Solved

TMG/Exchange2010: Need help publishing activesync

Posted on 2011-02-15
4
2,355 Views
Last Modified: 2012-05-11
Hi all,

I'm new to this so please bear with me :)

Bottom line: I can't make my company iPhones connect to my newly installed Exchange 2010 and TMG 2010 (on WinSrv2008R2).

I have 3 servers in my small company:

1. DC (SVDC)
2. Exchange 2010 Std (SVEXCHANGE)
3. Forefront 2010 (SVTMG)

All servers are of course updated with all from windowsupdate.

Since I have no certificate on my exchange server, I disabled SSL on the "default web site" (this worked fine with OWA and I disabled it too on "Microsoft-Server-ActiveSync". I know the risk of not using SSL between TMG and Exchange.

I've used the "Exchange Webclient Access Publishing Rule" to publish the active sync.

When I try to connect from my iPhone, I get the following TMG log:

Failed Connection Attempt SVTMG 15-02-2011 17:24:55
Log type: Web Proxy (Reverse)
Status: 0x80090325  
Rule: MAIL - ActiveSync Clients
Source: External (my_home_ip:40561)
Destination: Local Host (SVEXCHANGE 10.0.0.4:443)
Request: OPTIONS http://activesync.mydomain.dk/Microsoft-Server-ActiveSync 
Filter information: Req ID: 0a07c9a9; Compression: client=No, server=No, compress rate=0% decompress rate=0% ; FBA cookie: exists=no, valid=no, updated=yes, logged off=no, client type=unknown, user activity=yes
Protocol: https
User: anonymous
 Additional information
Client agent: Apple-iPhone3C1/803.148
Object source: Internet (Source is the Internet. Object was added to the cache.)
Cache info: 0x8 (Request includes the AUTHORIZATION header.)
Processing time: 1 MIME type:

It seams like it is trying to log on anonymously?

I'm not sure where it goes wrong and how to proceed.

I need your help desperately!

Thanks!

:)
Mojo
0
Comment
Question by:M_O_J_O
  • 3
4 Comments
 
LVL 20

Expert Comment

by:Satya Pathak
ID: 34899409
This issue seems to be Forefront 2010 (SVTMG)

http://www.experts-exchange.com/Software/System_Utilities/Remote_Access/VPN/Q_20970817.html

Also i would suggest you to please check SSL permission.

1) Autodiscover: Basic and Integrated authentication   SSL Optional
2) EWS : Integrated authentication                     SSL Optional
3) Exadmin : Basic and Integrated authentication       NO SSL
4) Exchange : Basic and Integrated authentication      SSL Optional
5) Exchweb : Basic and Integrated authentication       NO SSL
6) Microsoft-Server-ActiveSync: Basic authentication   SSL Optional
7) OAB : Integrated authentication                     SSL Optional
8) OWA : Basic authentication                          SSL Optional
9) Public : Basic and Integrated authentication        SSL Optional
0
 

Author Comment

by:M_O_J_O
ID: 34899451
Hi SatyaPathak,

Thank you for helping me out here!!

Checking SSL permission ... is that on the IIS on the Exchange server?

Thx!

:)
0
 

Accepted Solution

by:
M_O_J_O earned 0 total points
ID: 34904549
My solution was the same as http://www.experts-exchange.com/Apple/Hardware/iPhone/Q_24933916.html

In Active Directory Users and Computers right click on the user and select properties then under the security tab and advanced make sure the box is checked for inheritable permissions.
0
 

Author Closing Comment

by:M_O_J_O
ID: 34936645
Found solution (se above)
0

Featured Post

Announcing the Most Valuable Experts of 2016

MVEs are more concerned with the satisfaction of those they help than with the considerable points they can earn. They are the types of people you feel privileged to call colleagues. Join us in honoring this amazing group of Experts.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

This process describes the steps required to Import and Export data from and to .pst files using Exchange 2010. We can use these steps to export data from a user to a .pst file, import data back to the same or a different user, or even import data t…
This article lists the top 5 free OST to PST Converter Tools. These tools save a lot of time for users when they want to convert OST to PST after their exchange server is no longer available or some other critical issue with exchange server or impor…
The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…

813 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

8 Experts available now in Live!

Get 1:1 Help Now