Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

How to get Active Synch to work for a child Domain.

Posted on 2008-11-12
14
Medium Priority
?
245 Views
Last Modified: 2012-05-05
WE ahve one domain that most users are in and everythig is working fine.  But we do have a child domain that has its own exchange system.  The exchange in the master domain is 2007 while the system in the child domain is 2003.  We now have requests from users in the child domain that want to start using active synch.  OWA works fine for them but I can not seem to get active synch to work.  Any ideas or tricks that I need  to know about to get this working.
0
Comment
Question by:L_P_Loudan
  • 7
  • 7
14 Comments
 
LVL 14

Expert Comment

by:dfxdeimos
ID: 22945394
Do you have the certificate installed on the devices that are trying to access ActiveSync?
0
 
LVL 14

Expert Comment

by:dfxdeimos
ID: 22945421
I jumped the gun a little bit there...

So you have OWA working just fine, I assume by navigating to mail.child.domain.com ? Are you trying to use SSL or Non-SSL for the ActiveSync setup? If you are using SSL, do you have the appropriate certificates installed on the mobile device? Do you have the proper ports (80 or 443) forwarded through the firewall?
0
 

Author Comment

by:L_P_Loudan
ID: 22945444
I have not installe dthe certs on the device, I will try that tomorrow and let you know.
0
Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

 
LVL 14

Expert Comment

by:dfxdeimos
ID: 22945463
Ok, if it is a self signed certificate then you will also have to install the root certificate of the issuing CA on the device.
0
 

Author Comment

by:L_P_Loudan
ID: 22945606
we have the cert on the CA server in the master domain and for users in that domain we do not need to install the cert on the device.  When we were on 2003 on both domains we had to install the cert on the device.  do you think I need to install the cert on the device that connects to the child domain or do i need another cert for the child domain.
0
 
LVL 14

Expert Comment

by:dfxdeimos
ID: 22945651
Your comment is worded in a confusing matter to me.

If you are using a self signed certificate to secure Exchange then you are going to have to add THAT certificates issuing CA to the Trusted Root Certification Authorities on the mobile device.

So if you visit https://mail.child.domain.com/exchange and take a look at the certificate that is used to secure OWA, whatever CA issued THAT certificate is the one that you want to install on the device.
0
 

Author Comment

by:L_P_Loudan
ID: 22945664
No we purchased a cert for the new CA server for OWA and active synch.  this way the cert seem sot be pushed to the device.  on the old way we had to install the cert on each device that wanted to conenct to active synch.
0
 
LVL 14

Expert Comment

by:dfxdeimos
ID: 22945700
Are you trying to say that you purchased a certificate from GoDaddy or VeriSign (or other) and used THAT to secure OWA?
0
 

Author Comment

by:L_P_Loudan
ID: 22950262
yes, that is what I am saying.  
0
 
LVL 14

Expert Comment

by:dfxdeimos
ID: 22952282
What address (you can change the domain name for security reasons) do you use to access OWA on the child domain? When you access OWA via HTTPS, what is the exact name of the server that the certificate is "Issued To" and "Issued By"? Do you receive any certificate errors?
0
 

Author Comment

by:L_P_Loudan
ID: 22952358
the web address is OWA.domain.com.  We use that same address for active synch.  The user in the child domain use the same address for OWA and it works but it does not work for Active Synch.
0
 
LVL 14

Expert Comment

by:dfxdeimos
ID: 22952677
Are their any errors that appear either in the mobile device or on Exchange server's event logs?
0
 

Author Comment

by:L_P_Loudan
ID: 22989576
no erros, it jsut does not connect.
0
 

Accepted Solution

by:
L_P_Loudan earned 0 total points
ID: 23185975
Finally called Microsoft and it turns out that I needed to have the Intergrated Windows Authentication checked on the Active Server Web page so that the CAS in Dallas cold talk to it.  Now everything is working fine.
0

Featured Post

Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Eseutil Hard Recovery is part of exchange tool and ensures Exchange mailbox data recovery when mailbox gets corrupt due to some problem on Exchange server.
Exchange database can often fail to mount thereby halting the work of all users connected to it. Finding out why database isn’t mounting is crucial and getting the server back online. Stellar Phoenix Mailbox Exchange Recovery is a champion product t…
In this video we show how to create an email address policy in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Mail Flow…
To show how to create a transport rule in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Rules tab.:  To cr…
Suggested Courses

581 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question