Email on Nokia E75 to Exchange 2003

Hello,
I have Exchange 2003 single server set as back-end server.  The server is published externally through ISA 2004.  RPC over HTTPs is configured and is working perfect.  I am trying to configure Exchange to serve emails to mobile phone devices.  The device I am trying is Nokia E75.
On Exchange server, I have followed a Microsoft article and I can now browse my email from an internet browser right to the Microsoft-Server-ActiveSync folder.  This works from internal as well external networks.  It also works on my mobile phone browser.
On my mobile phone's email client, I have configured everything, including the CA certificate, which now shows in the list of Authority Certificates.  Also, I can see the request arriving at ISA server as Allowed Connection using the rule I specified (same rule as RPC over HTTPs, with Microsoft-Server-ActiveSync added as a path.) But, nothing returns.  And, there are two cases to consider here:
1 - Setting the "Denied Access" option on the virtual folder as recommended by MS article (except for the IP of the Exchange server itself) returns an error message on the mobile that reads: Server requires secure connection. Change Profile > Connection > Secure Connection to Yes.  In that setting, the Secure Connection option is actually set to Yes.
2 - When I remove that "Denied Access" option, the mobile phone seems to to synchronize but returns nothing, not even an error.
For the record, my domain name for authentication is different from my email domain name.  Also, in Active Directory Users and Computers, I have more than one SMTP email address set for my user account.  However, the email I am trying here is set as the primary email.
Any input is highly appreciated.

Regards
Yba
Yba02Asked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Alan HardistyCo-OwnerCommented:
My article on Exchange 2003 / Activesync should make sure your server is configured correctly, but as far as ISA goes, I'm not too hot on it, so may not be much use there (well I know how to use Google of course!).

http://www.experts-exchange.com/articles/Software/Server_Software/Email_Servers/Exchange/Exchange-2003-Activesync-Connection-Problems-FAQ.html
0
Yba02Author Commented:
Hello,
I have been doing lots of reading.  It seems that all the roads converge to you.  I have seen your posts here, on msexchange.org, it-eye.co.uk and your blog in the wordpress.com.  This seems good and hopefully would make my life easier.
"I think" I have done the configuration by the book again and again.  www.testexchangeconnectivity.com seems to fail on the same point again and again.  It is always a "Testing the OPTIONS command failed. See Additional Details for more info" error.  The Microsoft link in there refers to an issue with ISA server.  However, that issue is reported on ISA 2000, while I have 2004.  I assume that the error was fixed.  Nevertheless, I am unable to confirm this fact.
Is there a way we can isolate the issue to be either of ISA or Exchange source?  If proved to be ISA, what are your recommendations?

Regards
Yba
0
Alan HardistyCo-OwnerCommented:
I do have one or two roads covered quite well ; )
Can you have a read of the following and check / re-publish your Activesync rule:
http://www.petri.co.il/publishing_owa_with_isa2004.htm
I have a client using ISA 2004 with SBS 2003, so I can check / very settings happily.
To rule out the ISA box (hopefully), download the Activesync Test App mentioned in my article and run it on a PC inside the LAn and test using the LAN option.  This should hopefully bypass the ISA server and should test the settings on the server.
0
Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

Yba02Author Commented:
Are you referring to the PPC emulator?
0
Alan HardistyCo-OwnerCommented:
This is what I mean:
https://store.accessmylan.com/main/diagnostic-tools
Download the one for your PC.
0
Yba02Author Commented:
I have downloaded the tool.  It seems indeed an Exchange issue.  ISA is not invloved.
"ActiveSync detected, but not correctly configured."
That was the result returned from the tool when checking version of of ActiveSync.  
When that happened, I removed the activesync vritual directory I had and rebuilt it according to this Microsoft article: http://support.microsoft.com/?id=817379.  But still the same.
Here are the settings of the system:
1 - Virtual dirrectory: Microsoft-Server-ActiveSync.
2 - Registery path: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MasSync\Parameters
3 - Registry key: ExchangeVDir, type: DWORD, Value: /Microsoft-Server-ActiveSync.
4 - Authentication methods: basic and integrated.
5 - Require Secure Channel (SSL) NOT checked.
Any idea what might be missing?

Regards
Yba
0
Alan HardistyCo-OwnerCommented:
As per my article, the microsoft-server-activesync virtual directory requires Basic Authentication ONLY and SSL should be enabled.
Please check through my article posted above and check all IIS settings carefully, then run iisreset if you make any changes and test again.
0
Yba02Author Commented:
I have discovered too many things.  As they might be irrelevant, I dont see any good in listing them.  However, let us start from this question.
What are the virtual folders invovled in ActiveSync?
For me, they are three: Microsoft-Server-ActiveSync, OMA and Exchange-OMA.  They are in this link:
http://support.microsoft.com/kb/937635.  If that is the case, which one should go into the registry?

Regards
Yba
Note: I have managed to make the tool advance a little bit.  It now halts on an error 403 (disbaled for this user.) I am using my own user and it is not disbaled for activesync.
0
Alan HardistyCo-OwnerCommented:
My article lists the virtual directories involved with Activesync.
If you have Exchange 2003 (not part of SBS), then it is Exchange and Microsoft-Server-Activesync (and exchange-oma if you use Forms Based Authentication).
If you have SBS 2003, then is it Exchange, Microsoft-Server-Activesync, Exchange-OMA and OMA.
The only directory entered via the registry is exchange-oma, but only if you are using Forms Based Authentication.
Run through the IIS settings from my article and check your settings against those.  If you get the 403 error, then my article has recommendations for what to do to resolve those.
0
Yba02Author Commented:
Hi,
I had it working, finally.
There were two parts that you have missed in your article:
1 - On Exchange server, IIS is the operations theatre for Exchange System Manager.  I could not spot the part in your article in which you have mentioned that whatever folders you have in IIS, must have their counterparts in ESM, properly configured for the required purpose.
Actually, you should have started by guiding to configure virtual folders in ESM, not IIS.  If these folders are not in ESM, nothing will work, and this goes to each and every HTTP-dependent Exchange feature, such as OMA, OWA, RPC/HTTP and MAS.
If these virtual directories are properly created in ESM, restarting IIS Admin will create them readily configured in IIS.  This goes on for Exchange-OMA too.  In fact, the only thing I was missing is a virtual directory called Exchange-OMA in my ESM.  Once I manually created that folder, I got everything up and running.
The bottom line is: if you have a VD in IIS, then you must have it in ESM. Otherwise, nothing for that IIS VD will work.
Even for that Microsoft recommendation to create a VD in IIS (Exchange-OMA) to handle non-SSL requests for MAS and OMA folders, you actually do not need that.  Create it in ESM (as SMTP folder and name it Exchange-OMA) and restart IIS Admin service to have in IIS.  The amazing thing here is that once you choose the proper type of service which that VD will server, you do not even need to touch permissions.  Everything comes automatically.  The only thing you want to make sure of is that FBA is not enabled on the HHTP VD in ESM when Exchange-OMA VD is being created.
2 – I have used two testing utilities in this experience.  The one provided by Microsoft (https://www.testexchangeconnectivity.com) and the one in your article.  I do not blame you for this of course but both utilities generate different types of errors WHILE MAS works charmingly.  I know that you have mentioned in your article that MAS can work while error 403 is still being generated.  However, it would have been smoother to the reader to know that they should not entirely depend on these utilities for testing.  The real test is seeing emails flying in their mobile devices.

Awaiting your feedback before closing this thread.

Regards
Yba
0
Alan HardistyCo-OwnerCommented:
There are no virtual folders in Exchange System Manager - what are you referring to?
The Virtual directories are just that - virtual directories.  Some point to folders under the Exchange Program directories, but not under Exchange System Manager, others do not point to physical folders e.g., \\.\BackOfficeStorage\domain.local\MBX.
My Article cannot cater for every eventuality - it does cover the vast majority of problems with simple configurational issues and has helped numerous people, but if your server configuration is seriously misconfigured or missing folders / directories in the Exchange structure, then that would entail a completely different article and is beyond the scope of my article.  It would be impossible to cover every possible problem with Activesync on an Exchange 2003 server, without running through the installation of exchange, the verification that exchange is installed properly, verifying that Windows is installed and configured properly and that would make the article massive!
Can you take some screen shots of what you did and what you are referring to as I am not sure exactly what you are talking about and screen shots would help to clarify your points.
Thanks
Alan
P.S.  I'm happy to make changes to my article if it is helpful to you and others, but need to know what you are talking about first.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Yba02Author Commented:
Hi,
I have not noticed the mistake I have made about "virtual folders".  It was a mistake indeed and thank you for the clarification.
Please substitute the word "folder", whereever it appears, with the word "directory" and read the reply again. We can continue the discussion afterwards :).

Regards
Yba
0
Alan HardistyCo-OwnerCommented:
Best bet if you want to discuss this further is to contact me directly and then we can discuss this off-line, as this is not related to fixing your problem.
If you click my name, you will get to my profile and from there, you will find an email address that you can email me on.
0
Yba02Author Commented:
The solution lacks some parts.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Smartphones

From novice to tech pro — start learning today.