• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 496
  • Last Modified:

Need help setting up ActiveSync between our mobile devices and Exchange server.

Here's our setup:

Exchange Server 2003 SP2 - no front-end
ISA Server 2000
Trying to sync mobile devices over ActiveSync

Could somoene please assist me in setting this up, or at the very least provide any info to help me get started.
0
Go-GBS
Asked:
Go-GBS
  • 14
  • 11
1 Solution
 
tntmaxCommented:
Do you have an SSL cert? It's not required, but extremely recommended. Are you using OWA? Are you using Forms Based front end for OWA? You cannot require SSL and use Active Sync, and you cannot use Forms Based Authentication and use Active Sync. Purchase a 3rd party certificate if you haven't, then forward port 443 to your Exchange server. After that, it should be pretty straight forward - run through the Active Sync wizard on the phone.
0
 
Go-GBSAuthor Commented:
I am not using an SSL cert, at the moment at least.  I'm not really sure on the OWA or the Forms Based front end, can you explain these a little more?
0
 
edmund7sCommented:
If you you just want to sync over cable it should be very easy make sure you install this
http://www.microsoft.com/windowsmobile/en-us/help/synchronize/activesync45.mspx
and plug in the windows mobile device and you should be set. As long as you set up partnership between the device and the computer.

But if you have data connection through your mobile devices...you may want to sync over the air.  To do that look at these step by step:
http://searchexchange.techtarget.com/generic/0,295582,sid43_gci1249394,00.html

And purchase a third party SSL certificate and it will work better than the self-signed certificate. Godaddy.com has a cheap certificate for 19.99 I think.  That should work out better for you
0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 
tntmaxCommented:
OWA = Outlook Web Access. Internally, you can type in http://<exchange server name>/owa to get a web interface for your email. Externally, you can type in http://exchange.<external domain name>.com, or whatever DNS name you want. For some clients, we use webmail.domain name.com. It depends on their preference. Get an SSL cert (3 year cert means less maintenance time) and forward port 443 from ISA server to Exchange.
0
 
tntmaxCommented:
and by the way, the second link in edmund7s contains dated information - Active Sync is now up-to-date with Exchange SP 2 (essential to have), and actually, I get the email on my phone before I get it in Outlook... so don't use those steps for Active Sync. Configure Active Sync directly.
0
 
Go-GBSAuthor Commented:
Oh, OWA, not sure why that didn't register with me.  Yes we do have OWA working.  I'll take a look at that link.
0
 
Go-GBSAuthor Commented:
And we do want to sync over the air.
0
 
tntmaxCommented:
does OWA work externally for when you are out of the office? If so, you should have most of the infrastructure in place to do Active Sync. Do you have Exchange SP 2 installed on the server?
0
 
Go-GBSAuthor Commented:
Yes to OWA working outside the office, and yes to Exchange SP2 as well.
0
 
Go-GBSAuthor Commented:
When I try to sync the phone I get an error message, and when I check the logging under IIS this is what I get, this is from a few weeks ago b/c I've been at this for awhile.

2008-10-30 00:25:26 10.1.1.2 PROPFIND /exchange/username@domainname.com/NON_IPM_SUBTREE/Microsoft-Server-ActiveSync/PocketPC/2K0Y12F34840B31DAA0004E2F84EMN12 - 80 - 10.1.1.2 Microsoft-Server-ActiveSync/6.5.7638.1 401 2 5

At the point where it specifies the port and IP address, shouldn't it also send the logon credentials?
0
 
tntmaxCommented:
are you doing this over http or https? can you verify that active sync is enabled for the user? (should be by default) how are you activating on the phone?
0
 
Go-GBSAuthor Commented:
It's being done over HTTP.  And yes ActiveSync is enabled for the user as far as I can tell.  Here are each of the steps.

For the domain I put "domain.com" and do not require an SSL, then the username, password, and domain and I set it to save the password, then set it to synchrozine everything.

Just tried again, and the error I get from my phone is "ActiveSync encountered a problem on the server.  The support code is 0x85010014.
0
 
Go-GBSAuthor Commented:
Ok, just found this in the Application Log of our Exchange Server.

Event Type: Error
Event Source: Server ActiveSync
Event Category: None
Event ID: 3031
Description: The mailbox server [%1] does not allow "Negotiate" authentication to its [%2] virtual directory. Exchange ActiveSync can only access the server using this authentication scheme.

Then when I checked this link it had a couple fixes, at this time we don't have a front-end exchange server we can put in, but does method two make sense to do?
0
 
Go-GBSAuthor Commented:
http://support.microsoft.com/kb/817379

Sorry, here's the link I found.
0
 
tntmaxCommented:
It sounds like you have require SSL set. Can you confirm that both Forms Based Authentication is turned off:

http://www.petri.co.il/problems_with_forms_based_authentication_and_ssl_in_activesync.htm
0
 
tntmaxCommented:
use that link to turn off SSL and Forms Based
0
 
tntmaxCommented:
this shows you how to turn on (and consequently off) Forms Based:

http://www.petri.co.il/configuring_forms_based_authentication_in_exchange_2003.htm

Petri's articles are great. Read those for fun and you'll find them quite helpful.
0
 
Go-GBSAuthor Commented:
Forms based is turned off, as well as SSL, we don't require it for our OWA as it's just http.  Any thoughts on the 2nd virtual directory?
0
 
tntmaxCommented:
no, no need, that's only for SSL on one, and HTTP OWA on the other.
0
 
Go-GBSAuthor Commented:
Like I said, we access our OWA using http, but is there a setting that could still be in place that's affecting things?  Is there a definitive setting I could check in regards to SSL?
0
 
Go-GBSAuthor Commented:
I did notice in that petri article, that this can occur when SSL is required, or if integrated windows authentication is not required, which it is not, we only require basic authentication.
0
 
Go-GBSAuthor Commented:
But I see at the bottom of that link someone fixed this problem using treo 700wx smart phones which is what I have, using the same Microsoft article I was referring to.  I'm not sure I follow how the original author fixed his own problem.
0
 
tntmaxCommented:
Any updates on this one? How did you make out? Are you still stuck?
0
 
Go-GBSAuthor Commented:
To be perfectly honest it's been put on the backburner for now, but I didn't want to close the question w/o awarding any points.  We may be replacing the Exchange server soon, so I might wait until that's been done.
0
 
Go-GBSAuthor Commented:
Well I had responded that this project was on hold for now.  Is it possible to reopen this later?
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 14
  • 11
Tackle projects and never again get stuck behind a technical roadblock.
Join Now