Exchange Server 2003 - Accessing from Cell Phones

  I have an Exchange Server 2003. Web Outlook via SSL works just great and there is a valid cert. I have tried setting up three different phone to access this Exchange Server. All three phones ask pretty much the same settings:

domain\username
password

server

use secure connection (SSL)

Debug is a killer because the phones don't give you much in the way of error detail. I have to have someting right because in playing with the username/password the phone will at least tell me something is wrong with either the username or password if I don't have it right.

I think the problem I am having is either in refering to the "server" or some setting in the Exchange Server itself. The OWA address is https://mail.domain.com/exchange but the phone has a problem connecting to te server. Do I need to change something on the server?

This has to be doable. I am missing something....
LVL 11
jimbecherAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

naomelixesCTOCommented:
What phones are you configuring? Nokia? Blackberry? Android?
When you mention the"server" setting do you mean just the FQDN (mail.domain.com) or the OWA URL?
0
jimbecherAuthor Commented:
The current one is a Verizon Droid but the setup on the LG and Vergin moble is identical. The "server" setting is on the phone. As a rule the server setting is the url for OWA. http://mail.domain.com/exchange but using that results in "cannot connect to server" on the phone.

I have to be close because when I add an s to my username the phone comes back and says it is a username/password error. That would lead me to believe that it is contacting the server and authenticating.

 
0
KevinTHayashiCommented:
When putting in the server, its just the server name.  In the example that  you gave, it should be mail.domain.com and not "http://" or ending with "exchange"

Username should not be prefaced with the Domain Name either.. so for the Droid phone, email sync should look like:

Username: jsmith
Password: thierpasswordhere

Email: jsmith@domain.com
Server: mail.domain.com
Account Name: WhateverYouWant

Check "Use Secure Connection"
0
Determine the Perfect Price for Your IT Services

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden with our free interactive tool and use it to determine the right price for your IT services. Download your free eBook now!

jimbecherAuthor Commented:
  This is a killer. Everything looks so straight forward but it just can't connect to the server. The setup on all three phones is identical. In the "e-mail" app is first asks for your e-mail address and password. Then you click on "manual" to select the type of e-mail. Select "Exchange" then 4 simple questions:

1) Domain\Username
2) Password
3) Server
4) Use SSL

Clicking "next" at that point generates a "unable to connect to server" error. As mentioned above it is doing some kind of connecting because if I change one letter in my username it comes back with a "incorrect userbame or password" error.  

I have port forwarded ports 443, 25 and 110 on the router to the Exchange Server, OWA works just fine. I would think it is something I am missing on the Exchange Server I just don't know what. Is it trying to use ActiveSync or something?
0
KevinTHayashiCommented:
1.) Do you have ActiveSync phones that have successfully connected?
2.) Are you using Forms-Based Authentication on OWA?
3.) Are you using a public or privately generated certificate?
0
Alan HardistyCo-OwnerCommented:
Please have a read of my article and check your IIS settings, then once checked, run the test on the test site, if you get errors, fix them from the relevant section in my article and then hopefully you will be syncing in no time.

http://www.experts-exchange.com/Software/Server_Software/Email_Servers/Exchange/A_1798-Exchange-2003-Activesync-Connection-Problems-FAQ.html

Alan
0
jimbecherAuthor Commented:
All good questions:

1) No ActiveSync phones but I just downloaded and ran AccessMyLan's ActiveSync tester which asks the same thing the phones ask and it passed SSL, mailbox and all

2) I was using Form-Based OWA but have turned it off for testing purposes

3) It is a Public Cert issued by GoDaddy

I am going nuts!
0
Alan HardistyCo-OwnerCommented:
Read my article please.
0
jimbecherAuthor Commented:
  It was an interesting article. The one thing I missed (and didn't bother to look at because I was sure all my servers were updated) was Exchange SP2. It was not installed. After installing SP2 both phones I have been working with now come back with a different error.

"The server requires security features your phone does not support". Can't find anything about this error. Getting closer but still not there...
0
Alan HardistyCo-OwnerCommented:
What sort of phone do you have?
0
jimbecherAuthor Commented:
  One is a Verizon Droid and the other is a LG Droid. In Googling it it appears to be a problem with the phone not recognizing the cert that a phone update will fix. They also say there is a way to turn off that security feature on the Exchange Server but no one has said how :)  
0
Alan HardistyCo-OwnerCommented:
Is your cert a self-issued cert or a 3rd party cert?
0
Alan HardistyCo-OwnerCommented:
Please also run the test on the test site, specify manual server settings, run the test and post the results.

Thanks

Alan
0
jimbecherAuthor Commented:
  It is a thiry party cert from GoDaddy. As mentioned above I downloaded a ActiveSync Tester from AccessMyLan and it passes SSL and all with flying colors. What test are you talking about and on what test site?
0
Alan HardistyCo-OwnerCommented:
The https://testexchangeconnectivity.com site - top test.

The Godaddy cert should be fine - that's one reason you won't catch me buying a Droid - they are a pain to get working!!
0
jimbecherAuthor Commented:
  I am going to have to say the test passed but take a look at the attached file. I am going to have to agree. The problem seems to be in the Anderoid OS and the droid.
Microsoft-Exchange-Server-Remote.pdf
0
Alan HardistyCo-OwnerCommented:
Okay - that test is not passing. The 403 error section of my article will advise you to follow KB817379.  Please read that section of my article and follow the advice.

Once done - retest and post the results please.
0
jimbecherAuthor Commented:
  I am getting a shade confused. THis is a SBS 2003 server and there is already a exchange-oma virtual directory. According to the docs it has to be named exchange-oma on a SBS 2003 server so I can't really create a secondary one.

   When this whole thing started earlier today Forms were enabled and had been for years. I simply disabled forms for testing.

    Based on the above what do I do about creating a secondary Exchange virtual directory?
0
Alan HardistyCo-OwnerCommented:
Does the registry key mentioned in kb817379 exist?

Is SSL enabled on the exchange-oma virtual directory (it shouldn't be)?
0
jimbecherAuthor Commented:
  Sorry. I had to reboot the server and it didn't come back. Anyway...

The registry entry is exactly like it should be in KB817379 and SSL is not checked on the exchange-oma virtual directory.

Still getting:
An HTTP 403 forbidden response was received. The response appears to have come from Unknown. Body of the response: <body><h2>HTTP/1.1 403 Forbidden</h2></body>
 
0
jimbecherAuthor Commented:
When I do connect I get an error in the application log on the server:

Event ID 3005
Unexpected Exchange mailbox Server error: Server: [pdc.mthm.local] User: [JimBecher@mthm.local] HTTP status code: [409]. Verify that the Exchange mailbox Server is working correctly.

0
Alan HardistyCo-OwnerCommented:
Most of the time those errors can be ignored.

Please re-run the Connect to the Internet Wizard - change nothing and complete the wizard, then test on the test site again please and post the results.

Thanks

Alan
0
jimbecherAuthor Commented:
  Hi Alan. I did as you asked. The one thing I noticed the Connect to the Internet Wizard did was re-enable Forms on OWA. The is one thing I have been a little confused on. Do I want form or do I not? I noticed on another thread you participated in here  that there seems to be more than one place to change the use Forms option. I have always been doing it via System Manager and the HTTP protocol.

   No change in the error:  An HTTP 403 forbidden response was received. The response appears to have come from Unknown. Body of the response: <body><h2>HTTP/1.1 403 Forbidden</h2></body>
 
 
 
 
 
 


0
Alan HardistyCo-OwnerCommented:
With SBS - FBA is always enabled by default.  It is fine to leave it one and as it is SBS - you should leave it enabled.

Do you get the same error for different users / passwords?
0
jimbecherAuthor Commented:
Unfortunately yes. They have only 10 users. I have tested half the accounts and the all get the same error.
0
Alan HardistyCo-OwnerCommented:
Can you follow the other options in my article for the 403 errors please.  Primarily, run a repair, defrag and integrity check on the database, but also check the other options too.

Thanks

Alan
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
jimbecherAuthor Commented:
  Hi Alan. I did all the other options in your article for the 403 errors earlier. I was just about to give up when I started focusing on the Event ID 3005 with the http error 409 in the application log.

I came across this article:
http://rahuldpatel.wordpress.com/2011/03/15/activesync-error-from-application-log-event-id-3005-status-code-409/

I was a little groggy from working on this for two days but I have a feeling it was the:
3.Right-click Exchange-OMA, and then follow these steps:
1.Verify the following settings on the Virtual Directory tab:
–> The following check boxes are selected:
–> Script source access
–> Read
–> Write
–> Directory browsing
–> Log visits
–> Index this resource

that did the trick. I think only the read and directory browsing were check. I think the Script Source Access and/or the Write did the trick. My phone actually synced! Since you seem to be the resident genius for the Active Sync issues I wanted to pass this along. Your help was invaluable! Thanks a million!
0
Alan HardistyCo-OwnerCommented:
Thanks for the update (and the points).

Those settings are referenced in http://support.microsoft.com/kb/937635 which is linked to in the "Application Event Log 3005 Errors:" error section of my article.

Glad you are working now

Alan
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Outlook

From novice to tech pro — start learning today.