Help Setting up PDA/Smartphones with SSL to work with Exchange 2003

Hi,
Progress so far - I got the root certificate loaded onto phones (Nokia E61) and stoppped the untrusted certificate error.
I have managed to get as far as 'error 440' returned from exchange server, which seems to suggest I have to add an exchange-oma directory pointing at the normal exchange virtual directory. I think there is a microsoft technet article that explains steps, including registry changes
Does anyone know of any ways to set this up and still use SSL?
sasdanielsAsked:
Who is Participating?
 
SembeeCommented:
Does OMA work? That is what I use for most troubleshooting.

Is the device that you are using external to your firewall? Have you tried the emulator so that you can test inside?

Simon.
0
 
SembeeCommented:
The KB article you are referring to is 817379.
It should be linked to in the event log ID.

I have also written my own variation of that article here: http://www.amset.info/exchange/mobile-85010014.asp
It has some additional steps.

Simon.
0
 
sasdanielsAuthor Commented:
Thanks
Thats excellent - I can stop fiddling around with the settings in IIS and get on with this. It helps confirm there is no other way . .
Were the additional steps critical?
0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 
SembeeCommented:
The additional steps that I have introduced I found were key for the change to work.
If you have require SSL, fba etc enabled on the /exchange virtual directory, then when you carry out the export and then import you are bringing over the configuration that is causing the problems.
The additional steps that I have outlined undo that, then write those changes to the IIS metabase. Then you do the export and import and the settings come across correctly.

Simon.
0
 
sasdanielsAuthor Commented:
Nice one
I'll give that a try Monday - I guess there's downside/risk to bringing down my whole Exchange setup?
I can't think of any risks, can you?
0
 
SembeeCommented:
I have done it lots of times without causing a problem with the Exchange server.
If you find it doesn't work then I find it is best to reset the virtual folders which causes a short outage while a service is restarted.

You are changing the IIS Configuration, that is all. It is all easily reset.

Simon.
0
 
sasdanielsAuthor Commented:
Yep, gonna have to reset the virtual folders . .although I get as far as 'connection established on the smartphone if I turn off SSL on phone - but no actual items sync - eventually drops out with 'lost connection.
I'll have a go this afternnon resetting folders, when I put certificate back on where do I require SSL - on the new directory or the default? And if default do I let it overwrite values for child directory's when prompted?
0
 
SembeeCommented:
Don't set require SSL anywhere.
Do not confuse the setting require SSL with your ability to use SSL.

Simon.
0
 
sasdanielsAuthor Commented:
Hi Simon
thanks for your help so far - bit stuck now though
After resetting folders following MS KB article OWA is only partially working - can log and and display email folders but actual emails are stuck on 'loading' with 'error on page' displayed at bottom - details of which say something about a remote procedure call error - any ideas?
ps the MS article mentioned deleting only  certain virtual folders so I did not delete iisadmpwrd and aspnet folders as part of reset - should I have deleted all folders . .
0
 
SembeeCommented:
The only folders that you have to delete are the ones listed in the KB article.
Did you delete the registry key created as part of 817379? If not that can cause problems.

Simon.
0
 
sasdanielsAuthor Commented:
I did delete registry key . .
0
 
sasdanielsAuthor Commented:
OK
It's back (phew!) - I did steps 1-9 of article and not 10 this time
So back to 817379 and your instructions - let you know
0
 
sasdanielsAuthor Commented:
Hi Simon
Thanks for your patience so far . .
done 817379 again
If I try smartphone with use SSL set to no, in log, I get connecting to internet, connecting to Echange server and then connection established - just hangs though and eventually say connection lost will try 'push' again when connection reestablished.
If I try smartphone with SSL required I get:
0x7370D02 (activeSyncErrTransactionFailed)
Any more ideas for me to try tomorrow?
Andy
0
 
sasdanielsAuthor Commented:
What should be the settings in Microsoft-active-sync folder (virtual directory) be? I notice it is the only folder with no boxes ticked in local path section eg read, write etc
0
 
sasdanielsAuthor Commented:
Hi Simon
I have Microsoft dialled in 4 hrs and 45 mins and counting! I'll let you know . .
ps oma does work
0
 
sasdanielsAuthor Commented:
Hi Simon
Problem was with ISA server which won't support both forms based and basic authentication on one IP address - to be fair I didn't mention ISA server to you - your suggestions were all correct
This website explains a way around the issue
http://www.isaserver.org/tutorials/2004pubowamobile.html
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.