[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now

x
?
Solved

ActiveSync Problems with Exchange 2003 and ISA 2004

Posted on 2006-11-29
8
Medium Priority
?
445 Views
Last Modified: 2007-12-19
I have the following setup:
Exchange 2003 Server on Windows 2000 Server (Internal Netowrk)
ISA 2004 on Windows 2003 Server (External Network)
I have SSL and Form Based Authenication running and OWA works perfect.

I am trying to setup ActiveSync my Treo 700 W. I have checked the require SSL box and have mail.company.com in the server adress. When I try to Sync I receive a message saying that Certificate is expired. The message also says that the problem maybe with the clock on my device. The clock on my device is right and the certificate isn't expired.

I have read a ton of articles which all pretty much contradict each other. Some say that ActiveSync can't use SSL others say it can. Does anyone have any clue how to resolve this issue? On a side note what is the difference between OMA and ActiceSync?

Thanks
JP
0
Comment
Question by:vtjp1
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 4
8 Comments
 
LVL 104

Expert Comment

by:Sembee
ID: 18038915
ActiveSync can use SSL.
However if you are getting an SSL certificate warning then the feature will not work.

Try browsing to OMA on the device - https://host.domain.com/oma

If you get a certificate prompt the feature will fail to work.

Simon.
0
 

Author Comment

by:vtjp1
ID: 18038941
I did get the certificate prompt. What should I do?
0
 

Author Comment

by:vtjp1
ID: 18038964
By the way when I went to https:\\host.domain.com/oma it took me to the Outlook Web Access page is that what should happen?
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 
LVL 104

Expert Comment

by:Sembee
ID: 18039002
If you are getting the certificate prompt then you need to deal with whatever the certificate is prompting about.

There will be three elements that could be causing the issue...

- name. The certificate is in mail.domain.com but you are entering mail.domain.net in the web browser

- date. It is has expired

- trust. If the certificate is not a commercial certificate then it will not be trusted by the device. Even some commercial certificates are not trusted by Windows mobile.

As for the OMA issue - ensure that OMA is being published separately through ISA. Try it internally on http://servername/oma. You should get a username and password prompt. Enter the username in the format of domain\username and then the password. The result should be a plain text version of your mailbox.

Simon.
0
 

Author Comment

by:vtjp1
ID: 18039028
How can you tell if it is a commercial certificate? I just got it from Verisign.  I know it hasn't expired and I know the name is right.
0
 
LVL 104

Expert Comment

by:Sembee
ID: 18039168
If you purchased the certificate then it is a commercial certificate. If you generated the certificate yourself, then it is a home grown certificate.

Check the ISA server as well. I have seen a number of times where the ISA server has its own certificate and is using that, not the certificate on your Exchange server.

Simon.
0
 

Author Comment

by:vtjp1
ID: 18039222
I know ISA is working because I can get to OWA and that is published through ISA. Is it possible that a redirect can be causing a problem?
0
 
LVL 104

Accepted Solution

by:
Sembee earned 2000 total points
ID: 18040570
If you have some kind of redirect in place then there is a chance that is causing a problem. It depends on what the redirect does.

I don't use redirects myself. I open 443 only for OWA access. The users soon get used to putting the https in. I do not want any port 80 traffic coming in to the network.

Simon.
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Are you an Exchange administrator employed with an organization? And, have you encountered a corrupt Exchange database due to which you are not able to open its EDB file. This article will explain all the steps to repair corrupt Exchange database.
Are you looking for the options available for exporting EDB files to PST? You may be confused as they are different in different Exchange versions. Here, I will discuss some options available.
In this video we show how to create an Address List in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Organization >> Ad…
In this video we show how to create an Accepted Domain in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Ac…

656 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question