeCommented:
If you purchased the certificate then it is a commercial certificate. If you generated the certificate yourself, then it is a home grown certificate.

Check the ISA server as well. I have seen a number of times where the ISA server has its own certificate and is using that, not the certificate on your Exchange server.

Simon.
0
 
vtjp1Author Commented:
I know ISA is working because I can get to OWA and that is published through ISA. Is it possible that a redirect can be causing a problem?
0
 
SembeeCommented:
If you have some kind of redirect in place then there is a chance that is causing a problem. It depends on what the redirect does.

I don't use redirects myself. I open 443 only for OWA access. The users soon get used to putting the https in. I do not want any port 80 traffic coming in to the network.

Simon.
0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

  • 4
  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now