Solved

Exchange 2003 OMA Problem

Posted on 2009-06-28
11
409 Views
Last Modified: 2013-12-05
Hi All,

I am having a problem with Exchange 2003 SP2 and OMA. If I browse to https://mydomain.com/oma I get the login prompt but when I enter a valid login I get the following error:

A System error has occurred while processing your request. Please try again. If the problem persists, contact your administrator.

And when I test at https://testexchangeconnectivity.com I get the following error:

Attempting to Resolve the host name mail.mydomain.com in DNS.
Host successfully Resolved
Additional Details
IP(s) returned: 0.0.0.0

Testing TCP Port 443 on host mail.mydomain.com to ensure it is listening/open.
 The port was opened successfully.

Testing SSL Certificate for validity.
 The SSL Certificate failed one or more certificate validation checks.
Test Steps
 Validating certificate name
 Successfully validated the certificate name
Additional Details
 Found hostname mail.elizapurton.com.au in Certificate Subject Common name

Validating certificate trust for Windows Mobile Devices
 Certificate trust validation failed
 Tell me more about this issue and how to resolve it

Additional Details
 The certificate chain did not end in a trusted root. Root = CN=Equifax Secure Global eBusiness CA-1, O=Equifax Secure Inc., C=US

The certificate works fine on OWA... any ideas?

Any help would be greatly appreciated.

- Jason
0
Comment
Question by:jayman7
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 4
  • 2
  • +1
11 Comments
 
LVL 12

Expert Comment

by:Saakar
ID: 24733732
Hi Jason,

From OMA here I suspect that you are trying to work with Exchange ActiveSync to sync your Windows Mobile Devices with Exchange???

If yes, let's not use OMA because Exchange ActiveSync works with Microsoft-Server-ActiveSync Virtual directory in IIS, we don't even need OMA to work in case if you want to sync your mobile devices with Exchange.

- Dream
0
 

Author Comment

by:jayman7
ID: 24734014
Hi Dream,

Thanks for the response. I am trying to use it with an I-phone, does that need Oma?
0
 
LVL 65

Expert Comment

by:Mestha
ID: 24738151
The root certificates from that issuer are not included in most mobile handhelds. That means the device will not trust the handheld. The usual consequence of that is a repeating authentication prompt.

Simon.
0
Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

 
LVL 17

Expert Comment

by:JohnGerhardt
ID: 24739921
Hi jayman7,
https://mail.mydomain.com/OMA should pop up a log in box and should accept your UN and PWD, but it is normal that you get an error when using a web browser after logging in to this virtual directory.
As Simon has pointed out already, untrusted certificates can cause a whole lot of problems with mobile devices and syncing with active sync.
You now have two choices.
  • Change your certificate to a providor that is included in the iPhones trusted roots
  • Backup the iPhone, restore it, then add the email account again. This should make the phone forget anything that it has remember about the account and it's certificate, you will then be asked to accept the certificate and it should work.
0
 
LVL 12

Expert Comment

by:Saakar
ID: 24740438
Hey Jason,

Yes, iPhone uses Exchange ActiveSync, and try switcing off Wi-Fi and then try to configure Exchange ActiveSync, if you have a Public Certificate, it should already be present on iPhone and use OWA url, Username and password, if everthing is set up correctly, iPhone will sync with Exchange will all your mails on the device...

It does not require OMA to work.

- Dream
0
 

Author Comment

by:jayman7
ID: 24741118
Hi,

Thanks for the suggestions.

I added a new account on the iphone with the following settings:

Email: jcitizen@mydomain.com.au
Server: mail.mydomain.com.au (OWA URL)
Domain: mydomain
Username: jcitizen
Password: password
SSL: On

I get a message that says:

Cannot Get Mail
The connection to the server failed

Any ideas?
0
 
LVL 12

Expert Comment

by:Saakar
ID: 24741306
Hi Jason,

1. Did you follwed KB 817379, since you have SSL enabled?
2. Make sure that Exchange VDir in IIS has Windows Integrated Authentication enabled.
3. Check for any Application logs in Event Viewer, please paste the any error from Application logs.

I have a strong feeling that Step 1 should resolve your issue.

- Dream
0
 

Author Comment

by:jayman7
ID: 24742422
Hi Dream,

I checked the event log and this is the event that had been occuring:

Event Type:        Error
Event Source:    Server ActiveSync
Event Category:                None
Event ID:              3029
Date:                     30/06/2009
Time:                    1:44:07 PM
User:                     MYDOMAIN\jcitizen
Computer:          SERVER
Description:
The mailbox server [server.mydomain.local] has its [exchange] virtual directory set to require SSL.  Exchange ActiveSync cannot access the server if SSL is set to be required.  For information about how to correctly configure Exchange virtual directory settings, see Microsoft Knowledge Base article 817379, "Exchange ActiveSync and Outlook Mobile Access errors occur when SSL or forms-based authentication is required for Exchange Server 2003" (http://go.microsoft.com/fwlink/?linkid=3052&kbid=817379).

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

So I followed KB 817379 and created a virtual directory /ExchangeOMA.

The event has now stopped, however on the I-Phone I still get a message that says:

Cannot Get Mail
The connection to the server failed

My configuration details are now:

Email: jcitizen@mydomain.com.au
Server: mail.mydomain.com.au/ExchangeOMA
Domain: mydomain
Username: jcitizen
Password: password
SSL: Off (or On neither work)

Thanks for the help so far,

- Jason
0
 
LVL 12

Accepted Solution

by:
Saakar earned 500 total points
ID: 24742680
Aaahhh I guess now I got the catch

My configuration details are now:

Email: jcitizen@mydomain.com.au
Server: mail.mydomain.com.au/ExchangeOMA  <- Here you just need the External OWA URL, say for eg: - my external OWA URL is https://mail.contoso.com/exchange
I will just enter mail.contoso.com, no ExchangeOMA or Exchange as well for that matter.

Rest all setting seems to be fine....

Did you tried to remove SSL from the Default Web Site and check without SSL on the device as well.

It might be a certificate issue as well, the intermediate certificate from Equifax Secure Global eBusiness CA-1 might not be present on the device...

Consider checking Exchange ActiveSync without SSL

Good Luck
0
 
LVL 17

Expert Comment

by:JohnGerhardt
ID: 24748201
Great, looks like we are getting there now..!
Can you follow saakar_rao's advice and just put the exchange server FQDN in the servername, nothing else.
Also now try the active sync test @ www.testexchangeconnectivity.com
 
0
 

Author Comment

by:jayman7
ID: 24750542
Woohoo! it works

Thanks a lot for the help

- Jason
0

Featured Post

Simple, centralized multimedia control

Watch and learn to see how ATEN provided an easy and effective way for three jointly-owned pubs to control the 60 televisions located across their three venues utilizing the ATEN Control System, Modular Matrix Switch and HDBaseT extenders.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article lists the top 5 free OST to PST Converter Tools. These tools save a lot of time for users when they want to convert OST to PST after their exchange server is no longer available or some other critical issue with exchange server or impor…
Email is way too noisy, prone to hiding the important stuff, and really becoming unreliable for critical/timely communications. There are better ways to communicate.
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…
Finding and deleting duplicate (picture) files can be a time consuming task. My wife and I, our three kids and their families all share one dilemma: Managing our pictures. Between desktops, laptops, phones, tablets, and cameras; over the last decade…

738 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question