?
Solved

TMG/Exchange2010: Need help publishing activesync

Posted on 2011-02-15
4
Medium Priority
?
2,374 Views
Last Modified: 2012-05-11
Hi all,

I'm new to this so please bear with me :)

Bottom line: I can't make my company iPhones connect to my newly installed Exchange 2010 and TMG 2010 (on WinSrv2008R2).

I have 3 servers in my small company:

1. DC (SVDC)
2. Exchange 2010 Std (SVEXCHANGE)
3. Forefront 2010 (SVTMG)

All servers are of course updated with all from windowsupdate.

Since I have no certificate on my exchange server, I disabled SSL on the "default web site" (this worked fine with OWA and I disabled it too on "Microsoft-Server-ActiveSync". I know the risk of not using SSL between TMG and Exchange.

I've used the "Exchange Webclient Access Publishing Rule" to publish the active sync.

When I try to connect from my iPhone, I get the following TMG log:

Failed Connection Attempt SVTMG 15-02-2011 17:24:55
Log type: Web Proxy (Reverse)
Status: 0x80090325  
Rule: MAIL - ActiveSync Clients
Source: External (my_home_ip:40561)
Destination: Local Host (SVEXCHANGE 10.0.0.4:443)
Request: OPTIONS http://activesync.mydomain.dk/Microsoft-Server-ActiveSync 
Filter information: Req ID: 0a07c9a9; Compression: client=No, server=No, compress rate=0% decompress rate=0% ; FBA cookie: exists=no, valid=no, updated=yes, logged off=no, client type=unknown, user activity=yes
Protocol: https
User: anonymous
 Additional information
Client agent: Apple-iPhone3C1/803.148
Object source: Internet (Source is the Internet. Object was added to the cache.)
Cache info: 0x8 (Request includes the AUTHORIZATION header.)
Processing time: 1 MIME type:

It seams like it is trying to log on anonymously?

I'm not sure where it goes wrong and how to proceed.

I need your help desperately!

Thanks!

:)
Mojo
0
Comment
Question by:M_O_J_O
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
4 Comments
 
LVL 20

Expert Comment

by:Satya Pathak
ID: 34899409
This issue seems to be Forefront 2010 (SVTMG)

http://www.experts-exchange.com/Software/System_Utilities/Remote_Access/VPN/Q_20970817.html

Also i would suggest you to please check SSL permission.

1) Autodiscover: Basic and Integrated authentication   SSL Optional
2) EWS : Integrated authentication                     SSL Optional
3) Exadmin : Basic and Integrated authentication       NO SSL
4) Exchange : Basic and Integrated authentication      SSL Optional
5) Exchweb : Basic and Integrated authentication       NO SSL
6) Microsoft-Server-ActiveSync: Basic authentication   SSL Optional
7) OAB : Integrated authentication                     SSL Optional
8) OWA : Basic authentication                          SSL Optional
9) Public : Basic and Integrated authentication        SSL Optional
0
 

Author Comment

by:M_O_J_O
ID: 34899451
Hi SatyaPathak,

Thank you for helping me out here!!

Checking SSL permission ... is that on the IIS on the Exchange server?

Thx!

:)
0
 

Accepted Solution

by:
M_O_J_O earned 0 total points
ID: 34904549
My solution was the same as http://www.experts-exchange.com/Apple/Hardware/iPhone/Q_24933916.html

In Active Directory Users and Computers right click on the user and select properties then under the security tab and advanced make sure the box is checked for inheritable permissions.
0
 

Author Closing Comment

by:M_O_J_O
ID: 34936645
Found solution (se above)
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

How to resolve IMCEAEX NDRs in Exchange or Exchange Online related to invalid X500 addresses.
This article will help to fix the below errors for MS Exchange Server 2013 I. Certificate error "name on the security certificate is invalid or does not match the name of the site" II. Out of Office not working III. Make Internal URLs and Externa…
In this video we show how to create a Contact in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Contact ta…
In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…
Suggested Courses

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question