Solved

How do I configure IIS so iphones can connect?

Posted on 2009-04-14
10
736 Views
Last Modified: 2012-05-06
Running Server 2003 standard SP 2 and Exchange 2003 SP2.  


Been working on this for hours and I can still cant get it to work.  i think I messed up my IIS so much, I reinstalled it from scratch bugoing through this steps. Resetting the default virtual directories.  Done that succesfully and restarted the exchange server.  Email works fine.  Web outlook works fine.   but when i try to get our iphones to sync with the server it gets "Connection to server failed"

This is a NEW email server and the iphones synced fine for a few days.  On their iphones, whether SSL was on or off, it still worked.  (already migrated the certificate to the new server)  however, when I was trying to configure RPC over HTTP so our remote users can get their email through their outlook, that's when I messed up the IIS.

Now IIS virtual directories are restored.

Please help! :)

0
Comment
Question by:chudkllr
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2
  • 2
  • +2
10 Comments
 
LVL 9

Expert Comment

by:tl121000
ID: 24143594
need to creat another VD and set a registry key setting
http://support.microsoft.com/kb/817379
check out  section --> Create a secondary virtual directory for Exchange server  
 
0
 
LVL 65

Accepted Solution

by:
Mestha earned 150 total points
ID: 24143641
The iPhone is a very poor implementation of ActiveSync and makes it hard to troubleshoot what is actually happening. If the server is exposed to the internet then use a test account and the Microsoft test site:

https://testexchangeconnectivity.com/

That will show you whether things are working correctly or not and should give you some troubleshooting tips.

If you need to deploy the changes in 817379 then that should be logged in the server's event log.

Simon.
0
 

Author Comment

by:chudkllr
ID: 24143773
This is what I got.  I just change the real domain name for security

------



      Test Steps
       
      Attempting to Resolve the host name swaymail.swaystudio.com in DNS.
       Host successfully Resolved
      Additional Details
       IP(s) returned: 216.156.167.3
      Testing TCP Port 443 on host (mail.mydomain.com) to ensure it is listening/open.
       The port was opened successfully.
      Testing SSLCertificate for validity.
       The certificate passed all validation requirements.
      Additional Details
       Subject: CN=swaymail.swaystudio.com, OU=Domain Control Validated - RapidSSL(R), OU=See www.rapidssl.com/resources/cps (c)07, OU=GT33279175, O=mail.mydomain.com, C=US, Issuer CN=Equifax Secure Global eBusiness CA-1, O=Equifax Secure Inc., C=US
      Testing SSL mutual authentication with RPC Proxy server
       Successfully verified Mutual Authentication
      Additional Details
       Certificate common name mail.mydomain.com matches msstd:mail.mydomain.com
      Testing Http Authentication Methods for URL https://mail.mydomain.com/rpc/rpcproxy.dll
       Http Authentication Test failed
      Additional Details
       A Web Exception occured because an HTTP 404 - NotFound response was received from IIS6
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:chudkllr
ID: 24143796
Oh wait, sorry  that was the test for Microsoft Office Outlook 2003 RPC/HTTP Connectivity Test

This is what I got for the active sync test

      Testing Exchange Activesync for host mail.mydomain.com
       Exchange Activesync test Failed
      Test Steps
       
      Attempting to Resolve the host name mail.mydomain.com in DNS.
       Host successfully Resolved
      Additional Details
       IP(s) returned: 216.156.167.3
      Testing TCP Port 443 on host mail.mydomain.com to ensure it is listening/open.
       The port was opened successfully.
      Testing SSLCertificate for validity.
       The certificate passed all validation requirements.
      Additional Details
       Subject: CN=mail.mydomain.com, OU=Domain Control Validated - RapidSSL(R), OU=See www.rapidssl.com/resources/cps (c)07, OU=GT33279175, O=mail.mydomain.com, C=US, Issuer CN=Equifax Secure Global eBusiness CA-1, O=Equifax Secure Inc., C=US
      Testing Http Authentication Methods for URL https://mail.mydomain.com/Microsoft-Server-Activesync/
       Http Authentication Methods are correct
      Additional Details
       Found all expected authentication methods and no disallowed methods Methods Found: Basic realm="mail.mydomain.com"
      Attempting an Activesync session with server
       Errors were encountered while testing the ActiveSync session
      Test Steps
       
      Attempting to send OPTIONS command to server
       OPTIONS response was successfully received and is valid
      Additional Details
       Headers received: Connection: close Pragma: no-cache Public: OPTIONS, POST Allow: OPTIONS, POST MS-Server-ActiveSync: 6.5.7638.1 MS-ASProtocolVersions: 1.0,2.0,2.1,2.5 MS-ASProtocolCommands: Sync,SendMail,SmartForward,SmartReply,GetAttachment,GetHierarchy,CreateCollection,DeleteCollection,MoveCollection,FolderSync,FolderCreate,FolderDelete,FolderUpdate,MoveItems,GetItemEstimate,MeetingResponse,ResolveRecipients,ValidateCert,Provision,Search,Notify,Ping Content-Length: 0 Date: Wed, 15 Apr 2009 00:05:23 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET
      Attempting FolderSync command on ActiveSync session
       FolderSync command test failed

0
 
LVL 65

Assisted Solution

by:Mestha
Mestha earned 150 total points
ID: 24147426
The first thing is that I don't think the iPhone trusted the RapidSSL certificates. I know that Windows Mobile does not. Therefore you may well have problems ongoing when it comes to deployment.

Change the authentication setting on the Microsoft-Server-ActiveSync virtual directory in IIS manager from Basic to Integrated. Then run IISRESET for the change to take effect and test again.

Simon.
0
 

Author Comment

by:chudkllr
ID: 24151482
Hey Simon.  I tried that and still no iphone love. :(

on our previous Exchange, the IIS config for MS Activesync was

Enable anonymous access was checked and the rest were clear.  I copied the same config and still it won't work :(

 
0
 
LVL 17

Assisted Solution

by:JohnGerhardt
JohnGerhardt earned 100 total points
ID: 24151875
Hi Chudkllr,
I second what MEstha has said about the RapidSSL note being a trusted root for the iPhone. I have seen a nuber of similiar EE questions with people and RapidSSL certs.
Can you confirm that you aren't using Forms Based Auth for OWA.. As this can cause troubles..
0
 

Author Comment

by:chudkllr
ID: 24152567
Yes the Forms Based Auth is clear. (unchecked) on ESM under Protocols - HTTP - Exchange Virtual Server Propertis - Settings tab.
0
 
LVL 9

Expert Comment

by:tl121000
ID: 24164200
Did you bother trying http://support.microsoft.com/kb/817379?
 
  • In addition a simple and affordable Go Daddy certificate will work.
0
 

Expert Comment

by:thorptech
ID: 32967166
Hi Chudkllr,

I'm having the same problem.  Did you find a fix?

ExRCA is testing Exchange ActiveSync.
 The Exchange ActiveSync test failed.
 Test Steps
 Attempting to resolve the host name (domain name) in DNS.
 Host successfully resolved
 Additional Details
 IP(s) returned: (ip)

Testing TCP Port 443 on host (domain name) to ensure it is listening and open.
 The port was opened successfully.
ExRCA is testing the SSL certificate to make sure it's valid.
 The SSL certificate failed one or more certificate validation checks.
 Test Steps
 The certificate name is being validated.
 Successfully validated the certificate name
 Additional Details
 Found hostname (domain name) in Certificate Subject Common name

Validating certificate trust for Windows Mobile Devices
 Certificate trust validation failed.
  Tell me more about this issue and how to resolve it
 Additional Details
 The certificate chain did not end in a trusted root. Root = CN=Equifax Secure Global eBusiness CA-1, O=Equifax Secure Inc., C=US
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Is your phone running out of space to hold pictures?  This article will show you quick tips on how to solve this problem.
This article will help to fix the below error for MS Exchange server 2010 I. Out Of office not working II. Certificate error "name on the security certificate is invalid or does not match the name of the site" III. Make Internal URLs and External…
In this video we show how to create a Contact in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Contact ta…
The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…
Suggested Courses
Course of the Month7 days, 13 hours left to enroll

632 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question