How come some Active Sync clients wiill sync with Exchane 2007 and some wont??

Posted on 2009-05-01
Last Modified: 2013-11-16
I am getting the following error from 2 WM phones(one with 6 and 6.1)  0x80072F0D.  It is saying the cert is invalid.   However, two other treos with WM 6.1 are working fine.  I am reading about intermediate certs on the server?  We have tried all the cert installs on the devices, no go.  
Couple other pieces of information: 

1) when browsing OWA from desktop computer everything works fine but from mobile I'm getting: the data area passed to a system call is too small (122) 

2) the detailed message on the mobile after ActiveSync is: 

The security certificate on the server is not valid.  Contact your Exchange Server administrator or ISP to install a valid certificate on the server. 


Support code: 0x80072F0D 


and again my response to that message is "OWA" is working fine (on desktop PCs) with this certificate, why won't ActiveSync?

Open in new window

Question by:AIT
    LVL 3

    Expert Comment

    You need to import the ROOT certificate for your SSL certificate to the device, not your own certificate. If you go back to the certificate issuer then you should find the root certificate.

    The most reliable method to get it in to the device is to use a cabinet file.

    Error message when you try to synchronize a Windows Mobile-based device by using Exchange
    ActiveSync for Exchange 2003 or for Exchange 2007: "Synchronization failed"

     How to install root certificates on a Windows Mobile-based device

    Hope this helps, thanks,

    Author Comment

    tried those, i actually found the solution here
    "      So here is the next steps I took which resolved the sync issue:
    First I removed any certs that anyone imported into the PDA for this OWA issue.

    On the PC that the PDA can sync to, open a IE window and browse to the OWA server
    Click on the SSL lock icon and view cert path

    On the first cert in the path (it was from User Trust for me), click view cert which opens the cert properties, go to the details tab, and then click copy to file, next, export the cert to the PC using DER encoding
    Copy the cert over to the PDA
    On the PDA click on the cert to import it, this one then showed up in the Root Group
    Next do the above steps for the next cert in the path (this was Network Solutions for me) and any more in the path except the OWA one.
    This 2nd step cert imported into the intermediate group on the PDAs (certs). I looked over my PC's cert store and could not find this one stored anywhere. I had originally did the root Network Soutions which was not the correct one.

    Once these two were on the PDA, I used IE on it to browse again to the OWA website. I was not warned about the SSL being invalid again.

    We had seen that once this is done that the PDA will warn that it must sync to exchange and warns that changes will force the info on the pda to be deleted and synced from
    Exchange therefore changes on the PDA from the time of last sync will be lost.
    My Thoughts
    So the issues we had, it seems that simply exporting what we think needs installed from the PC cert store weren't the right ones. They were only a guess that seemed right based on their names and descriptions and that because they came from the PCs cert store, they may not be properly structured for 3 step cert path. When the certs were on the PDA the first time, their names where shown differently (i.e the Network Solutions one was probably the the wrong one ... installed in the root cert store on PDA but should have been the intermediate one).
    It is best, it appears, to use IEs cert path pop up to proper exporting of the .cer files rather than doing it directly from the PC cert store

    LVL 3

    Accepted Solution

    thats great how ever i thin i directed you to the correct path

    Author Closing Comment

    I actually figured it out before you posted, but sure

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    What Should I Do With This Threat Intelligence?

    Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

    Create high volume marketing opportunities using email signatures with these top 10 DOs and DON'Ts of email signature marketing.
    Easy CSR creation in Exchange 2007,2010 and 2013
    In this video we show how to create a Shared Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Sha…
    In this video we show how to create a Contact in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Contact ta…

    779 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    12 Experts available now in Live!

    Get 1:1 Help Now