Solved

How do I configure IIS so iphones can connect?

Posted on 2009-04-14
10
678 Views
Last Modified: 2012-05-06
Running Server 2003 standard SP 2 and Exchange 2003 SP2.  


Been working on this for hours and I can still cant get it to work.  i think I messed up my IIS so much, I reinstalled it from scratch bugoing through this steps. Resetting the default virtual directories.  Done that succesfully and restarted the exchange server.  Email works fine.  Web outlook works fine.   but when i try to get our iphones to sync with the server it gets "Connection to server failed"

This is a NEW email server and the iphones synced fine for a few days.  On their iphones, whether SSL was on or off, it still worked.  (already migrated the certificate to the new server)  however, when I was trying to configure RPC over HTTP so our remote users can get their email through their outlook, that's when I messed up the IIS.

Now IIS virtual directories are restored.

Please help! :)

0
Comment
Question by:chudkllr
  • 4
  • 2
  • 2
  • +2
10 Comments
 
LVL 9

Expert Comment

by:tl121000
ID: 24143594
need to creat another VD and set a registry key setting
http://support.microsoft.com/kb/817379
check out  section --> Create a secondary virtual directory for Exchange server  
 
0
 
LVL 65

Accepted Solution

by:
Mestha earned 150 total points
ID: 24143641
The iPhone is a very poor implementation of ActiveSync and makes it hard to troubleshoot what is actually happening. If the server is exposed to the internet then use a test account and the Microsoft test site:

https://testexchangeconnectivity.com/

That will show you whether things are working correctly or not and should give you some troubleshooting tips.

If you need to deploy the changes in 817379 then that should be logged in the server's event log.

Simon.
0
 

Author Comment

by:chudkllr
ID: 24143773
This is what I got.  I just change the real domain name for security

------



      Test Steps
       
      Attempting to Resolve the host name swaymail.swaystudio.com in DNS.
       Host successfully Resolved
      Additional Details
       IP(s) returned: 216.156.167.3
      Testing TCP Port 443 on host (mail.mydomain.com) to ensure it is listening/open.
       The port was opened successfully.
      Testing SSLCertificate for validity.
       The certificate passed all validation requirements.
      Additional Details
       Subject: CN=swaymail.swaystudio.com, OU=Domain Control Validated - RapidSSL(R), OU=See www.rapidssl.com/resources/cps (c)07, OU=GT33279175, O=mail.mydomain.com, C=US, Issuer CN=Equifax Secure Global eBusiness CA-1, O=Equifax Secure Inc., C=US
      Testing SSL mutual authentication with RPC Proxy server
       Successfully verified Mutual Authentication
      Additional Details
       Certificate common name mail.mydomain.com matches msstd:mail.mydomain.com
      Testing Http Authentication Methods for URL https://mail.mydomain.com/rpc/rpcproxy.dll
       Http Authentication Test failed
      Additional Details
       A Web Exception occured because an HTTP 404 - NotFound response was received from IIS6
0
 

Author Comment

by:chudkllr
ID: 24143796
Oh wait, sorry  that was the test for Microsoft Office Outlook 2003 RPC/HTTP Connectivity Test

This is what I got for the active sync test

      Testing Exchange Activesync for host mail.mydomain.com
       Exchange Activesync test Failed
      Test Steps
       
      Attempting to Resolve the host name mail.mydomain.com in DNS.
       Host successfully Resolved
      Additional Details
       IP(s) returned: 216.156.167.3
      Testing TCP Port 443 on host mail.mydomain.com to ensure it is listening/open.
       The port was opened successfully.
      Testing SSLCertificate for validity.
       The certificate passed all validation requirements.
      Additional Details
       Subject: CN=mail.mydomain.com, OU=Domain Control Validated - RapidSSL(R), OU=See www.rapidssl.com/resources/cps (c)07, OU=GT33279175, O=mail.mydomain.com, C=US, Issuer CN=Equifax Secure Global eBusiness CA-1, O=Equifax Secure Inc., C=US
      Testing Http Authentication Methods for URL https://mail.mydomain.com/Microsoft-Server-Activesync/
       Http Authentication Methods are correct
      Additional Details
       Found all expected authentication methods and no disallowed methods Methods Found: Basic realm="mail.mydomain.com"
      Attempting an Activesync session with server
       Errors were encountered while testing the ActiveSync session
      Test Steps
       
      Attempting to send OPTIONS command to server
       OPTIONS response was successfully received and is valid
      Additional Details
       Headers received: Connection: close Pragma: no-cache Public: OPTIONS, POST Allow: OPTIONS, POST MS-Server-ActiveSync: 6.5.7638.1 MS-ASProtocolVersions: 1.0,2.0,2.1,2.5 MS-ASProtocolCommands: Sync,SendMail,SmartForward,SmartReply,GetAttachment,GetHierarchy,CreateCollection,DeleteCollection,MoveCollection,FolderSync,FolderCreate,FolderDelete,FolderUpdate,MoveItems,GetItemEstimate,MeetingResponse,ResolveRecipients,ValidateCert,Provision,Search,Notify,Ping Content-Length: 0 Date: Wed, 15 Apr 2009 00:05:23 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET
      Attempting FolderSync command on ActiveSync session
       FolderSync command test failed

0
 
LVL 65

Assisted Solution

by:Mestha
Mestha earned 150 total points
ID: 24147426
The first thing is that I don't think the iPhone trusted the RapidSSL certificates. I know that Windows Mobile does not. Therefore you may well have problems ongoing when it comes to deployment.

Change the authentication setting on the Microsoft-Server-ActiveSync virtual directory in IIS manager from Basic to Integrated. Then run IISRESET for the change to take effect and test again.

Simon.
0
Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

 

Author Comment

by:chudkllr
ID: 24151482
Hey Simon.  I tried that and still no iphone love. :(

on our previous Exchange, the IIS config for MS Activesync was

Enable anonymous access was checked and the rest were clear.  I copied the same config and still it won't work :(

 
0
 
LVL 17

Assisted Solution

by:JohnGerhardt
JohnGerhardt earned 100 total points
ID: 24151875
Hi Chudkllr,
I second what MEstha has said about the RapidSSL note being a trusted root for the iPhone. I have seen a nuber of similiar EE questions with people and RapidSSL certs.
Can you confirm that you aren't using Forms Based Auth for OWA.. As this can cause troubles..
0
 

Author Comment

by:chudkllr
ID: 24152567
Yes the Forms Based Auth is clear. (unchecked) on ESM under Protocols - HTTP - Exchange Virtual Server Propertis - Settings tab.
0
 
LVL 9

Expert Comment

by:tl121000
ID: 24164200
Did you bother trying http://support.microsoft.com/kb/817379?
 
  • In addition a simple and affordable Go Daddy certificate will work.
0
 

Expert Comment

by:thorptech
ID: 32967166
Hi Chudkllr,

I'm having the same problem.  Did you find a fix?

ExRCA is testing Exchange ActiveSync.
 The Exchange ActiveSync test failed.
 Test Steps
 Attempting to resolve the host name (domain name) in DNS.
 Host successfully resolved
 Additional Details
 IP(s) returned: (ip)

Testing TCP Port 443 on host (domain name) to ensure it is listening and open.
 The port was opened successfully.
ExRCA is testing the SSL certificate to make sure it's valid.
 The SSL certificate failed one or more certificate validation checks.
 Test Steps
 The certificate name is being validated.
 Successfully validated the certificate name
 Additional Details
 Found hostname (domain name) in Certificate Subject Common name

Validating certificate trust for Windows Mobile Devices
 Certificate trust validation failed.
  Tell me more about this issue and how to resolve it
 Additional Details
 The certificate chain did not end in a trusted root. Root = CN=Equifax Secure Global eBusiness CA-1, O=Equifax Secure Inc., C=US
0

Featured Post

Do email signature updates give you a headache?

Constantly trying to correctly format email signatures? Spending all of your time at every user’s desk to make updates? Want high-quality HTML signatures on all devices, including on mobiles and Macs? Then, let Exclaimer solve all your email signature problems today!

Join & Write a Comment

Short answer to this question: there is no effective WiFi manager in iOS devices as seen in Windows WiFi or Macbook OSx WiFi management, but this article will try and provide some amicable solutions to better suite your needs.
Following basic email etiquette rules will help you write a professional email and achieve a good, lasting impression with your contacts.
In this video we show how to create a Shared Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Sha…
In this video we show how to create a Contact in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Contact ta…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now