Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

How come some Active Sync clients wiill sync with Exchane 2007 and some wont??

Posted on 2009-05-01
4
Medium Priority
?
441 Views
Last Modified: 2013-11-16
I am getting the following error from 2 WM phones(one with 6 and 6.1)  0x80072F0D.  It is saying the cert is invalid.   However, two other treos with WM 6.1 are working fine.  I am reading about intermediate certs on the server?  We have tried all the cert installs on the devices, no go.  
Couple other pieces of information: 
1) when browsing OWA from desktop computer everything works fine but from mobile I'm getting: the data area passed to a system call is too small (122) 
2) the detailed message on the mobile after ActiveSync is: 
The security certificate on the server is not valid.  Contact your Exchange Server administrator or ISP to install a valid certificate on the server. 
  
Support code: 0x80072F0D 
  
and again my response to that message is "OWA" is working fine (on desktop PCs) with this certificate, why won't ActiveSync?

Open in new window

0
Comment
Question by:AIT
  • 2
  • 2
4 Comments
 
LVL 3

Expert Comment

by:Sourabh-Excahnge
ID: 24283472
You need to import the ROOT certificate for your SSL certificate to the device, not your own certificate. If you go back to the certificate issuer then you should find the root certificate.

The most reliable method to get it in to the device is to use a cabinet file.
http://www.amset.info/pocketpc/certificates.asp

Error message when you try to synchronize a Windows Mobile-based device by using Exchange
ActiveSync for Exchange 2003 or for Exchange 2007: "Synchronization failed"
http://support.microsoft.com/kb/927465

 How to install root certificates on a Windows Mobile-based device
http://support.microsoft.com/kb/915840/

Hope this helps, thanks,
0
 

Author Comment

by:AIT
ID: 24283491
tried those, i actually found the solution here
"      So here is the next steps I took which resolved the sync issue:
First I removed any certs that anyone imported into the PDA for this OWA issue.

On the PC that the PDA can sync to, open a IE window and browse to the OWA server
Click on the SSL lock icon and view cert path

On the first cert in the path (it was from User Trust for me), click view cert which opens the cert properties, go to the details tab, and then click copy to file, next, export the cert to the PC using DER encoding
Copy the cert over to the PDA
On the PDA click on the cert to import it, this one then showed up in the Root Group
Next do the above steps for the next cert in the path (this was Network Solutions for me) and any more in the path except the OWA one.
This 2nd step cert imported into the intermediate group on the PDAs (certs). I looked over my PC's cert store and could not find this one stored anywhere. I had originally did the root Network Soutions which was not the correct one.

Once these two were on the PDA, I used IE on it to browse again to the OWA website. I was not warned about the SSL being invalid again.

We had seen that once this is done that the PDA will warn that it must sync to exchange and warns that changes will force the info on the pda to be deleted and synced from
Exchange therefore changes on the PDA from the time of last sync will be lost.
My Thoughts
So the issues we had, it seems that simply exporting what we think needs installed from the PC cert store weren't the right ones. They were only a guess that seemed right based on their names and descriptions and that because they came from the PCs cert store, they may not be properly structured for 3 step cert path. When the certs were on the PDA the first time, their names where shown differently (i.e the Network Solutions one was probably the the wrong one ... installed in the root cert store on PDA but should have been the intermediate one).
It is best, it appears, to use IEs cert path pop up to proper exporting of the .cer files rather than doing it directly from the PC cert store



0
 
LVL 3

Accepted Solution

by:
Sourabh-Excahnge earned 1500 total points
ID: 24283615
thats great how ever i thin i directed you to the correct path
0
 

Author Closing Comment

by:AIT
ID: 31577041
I actually figured it out before you posted, but sure
0

Featured Post

Become an Android App Developer

Ready to kick start your career in 2018? Learn how to build an Android app in January’s Course of the Month and open the door to new opportunities.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article describes Top 9 Exchange troubleshooting utilities that every Exchange Administrator should know. Most of the utilities are available free of cost. List of tools that I am going to explain in this article are:   Microsoft Remote Con…
This article will help to fix the below errors for MS Exchange Server 2016 I. Certificate error "name on the security certificate is invalid or does not match the name of the site" II. Out of Office not working III. Make Internal URLs and Externa…
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Suggested Courses

580 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question