Exchange 2003 and an iPhone

Orbsol
Orbsol used Ask the Experts™
on
I'm guessing this is something small but I have been tearing my hair out on this for some time and ask for your help.

I have a Windows 2003 SB Server which runs Exchange 2003 for a small company. All aspects of email work perfectly. However I have a worker that travels a lot with a laptop and an iPhone. After much reading trial and error I have setup his laptop using Outlook and RPC over HTTPS. It works great, but I am very stuck getting his iPhone to sync.

Using a very useful website (https://www.testexchangeconnectivity.com/) it passes all tests in the ActiveSync section except the very last one when the sync command is issued. According to the site, this means that I am either forcing SSL on the Exchange virtual directory in IIS or I am using forms authentication. As far as I can tell, neither is the case. When I try and use the iPhone, I get no errors. It says it has connected and that the last sync took place at X time on Y date, but no email is appears in the inbox.

Can anyone please list the settings I need to have on each of IIS the virtual directories or offer an other advice?

Thanks.
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Hi,

I had a similar problem which was fixed by purchasing a security certificate.
see: http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/Server/SBS_Small_Business_Server/Q_23421726.html

Hope that helps

Author

Commented:
I appreciate your comment, but the cert is not the problem. I use a self signed cert but I have told the phone to trust that, just like I told Outlook to trust it. The problem occurs with the actual sync.

Author

Commented:
I have fiddled a bit and now it is failing in a different place. See results below. The OPTIONS command used to pass and it would fail on the FOLDERSYNC command, but something I have done has broken this now. :-(

      Testing Exchange ActiveSync
       Exchange ActiveSync test Failed
       
      Test Steps
       
      Attempting to resolve the host name xxxxxx.xxxxxx.com in DNS.
       Host successfully resolved
       
      Additional Details
       IP(s) returned: xxx.xxx.xxx.xxx
      Testing TCP Port 443 on host xxxxxx.xxxxxxx.com to ensure it is listening and open.
       The port was opened successfully.
      Testing SSL Certificate for validity.
       The certificate passed all validation requirements.
       
      Test Steps
       
      Validating certificate name
       Successfully validated the certificate name
       
      Additional Details
       Found hostname xxxxxx.xxxxxxx.com in Certificate Subject Common name
      Testing certificate date to ensure validity
       Date Validation passed. The certificate is not expired.
       
      Additional Details
       Certificate is valid: NotBefore = 12/29/2009 10:44:12 AM, NotAfter = 12/29/2014 10:44:12 AM"
      Testing Http Authentication Methods for URL https://xxxxxx.xxxxxx.com/Microsoft-Server-Activesync/
       Http Authentication Methods are correct
       
      Additional Details
       Found all expected authentication methods and no disallowed methods. Methods Found: Basic
      Attempting an ActiveSync session with server
       Errors were encountered while testing the ActiveSync session
       
      Test Steps
       
      Attempting to send OPTIONS command to server
       Testing the OPTIONS command failed. See Additional Details for more info
       
      Additional Details
       A Web Exception occurred because an HTTP 401 - Unauthorized response was received from Unknown
Success in ‘20 With a Profitable Pricing Strategy

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden using our free interactive tool and use it to determine the right price for your IT services. Start calculating Now!

Awarded 2009
Top Expert 2010
Commented:
I would recommend havig a read of alanhardisty's FAQ: http://www.it-eye.co.uk/faqs/readQuestion.php?qid=1

it solves most problems and I it doesn't come back and I can help further.
Awarded 2009
Top Expert 2010

Commented:
A 401 error is either bad IIS settings which the FAQ will help you with or a bad username/password

Author

Commented:
dezmaster, that FAQ is excellent and I have bookmarked it for future but it has not solved the problem yet. Strangely the the tool they reommend to use passes the test (it tells me the cert is self-signed, but I knew that).

Testing xxxxxx.xxxxxxx.com (SSL, On Internet):

Communications:
      Doing DNS lookup on xxxxxxx.xxxxxxxx..com  OK (xxx.xxx.xxx.xxx)
      Testing TCP to xxx.xxx.xxx.xxx port 443 ... OK
SSL Certificate:
      Receiving ................................ OK
      Ensuring not Self-Signed ................. FAIL
      Verifying certificate .................... FAIL
ActiveSync:
      Checking for application ................. OK
      Checking version ......................... OK (6.5.7638.1)
      Checking protocols ....................... OK (1.0,2.0,2.1,2.5)
User Permissions:
      Checking "domain/user" .................. OK

Result:
      ActiveSync IS available but the certificate is not trusted.

Do you think it is worth removing IIS and reinstalling it?

Author

Commented:
Additionally, I have now borrowed and Android phone and this syncs perfectly. I'm wondering now whether perhaps this is an iPhone problem and not the server at all?
Awarded 2009
Top Expert 2010

Commented:
On the iphone, rremove the Exchange account, power cycle the phone and then add the account again.
Alan HardistyCo-Owner
Top Expert 2011

Commented:
What results do you get from the test site referenced in my FAQ that Demazter posted?

https://testexchangeconnectivity.com

If the tests pass, Activesync should be working.

When you setup the Exchange account on the iPhone, do you click Accept on the certificate prompt?

Author

Commented:
demazter, the guy who owns the phone is out at the moment but will try that when he returns.

alanhardisty for those results, see my comment #26444079.
Awarded 2009
Top Expert 2010

Commented:
If it works on the droid and activesync test passes then it will work on the iPhone, just with all the fiddling it's always best to get a good fresh start.
Alan HardistyCo-Owner
Top Expert 2011
Commented:
Okay - was not sure if it had moved on from there.

401 is a bad username / password usually.  What details are you using on the iPhone when setting it up?

Username should just be username not domain\username.

Domain is the netbios domain name e.g., yourdomain not yourdomain.local

Password should be self explanatory.

Author

Commented:
Yes I did use those as you describe on the phone. But on https://www.testexchangeconnectivity.com/ you have to put domain\user

I'm hoping that the FAQ has done the trick but I'll know more when I try again.

Thanks guys.
Alan HardistyCo-Owner
Top Expert 2011

Commented:
Typically, the iPhone and Windows mobile don't use Domain\username but the test website does.

Fingers crossed it all work when you can configure the phone again.

Author

Commented:
Hi guys, I have no idea which bit of the FAQ did it but it is working. Although demazter gave me the solution I had to award something to alanhardisty for writing the FAQ in the first place. I hope that is OK?

Thank you both so much.
Alan HardistyCo-Owner
Top Expert 2011

Commented:
No complaints from me - I am sure Demazter won't be upset ;-)
Glad it is working and appreciate the points.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial