Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Android phone and Microsoft Exchange Activesync

Posted on 2011-03-10
14
Medium Priority
?
1,109 Views
Last Modified: 2012-05-11
I am trying to sync a Android Motorola Atrix phone with Microsoft Exchange 2003 and I am having no luck.  We do not have a certificate on the server.  OWA on the server is fully operational.  To make OWA work you need to put the full public IP address /exchange as an address for the browser and that gets you in to Outlook Web Access so I don't believe it is security issue.  I either get the message that it cannot connect to the server or a HTTP error 403 message.  Any help would be appreciated.
0
Comment
Question by:captjcret
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 7
  • 5
14 Comments
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 35099917
Please work your way through my article and check your config, run the test, fix any errors and shout if you get stuck anywhere:

http://www.experts-exchange.com/Software/Server_Software/Email_Servers/Exchange/A_1798-Exchange-2003-Activesync-Connection-Problems-FAQ.html
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 35099935
The 403 error usually mean you have to follow KB817379 which is linked to in my article under the HTTP 403 error section and means you have Forms Based Authentication enabled or SSL enabled on the Exchange Virtual Directory and shouldn't.
0
 
LVL 8

Expert Comment

by:praveenkumare_sp
ID: 35103324
do we get 403 on only if we have "Forms Based Authentication enabled or SSL enabled on the Exchange Virtual Directory "  not for anything else is it ??
0
Prepare for your VMware VCP6-DCV exam.

Josh Coen and Jason Langer have prepared the latest edition of VCP study guide. Both authors have been working in the IT field for more than a decade, and both hold VMware certifications. This 163-page guide covers all 10 of the exam blueprint sections.

 

Author Comment

by:captjcret
ID: 35112400
Ran the connectivity test and it fails at the SSL certificate validation check.  I went through all of the steps in your article and unchecked all secure communications requiring SSL except the exchange virtual directory.  This is a Small Business Server 2003.
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 35113486
Please post the output from the test site (obscure your domain name / IP Address if you like (or I can do it for you), it will make troubleshooting the problem much easier.

Thanks

Alan
0
 

Author Comment

by:captjcret
ID: 35113528
     ExRCA is testing Exchange ActiveSync.
       The Exchange ActiveSync test failed.
       
      Test Steps
       
      Attempting to resolve the host name mail.bnslawyers.com in DNS.
       The host name resolved successfully.
       
      Additional Details
       IP addresses returned: 207.178.225.118, 207.178.228.126
      Testing TCP port 443 on host mail.bnslawyers.com to ensure it's listening and open.
       The port was opened successfully.
      Testing the SSL certificate to make sure it's valid.
       The SSL certificate failed one or more certificate validation checks.
       
      Test Steps
       
      Validating the certificate name.
       Certificate name validation failed.
        Tell me more about this issue and how to resolve it
       
      Additional Details
       Host name mail.bnslawyers.com doesn't match any name found on the server certificate CN=www.bnslawyers.com, CN=companyweb, CN=server, CN=localhost, CN=server.bnslawyers.local.
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 35113568
Okay - so you access your OWA via mail.domain.com and yet your certificate is for www.domain.com, but www.domain.com is not hosted on your own server

So the first step is to create a new certificate for mail.domain.com and then you will get further in the test as the FQDN you use for Activesync (e.g., mail.domain.com), has to match the name on the certificate, or the name on the certificate has to match the FQDN you use to connect via Activesync with.

As you have SBS 2003 - please follow the SL section of my article for details of how to create a new certificate (very easily):

http://www.experts-exchange.com/Software/Server_Software/Email_Servers/Exchange/A_1798-Exchange-2003-Activesync-Connection-Problems-FAQ.html
0
 

Author Comment

by:captjcret
ID: 35117118
Where would you recommend I get a certificate? We currently are not using one.
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 35117173
You are using a certificate.  It is the SBS self issued certificate.

Re-run the connect to the Internet Wizard from Start> Server Management> To Do List, change nothing until you get to the certificate part and then chose to create a new certificate using mail.domain.com and then complete the wizard.

That will create and install a new certificate for you with the correct name.
0
 

Author Comment

by:captjcret
ID: 35117316
That helped me get past the SSL part of the connectivity test.  Now it stops here:

 ExRCA is testing Exchange ActiveSync.  
  The Exchange ActiveSync test failed.
   Test Steps
   Attempting to resolve the host name mail.bnslawyers.com in DNS.
  The host name resolved successfully.
   Additional Details
  IP addresses returned: 207.178.225.118, 207.178.228.126
 
 Testing TCP port 443 on host mail.bnslawyers.com to ensure it's listening and open.
  The port was opened successfully.
 Testing the SSL certificate to make sure it's valid.
  The certificate passed all validation requirements.
   Test Steps
   Validating the certificate name.
  The certificate name was validated successfully.
   Additional Details
  Host name mail.bnslawyers.com was found in the Certificate Subject Common name.
 
 Testing the certificate date to confirm the certificate is valid.
  Date validation passed. The certificate hasn't expired.
   Additional Details
  The certificate is valid. NotBefore = 3/12/2011 7:25:00 PM, NotAfter = 3/12/2016 7:25:00 PM
 
 
 
 Checking the IIS configuration for client certificate authentication.
  Client certificate authentication wasn't detected.
   Additional Details
  Accept/Require Client Certificates isn't configured.
 
 Testing HTTP Authentication Methods for URL https://mail.bnslawyers.com/Microsoft-Server-Activesync/.
  The HTTP authentication methods are correct.
   Additional Details
  ExRCA found all expected authentication methods and no disallowed methods. Methods found: Basic
 
 An ActiveSync session is being attempted with the server.
  Errors were encountered while testing the Exchange ActiveSync session.
   Test Steps
   Attempting to send the OPTIONS command to the server.
  Testing of the OPTIONS command failed. For more information, see Additional Details.
   Additional Details
  A Web exception occurred because an HTTP 401 - Unauthorized response was received from Unknown.
 
 
 
 
 
0
 
LVL 76

Accepted Solution

by:
Alan Hardisty earned 2000 total points
ID: 35117353
Okay - that is good progress.

The 401 errors are usually caused by incorrect username, password or IP address restrictions on the virtual directories mentioned in my article:

http://www.experts-exchange.com/Software/Server_Software/Email_Servers/Exchange/A_1798-Exchange-2003-Activesync-Connection-Problems-FAQ.html
0
 

Author Closing Comment

by:captjcret
ID: 35117621
Awesome job and a great article!!
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 35117722
Thanks - glad it was helpful : )

Alan
0

Featured Post

Important Lessons on Recovering from Petya

In their most recent webinar, Skyport Systems explores ways to isolate and protect critical databases to keep the core of your company safe from harm.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Check out this step-by-step guide for using the newly updated Experts Exchange mobile app—released on May 30.
Are you an Exchange administrator employed with an organization? And, have you encountered a corrupt Exchange database due to which you are not able to open its EDB file. This article will explain all the steps to repair corrupt Exchange database.
This video demonstrates how to sync Microsoft Exchange Public Folders with smartphones using CodeTwo Exchange Sync and Exchange ActiveSync. To learn more about CodeTwo Exchange Sync and download the free trial, go to: http://www.codetwo.com/excha…
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…

715 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question