?
Solved

Windows Mobile 6.1 - ActiveSync

Posted on 2009-02-18
4
Medium Priority
?
2,889 Views
Last Modified: 2013-12-05
We use Microsoft ActiveSync to synchronize wireless  mobile devices with Exchange.
We import our own cert and enter the exchange hostname in the mobile devices registry (HKLM\Comm\Tcpip\Hosts).  It works fine if Windows Mobile 5 or 6 is installed.

Just now we have got an new mobile device (htc) with Windows Mobile 6.1 and the configuration is the same as before, but it doesn't work.
It seems that ActiveSync doesn't use the registry entry for our host. If I enter the IP address in the ActiveSync server configuration I can see the firewall  access. Otherwise, if I use the hostname I can't see any firewall access.
Moreover, if I enter the url https://<server name> I get a 404 error, but I get an answer if I use https://<IP address>.

I have tried e.g. the tool HostsFileEditPro.exe, but the result is the same.

What's different in WM 6.1? Has someone a solution for that?

Thanks
0
Comment
Question by:i24
  • 2
  • 2
4 Comments
 
LVL 65

Expert Comment

by:Mestha
ID: 23673006
Why are you using a self generated certificate and a hosts file?
It would be far simpler to use an external host name and a commercial SSL certificate. US$30 for a trusted certificate and a lot less hassle.

-M
0
 

Author Comment

by:i24
ID: 23678864
Thank you, Mestha.
Usually you are right, but we have different public and internal domain names. We have to differ these both.
1.  A few devices work productively and I won't change this environment
2. We think the security is higher. You need the certificate and you have to know the host name.
Whatever, it must be possible to use the host name entries with WM 6.1. What has been changed to the versions WM 5 and WM 6?

Best regards
Jean
0
 
LVL 65

Expert Comment

by:Mestha
ID: 23679590
You have different internal and external host names? So. Most sites I work on have that kind of setup. Easily resolved by using a split DNS system.
You don't get security by obscurity. If the server is exposed to the internet then it can be found. Doing what you do slows down any kind of attacker for all of 20 seconds, if that and simply creates more work for yourself.

I don't know if something changed with Windows Mobile 6.1, I am not a developer. I do know there were extensive changes because Windows Mobile 6.1 supports autodiscover setup for Exchange 2007, plus a lot more policy features for that version of Exchange. You may well have to ask Microsoft or go through the technical documentation for the product on MSDN.

-M
0
 

Accepted Solution

by:
i24 earned 0 total points
ID: 23680932
Sorry, my English isn't very good.
Of course it is normal to have different domain names. I know too, that this configuration doesn't help to increase the security against attacks, but it's not so easy for a "normal"  employee to connect to the system with there mobile devices. With this I hoped to avoid a few connections attempts from unauthorized users.
Sometime, I started with this environment for testing with one device and step by step I installed more and more devices in this way. I know, that is the worst way, what I could take, but so it is.
Just know, it is very difficult to reconfigure and test the productive system. But I see I can't avoid it.

Jean
0

Featured Post

Important Lessons on Recovering from Petya

In their most recent webinar, Skyport Systems explores ways to isolate and protect critical databases to keep the core of your company safe from harm.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Unable to change the program that handles the scan event from a network attached Canon/Brother printer/scanner. This means you'll always have to choose which program handles this action, e.g. ControlCenter4 (in the case of a Brother).
It is a real story and is one of my scariest tech experiences. Most users think that IT experts like us know how to fix all computer problems. However, if there is a time constraint and you MUST not fail the task or you will lose your job, a simple …
This is used to tweak the memory usage for your computer, it is used for servers more so than workstations but just be careful editing registry settings as it may cause irreversible results. I hold no responsibility for anything you do to the regist…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

862 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question