SBS2003 Exchange active sync to Sony Ericsson Xperia produces error code 0x85010004

Hi there.

I have one SBS2003 sp2 with exchange sp2 and a brand new SE Xperia X1 mobile phone.

Set up Xperia Outlook account using DYNDNS server adress.
Got error msg indicating that I needed a certificate.
Generated a new cert thru the CEICW wizard just in case, exported it and installed it on the Xperia
Now I'm getting error msg 0x85010004 when running the active sync app on the Xperia and SE X1 support says it is related to "faulty account settings".
When I ask them to be more specific they went hostile on me and told me I couldn't ask them about how to configure my Exchange server, which of course I never did... tum-de-dum...
There seem to be no public Xperia support code reference point.

Googled a bit on 0x85010004 and there seem to be several very different options on this one.
Who is Participating?
cmarandiConnect With a Mentor Commented:
double check the security on the iis...
go to iis
look under websites
each of those virtually directories has a security setting...  right click and go to properties
look at directory security
authentication & access control choose to edit

confirm this is the configuration:  (I got this from a Microsoft support call)
1 Exchange server 2003 Sp2


-      Corrected the permission in IIS for Exchange virtual directories
Default Permissions :

Default Web Site     -   Anonymous
Exadmin                      -   Integrated
Exchange                    -   Basic/integrated
Exchweb                     -   Anonymous
Bin                                 -   Basic/integrated
Auth                             -   Basic/integrated
Usa                               -   Basic/integrated
Active Sync                -   Basic
Oma                             -   Basic
Public                           -   Basic/integrated

-      Uncheck the Enable client certificate mapping from all Exchange virtual directories
IIS manager => expand Web Sites => Rt. Click on Default Web Site => go to Properties => go to Directory security tab => go to the Edit option in Secure communication => and uncheck Enable client certificate mapping  

-      Uncheck the Enable the Windows directory service mapper from the Web Site properties
IIS manager => rt. Click on Web Sites & go to Properties => go to Directory security tab => uncheck the option for Enable the Windows directory service mapper

-      Restarted the IISAdmin service

-      Recreated the profile on the mobile device
After all the above, to recreate the profile, go to active sync, choose menu, choose options, go ahead and elete the profile, then create a new profile.

I had the same error, try this:

1. a. On your Pocket PC 2003-based device, click Start, ActiveSync, Tools, Options, Server and check the box This server uses an SSL connection.
2. On your Smartphone 2003-based device, click Start, ActiveSync, Menu, Options, Server Settings, Connection and check the box This server uses an SSL connection.
3. Verify that host headers are configured correctly.
4. Also, see Microsoft KB Article 817379 for information on configuring the Exchange virtual directory

this is the microsoft article from above:;en-us;817379
ola_erikAuthor Commented:
@ cmarandi:

Thx for posting, I got this:
I found that my exchange virtual dir (OWA) didn't have integrated access authentication enabled.
this is by far the most common prob w active sync

havent checked yet if this solves my prob

one link:

BTW I didn't like your part where I disable cert mapping, It sounds like I'm disabling security features.

guru meditation:
The question remains if Xperia WinMobile 6.1 ActiveSync goes directly to Microsoft-Server-ActiveSync virtual dir (webservice?)  from SSL or if it has to pass through exchange (ie the OWA virtual dir).
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.