• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 989
  • Last Modified:

How can I push Exchange 2007 mail to iPhone without OWA or an external Active-Sync URL?

I need for our Exchange 2007 to push mail to a couple of iPhones. We do not use OWA or have an external Active-Sync URL. Is there a way to do this?
0
KristofferW
Asked:
KristofferW
1 Solution
 
Justin OwensITIL Problem ManagerCommented:
If you have Outlook Anywhere configured to use RPC over HTTP you should be able to get your iPhone to work with it.  Is this an option for you?

Justin
0
 
MidnightOneCommented:
Without OWA and ActiveSync, I don't see that happening easily. The only other way I can think of is to allow IMAP connections from the internet - and that's a dumb idea because IMAP and POP are inherently insecure.
0
 
MesthaCommented:
"If you have Outlook Anywhere configured to use RPC over HTTP you should be able to get your iPhone to work with it.  Is this an option for you?"

That is just wrong.

Outlook Anywhere has NOTHING to do with ActiveSync. Nothing at all. It is a feature exclusively for Outlook.

You only have two choices. Neither of them involve OWA.

- ActiveSync.
- IMAP.

Of the two, only ActiveSync is really a valid solution. IMAP is very poor.

Why can't you use ActiveSync?

Simon.
0
Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

 
KristofferWAuthor Commented:
We can. I am just not familiar enough with it to make it work. I noticed that it did not have an external URL. Is that necessary for this to work?
0
 
MesthaCommented:
You need to have an external URL configured. However if you aren't using OWA then there is a good chance that it will not work.

The external URL should be set in the format of https://host.example.com/Microsoft-Server-ActiveSync

Test it with a test account and the Microsoft test site:
https://testexchangeconnectivity.com/

Simon.
0
 
KristofferWAuthor Commented:
Mestha, thank you for the information. The link is very useful. It seems to be working until it gets to the "Attempting to locate SRV record _autodiscover._tcp.mtownbank.com in DNS." step.
0
 
MesthaCommented:
That isn't an error so to speak. Autodiscover SRV records is an alternative way of autodiscover doing its thing. The process should have continued. Exchange ActiveSync should still have attempted a connection - if you provided it with the relevant information.

Simon.
0
 
KristofferWAuthor Commented:
Below are the results from the test. It says that connection failed.
Testing Exchange ActiveSync 
 Exchange ActiveSync test Failed
 Test Steps
 Attempting AutoDiscover and Exchange ActiveSync Test (if requested)
 Failed to test AutoDiscover for Exchange ActiveSync 
 Test Steps
 Attempting each method of contacting the AutoDiscover Service
 Failed to contact the AutoDiscover service successfully by any method
 Test Steps
 Attempting to test potential AutoDiscover URL https://mtownbank.com/AutoDiscover/AutoDiscover.xml
 Failed testing this potential AutoDiscover URL
 Test Steps
 Attempting to resolve the host name mtownbank.com in DNS.
 Host successfully resolved
 Additional Details
 IP(s) returned: 12.145.177.103 

Testing TCP Port 443 on host mtownbank.com to ensure it is listening and open.
 The port was opened successfully.
Testing SSL Certificate for validity.
 The SSL Certificate failed one or more certificate validation checks.
  Tell me more about this issue and how to resolve it
 Additional Details
 A network error occurred while communicating with remote host
Exception Details:
Message: Authentication failed because the remote party has closed the transport stream.
Type: System.IO.IOException
Stack Trace:
at System.Net.Security.SslState.StartReadFrame(Byte[] buffer, Int32 readBytes, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.ForceAuthentication(Boolean receiveFirst, Byte[] buffer, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.ProcessAuthentication(LazyAsyncResult lazyResult)
at System.Net.Security.SslStream.AuthenticateAsClient(String targetHost, X509CertificateCollection clientCertificates, SslProtocols enabledSslProtocols, Boolean checkCertificateRevocation)
at System.Net.Security.SslStream.AuthenticateAsClient(String targetHost)
at Microsoft.Exchange.Tools.ExRca.Tests.SSLCertificateTest.PerformTestReally()




Attempting to test potential AutoDiscover URL https://autodiscover.mtownbank.com/AutoDiscover/AutoDiscover.xml
 Failed testing this potential AutoDiscover URL
 Test Steps
 Attempting to resolve the host name autodiscover.mtownbank.com in DNS.
 Host successfully resolved
 Additional Details
 IP(s) returned: 97.64.131.74 

Testing TCP Port 443 on host autodiscover.mtownbank.com to ensure it is listening and open.
 The port was opened successfully.
Testing SSL Certificate for validity.
 The SSL Certificate failed one or more certificate validation checks.
 Test Steps
 Validating certificate name
 Certificate name validation failed
  Tell me more about this issue and how to resolve it
 Additional Details
 Host name autodiscover.mtownbank.com does not match any name found on the server certificate CN=mbtexc 





Attempting to contact the AutoDiscover service using the HTTP redirect method.
 Failed to contact AutoDiscover using the HTTP Redirect method
 Test Steps
 Attempting to resolve the host name autodiscover.mtownbank.com in DNS.
 Host successfully resolved
 Additional Details
 IP(s) returned: 97.64.131.74 

Testing TCP Port 80 on host autodiscover.mtownbank.com to ensure it is listening and open.
 The port was opened successfully.
Checking Host autodiscover.mtownbank.com for an HTTP redirect to AutoDiscover
 Failed to get an HTTP redirect response for AutoDiscover
 Additional Details
 An HTTP 403 forbidden response was received. The response appears to have come from Unknown. Body is: <html><head><title>Error</title></head><body><head><title>Secure Channel Required</title></head> <body><h1>Secure Channel Required</h1>This Virtual Directory requires a browser that supports the configured encryption options.</body></body></html> 



Attempting to contact the AutoDiscover service using the DNS SRV redirect method.
 Failed to contact AutoDiscover using the DNS SRV redirect method.
 Test Steps
 Attempting to locate SRV record _autodiscover._tcp.mtownbank.com in DNS.
 Failed to find AutoDiscover SRV record in DNS.
  Tell me more about this issue and how to resolve it

Open in new window

0
 
MesthaCommented:
That is the autodiscover test that is failing. You don't have your SSL certificate setup correctly with all of the required names involved.

Autodiscover will often fail on some of the tests because it makes attempts to connect in more than one way. Only one has to work. The others do not. In your case nothing works.

Was that the ActiveSync test that you were trying to test?

Simon.
0
 
KristofferWAuthor Commented:
Yes, that was the ActiveSync test. I am working on getting a certificate. That too is kind of new to me.
0
 
MesthaCommented:
I have instructions for the SSL certificate deployment on my blog here:
http://blog.sembee.co.uk/archive/2008/05/30/78.aspx

Simon.
0
 
KristofferWAuthor Commented:
Thank you Simon. Your blog is very useful. I have finally downloaded our SSL certificate and will try to deploy it this afternoon. I will let you know how it goes.
0
 
KristofferWAuthor Commented:
I'm sorry for the delay is getting back on here. We finally have gotten this issue solved using Simon's blog and the links therin. Thank you so much for the help and I will assign points now.
0

Featured Post

Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now