Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

How do I configure IIS so iphones can connect?

Posted on 2009-04-14
10
Medium Priority
?
752 Views
Last Modified: 2012-05-06
Running Server 2003 standard SP 2 and Exchange 2003 SP2.  


Been working on this for hours and I can still cant get it to work.  i think I messed up my IIS so much, I reinstalled it from scratch bugoing through this steps. Resetting the default virtual directories.  Done that succesfully and restarted the exchange server.  Email works fine.  Web outlook works fine.   but when i try to get our iphones to sync with the server it gets "Connection to server failed"

This is a NEW email server and the iphones synced fine for a few days.  On their iphones, whether SSL was on or off, it still worked.  (already migrated the certificate to the new server)  however, when I was trying to configure RPC over HTTP so our remote users can get their email through their outlook, that's when I messed up the IIS.

Now IIS virtual directories are restored.

Please help! :)

0
Comment
Question by:chudkllr
  • 4
  • 2
  • 2
  • +2
10 Comments
 
LVL 9

Expert Comment

by:tl121000
ID: 24143594
need to creat another VD and set a registry key setting
http://support.microsoft.com/kb/817379
check out  section --> Create a secondary virtual directory for Exchange server  
 
0
 
LVL 65

Accepted Solution

by:
Mestha earned 450 total points
ID: 24143641
The iPhone is a very poor implementation of ActiveSync and makes it hard to troubleshoot what is actually happening. If the server is exposed to the internet then use a test account and the Microsoft test site:

https://testexchangeconnectivity.com/

That will show you whether things are working correctly or not and should give you some troubleshooting tips.

If you need to deploy the changes in 817379 then that should be logged in the server's event log.

Simon.
0
 

Author Comment

by:chudkllr
ID: 24143773
This is what I got.  I just change the real domain name for security

------



      Test Steps
       
      Attempting to Resolve the host name swaymail.swaystudio.com in DNS.
       Host successfully Resolved
      Additional Details
       IP(s) returned: 216.156.167.3
      Testing TCP Port 443 on host (mail.mydomain.com) to ensure it is listening/open.
       The port was opened successfully.
      Testing SSLCertificate for validity.
       The certificate passed all validation requirements.
      Additional Details
       Subject: CN=swaymail.swaystudio.com, OU=Domain Control Validated - RapidSSL(R), OU=See www.rapidssl.com/resources/cps (c)07, OU=GT33279175, O=mail.mydomain.com, C=US, Issuer CN=Equifax Secure Global eBusiness CA-1, O=Equifax Secure Inc., C=US
      Testing SSL mutual authentication with RPC Proxy server
       Successfully verified Mutual Authentication
      Additional Details
       Certificate common name mail.mydomain.com matches msstd:mail.mydomain.com
      Testing Http Authentication Methods for URL https://mail.mydomain.com/rpc/rpcproxy.dll
       Http Authentication Test failed
      Additional Details
       A Web Exception occured because an HTTP 404 - NotFound response was received from IIS6
0
Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

 

Author Comment

by:chudkllr
ID: 24143796
Oh wait, sorry  that was the test for Microsoft Office Outlook 2003 RPC/HTTP Connectivity Test

This is what I got for the active sync test

      Testing Exchange Activesync for host mail.mydomain.com
       Exchange Activesync test Failed
      Test Steps
       
      Attempting to Resolve the host name mail.mydomain.com in DNS.
       Host successfully Resolved
      Additional Details
       IP(s) returned: 216.156.167.3
      Testing TCP Port 443 on host mail.mydomain.com to ensure it is listening/open.
       The port was opened successfully.
      Testing SSLCertificate for validity.
       The certificate passed all validation requirements.
      Additional Details
       Subject: CN=mail.mydomain.com, OU=Domain Control Validated - RapidSSL(R), OU=See www.rapidssl.com/resources/cps (c)07, OU=GT33279175, O=mail.mydomain.com, C=US, Issuer CN=Equifax Secure Global eBusiness CA-1, O=Equifax Secure Inc., C=US
      Testing Http Authentication Methods for URL https://mail.mydomain.com/Microsoft-Server-Activesync/
       Http Authentication Methods are correct
      Additional Details
       Found all expected authentication methods and no disallowed methods Methods Found: Basic realm="mail.mydomain.com"
      Attempting an Activesync session with server
       Errors were encountered while testing the ActiveSync session
      Test Steps
       
      Attempting to send OPTIONS command to server
       OPTIONS response was successfully received and is valid
      Additional Details
       Headers received: Connection: close Pragma: no-cache Public: OPTIONS, POST Allow: OPTIONS, POST MS-Server-ActiveSync: 6.5.7638.1 MS-ASProtocolVersions: 1.0,2.0,2.1,2.5 MS-ASProtocolCommands: Sync,SendMail,SmartForward,SmartReply,GetAttachment,GetHierarchy,CreateCollection,DeleteCollection,MoveCollection,FolderSync,FolderCreate,FolderDelete,FolderUpdate,MoveItems,GetItemEstimate,MeetingResponse,ResolveRecipients,ValidateCert,Provision,Search,Notify,Ping Content-Length: 0 Date: Wed, 15 Apr 2009 00:05:23 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET
      Attempting FolderSync command on ActiveSync session
       FolderSync command test failed

0
 
LVL 65

Assisted Solution

by:Mestha
Mestha earned 450 total points
ID: 24147426
The first thing is that I don't think the iPhone trusted the RapidSSL certificates. I know that Windows Mobile does not. Therefore you may well have problems ongoing when it comes to deployment.

Change the authentication setting on the Microsoft-Server-ActiveSync virtual directory in IIS manager from Basic to Integrated. Then run IISRESET for the change to take effect and test again.

Simon.
0
 

Author Comment

by:chudkllr
ID: 24151482
Hey Simon.  I tried that and still no iphone love. :(

on our previous Exchange, the IIS config for MS Activesync was

Enable anonymous access was checked and the rest were clear.  I copied the same config and still it won't work :(

 
0
 
LVL 17

Assisted Solution

by:JohnGerhardt
JohnGerhardt earned 300 total points
ID: 24151875
Hi Chudkllr,
I second what MEstha has said about the RapidSSL note being a trusted root for the iPhone. I have seen a nuber of similiar EE questions with people and RapidSSL certs.
Can you confirm that you aren't using Forms Based Auth for OWA.. As this can cause troubles..
0
 

Author Comment

by:chudkllr
ID: 24152567
Yes the Forms Based Auth is clear. (unchecked) on ESM under Protocols - HTTP - Exchange Virtual Server Propertis - Settings tab.
0
 
LVL 9

Expert Comment

by:tl121000
ID: 24164200
Did you bother trying http://support.microsoft.com/kb/817379?
 
  • In addition a simple and affordable Go Daddy certificate will work.
0
 

Expert Comment

by:thorptech
ID: 32967166
Hi Chudkllr,

I'm having the same problem.  Did you find a fix?

ExRCA is testing Exchange ActiveSync.
 The Exchange ActiveSync test failed.
 Test Steps
 Attempting to resolve the host name (domain name) in DNS.
 Host successfully resolved
 Additional Details
 IP(s) returned: (ip)

Testing TCP Port 443 on host (domain name) to ensure it is listening and open.
 The port was opened successfully.
ExRCA is testing the SSL certificate to make sure it's valid.
 The SSL certificate failed one or more certificate validation checks.
 Test Steps
 The certificate name is being validated.
 Successfully validated the certificate name
 Additional Details
 Found hostname (domain name) in Certificate Subject Common name

Validating certificate trust for Windows Mobile Devices
 Certificate trust validation failed.
  Tell me more about this issue and how to resolve it
 Additional Details
 The certificate chain did not end in a trusted root. Root = CN=Equifax Secure Global eBusiness CA-1, O=Equifax Secure Inc., C=US
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Are you an Exchange administrator employed with an organization? And, have you encountered a corrupt Exchange database due to which you are not able to open its EDB file. This article will explain all the steps to repair corrupt Exchange database.
Mailbox Corruption is a nightmare every Exchange DBA wishes he never has. Recovering from it can be super-hectic if not entirely futile. And though techniques like the New-MailboxRepairRequest cmdlet have been designed to help with fixing minor corr…
The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Suggested Courses

971 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question