Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

How do I configure IIS so iphones can connect?

Posted on 2009-04-14
10
Medium Priority
?
755 Views
Last Modified: 2012-05-06
Running Server 2003 standard SP 2 and Exchange 2003 SP2.  


Been working on this for hours and I can still cant get it to work.  i think I messed up my IIS so much, I reinstalled it from scratch bugoing through this steps. Resetting the default virtual directories.  Done that succesfully and restarted the exchange server.  Email works fine.  Web outlook works fine.   but when i try to get our iphones to sync with the server it gets "Connection to server failed"

This is a NEW email server and the iphones synced fine for a few days.  On their iphones, whether SSL was on or off, it still worked.  (already migrated the certificate to the new server)  however, when I was trying to configure RPC over HTTP so our remote users can get their email through their outlook, that's when I messed up the IIS.

Now IIS virtual directories are restored.

Please help! :)

0
Comment
Question by:chudkllr
  • 4
  • 2
  • 2
  • +2
10 Comments
 
LVL 9

Expert Comment

by:tl121000
ID: 24143594
need to creat another VD and set a registry key setting
http://support.microsoft.com/kb/817379
check out  section --> Create a secondary virtual directory for Exchange server  
 
0
 
LVL 65

Accepted Solution

by:
Mestha earned 450 total points
ID: 24143641
The iPhone is a very poor implementation of ActiveSync and makes it hard to troubleshoot what is actually happening. If the server is exposed to the internet then use a test account and the Microsoft test site:

https://testexchangeconnectivity.com/

That will show you whether things are working correctly or not and should give you some troubleshooting tips.

If you need to deploy the changes in 817379 then that should be logged in the server's event log.

Simon.
0
 

Author Comment

by:chudkllr
ID: 24143773
This is what I got.  I just change the real domain name for security

------



      Test Steps
       
      Attempting to Resolve the host name swaymail.swaystudio.com in DNS.
       Host successfully Resolved
      Additional Details
       IP(s) returned: 216.156.167.3
      Testing TCP Port 443 on host (mail.mydomain.com) to ensure it is listening/open.
       The port was opened successfully.
      Testing SSLCertificate for validity.
       The certificate passed all validation requirements.
      Additional Details
       Subject: CN=swaymail.swaystudio.com, OU=Domain Control Validated - RapidSSL(R), OU=See www.rapidssl.com/resources/cps (c)07, OU=GT33279175, O=mail.mydomain.com, C=US, Issuer CN=Equifax Secure Global eBusiness CA-1, O=Equifax Secure Inc., C=US
      Testing SSL mutual authentication with RPC Proxy server
       Successfully verified Mutual Authentication
      Additional Details
       Certificate common name mail.mydomain.com matches msstd:mail.mydomain.com
      Testing Http Authentication Methods for URL https://mail.mydomain.com/rpc/rpcproxy.dll
       Http Authentication Test failed
      Additional Details
       A Web Exception occured because an HTTP 404 - NotFound response was received from IIS6
0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 

Author Comment

by:chudkllr
ID: 24143796
Oh wait, sorry  that was the test for Microsoft Office Outlook 2003 RPC/HTTP Connectivity Test

This is what I got for the active sync test

      Testing Exchange Activesync for host mail.mydomain.com
       Exchange Activesync test Failed
      Test Steps
       
      Attempting to Resolve the host name mail.mydomain.com in DNS.
       Host successfully Resolved
      Additional Details
       IP(s) returned: 216.156.167.3
      Testing TCP Port 443 on host mail.mydomain.com to ensure it is listening/open.
       The port was opened successfully.
      Testing SSLCertificate for validity.
       The certificate passed all validation requirements.
      Additional Details
       Subject: CN=mail.mydomain.com, OU=Domain Control Validated - RapidSSL(R), OU=See www.rapidssl.com/resources/cps (c)07, OU=GT33279175, O=mail.mydomain.com, C=US, Issuer CN=Equifax Secure Global eBusiness CA-1, O=Equifax Secure Inc., C=US
      Testing Http Authentication Methods for URL https://mail.mydomain.com/Microsoft-Server-Activesync/
       Http Authentication Methods are correct
      Additional Details
       Found all expected authentication methods and no disallowed methods Methods Found: Basic realm="mail.mydomain.com"
      Attempting an Activesync session with server
       Errors were encountered while testing the ActiveSync session
      Test Steps
       
      Attempting to send OPTIONS command to server
       OPTIONS response was successfully received and is valid
      Additional Details
       Headers received: Connection: close Pragma: no-cache Public: OPTIONS, POST Allow: OPTIONS, POST MS-Server-ActiveSync: 6.5.7638.1 MS-ASProtocolVersions: 1.0,2.0,2.1,2.5 MS-ASProtocolCommands: Sync,SendMail,SmartForward,SmartReply,GetAttachment,GetHierarchy,CreateCollection,DeleteCollection,MoveCollection,FolderSync,FolderCreate,FolderDelete,FolderUpdate,MoveItems,GetItemEstimate,MeetingResponse,ResolveRecipients,ValidateCert,Provision,Search,Notify,Ping Content-Length: 0 Date: Wed, 15 Apr 2009 00:05:23 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET
      Attempting FolderSync command on ActiveSync session
       FolderSync command test failed

0
 
LVL 65

Assisted Solution

by:Mestha
Mestha earned 450 total points
ID: 24147426
The first thing is that I don't think the iPhone trusted the RapidSSL certificates. I know that Windows Mobile does not. Therefore you may well have problems ongoing when it comes to deployment.

Change the authentication setting on the Microsoft-Server-ActiveSync virtual directory in IIS manager from Basic to Integrated. Then run IISRESET for the change to take effect and test again.

Simon.
0
 

Author Comment

by:chudkllr
ID: 24151482
Hey Simon.  I tried that and still no iphone love. :(

on our previous Exchange, the IIS config for MS Activesync was

Enable anonymous access was checked and the rest were clear.  I copied the same config and still it won't work :(

 
0
 
LVL 17

Assisted Solution

by:JohnGerhardt
JohnGerhardt earned 300 total points
ID: 24151875
Hi Chudkllr,
I second what MEstha has said about the RapidSSL note being a trusted root for the iPhone. I have seen a nuber of similiar EE questions with people and RapidSSL certs.
Can you confirm that you aren't using Forms Based Auth for OWA.. As this can cause troubles..
0
 

Author Comment

by:chudkllr
ID: 24152567
Yes the Forms Based Auth is clear. (unchecked) on ESM under Protocols - HTTP - Exchange Virtual Server Propertis - Settings tab.
0
 
LVL 9

Expert Comment

by:tl121000
ID: 24164200
Did you bother trying http://support.microsoft.com/kb/817379?
 
  • In addition a simple and affordable Go Daddy certificate will work.
0
 

Expert Comment

by:thorptech
ID: 32967166
Hi Chudkllr,

I'm having the same problem.  Did you find a fix?

ExRCA is testing Exchange ActiveSync.
 The Exchange ActiveSync test failed.
 Test Steps
 Attempting to resolve the host name (domain name) in DNS.
 Host successfully resolved
 Additional Details
 IP(s) returned: (ip)

Testing TCP Port 443 on host (domain name) to ensure it is listening and open.
 The port was opened successfully.
ExRCA is testing the SSL certificate to make sure it's valid.
 The SSL certificate failed one or more certificate validation checks.
 Test Steps
 The certificate name is being validated.
 Successfully validated the certificate name
 Additional Details
 Found hostname (domain name) in Certificate Subject Common name

Validating certificate trust for Windows Mobile Devices
 Certificate trust validation failed.
  Tell me more about this issue and how to resolve it
 Additional Details
 The certificate chain did not end in a trusted root. Root = CN=Equifax Secure Global eBusiness CA-1, O=Equifax Secure Inc., C=US
0

Featured Post

Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article describes Top 9 Exchange troubleshooting utilities that every Exchange Administrator should know. Most of the utilities are available free of cost. List of tools that I am going to explain in this article are:   Microsoft Remote Con…
This article summarizes the problem of addictive cell phone usage that college students across the country are facing. It covers the issues with obsessive cell phone addiction, reasons why this is happening, and what we can do to solve this problem.
The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…
Suggested Courses
Course of the Month13 days, 21 hours left to enroll

581 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question