ActiveSync Problems with Exchange 2003 and ISA 2004

I have the following setup:
Exchange 2003 Server on Windows 2000 Server (Internal Netowrk)
ISA 2004 on Windows 2003 Server (External Network)
I have SSL and Form Based Authenication running and OWA works perfect.

I am trying to setup ActiveSync my Treo 700 W. I have checked the require SSL box and have mail.company.com in the server adress. When I try to Sync I receive a message saying that Certificate is expired. The message also says that the problem maybe with the clock on my device. The clock on my device is right and the certificate isn't expired.

I have read a ton of articles which all pretty much contradict each other. Some say that ActiveSync can't use SSL others say it can. Does anyone have any clue how to resolve this issue? On a side note what is the difference between OMA and ActiceSync?

Thanks
JP
vtjp1Asked:
Who is Participating?
 
SembeeConnect With a Mentor Commented:
If you have some kind of redirect in place then there is a chance that is causing a problem. It depends on what the redirect does.

I don't use redirects myself. I open 443 only for OWA access. The users soon get used to putting the https in. I do not want any port 80 traffic coming in to the network.

Simon.
0
 
SembeeCommented:
ActiveSync can use SSL.
However if you are getting an SSL certificate warning then the feature will not work.

Try browsing to OMA on the device - https://host.domain.com/oma

If you get a certificate prompt the feature will fail to work.

Simon.
0
 
vtjp1Author Commented:
I did get the certificate prompt. What should I do?
0
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

 
vtjp1Author Commented:
By the way when I went to https:\\host.domain.com/oma it took me to the Outlook Web Access page is that what should happen?
0
 
SembeeCommented:
If you are getting the certificate prompt then you need to deal with whatever the certificate is prompting about.

There will be three elements that could be causing the issue...

- name. The certificate is in mail.domain.com but you are entering mail.domain.net in the web browser

- date. It is has expired

- trust. If the certificate is not a commercial certificate then it will not be trusted by the device. Even some commercial certificates are not trusted by Windows mobile.

As for the OMA issue - ensure that OMA is being published separately through ISA. Try it internally on http://servername/oma. You should get a username and password prompt. Enter the username in the format of domain\username and then the password. The result should be a plain text version of your mailbox.

Simon.
0
 
vtjp1Author Commented:
How can you tell if it is a commercial certificate? I just got it from Verisign.  I know it hasn't expired and I know the name is right.
0
 
SembeeCommented:
If you purchased the certificate then it is a commercial certificate. If you generated the certificate yourself, then it is a home grown certificate.

Check the ISA server as well. I have seen a number of times where the ISA server has its own certificate and is using that, not the certificate on your Exchange server.

Simon.
0
 
vtjp1Author Commented:
I know ISA is working because I can get to OWA and that is published through ISA. Is it possible that a redirect can be causing a problem?
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.