Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

can't get exchange 2003 mail account onto iphone or any smartphones except of BBs

Posted on 2011-09-05
26
Medium Priority
?
620 Views
Last Modified: 2012-08-14
Hi

another office i work for, have vmware consol with esva mail server exchange 2003 on sbs2003. i can add users on active directory then i could sync email accounts with their BBs using BIS just fine.

the problem is i cannot configure same email accounts on iphone or htc or samsung smartphones.
i tried with and without ssl, i am sure usernames and passwords are correct and i am also sure of server name.

in another office i work for (different network), Exchange emails work fine on iphones and on s2.

i get error "cannot verify server identity" so i am assuming it's a licence or trusted certificate problem but i don't know where to start, i appreciate all your help.

thank you
0
Comment
Question by:russus
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 14
  • 9
  • 2
26 Comments
 
LVL 9

Expert Comment

by:davealford
ID: 36484218
HAve you forwarded HTTPS (TCP port 443) from your firewall to server?
0
 
LVL 76

Accepted Solution

by:
Alan Hardisty earned 2000 total points
ID: 36484251
Please have a read through my article about Exchange 2003 / Activesync so that you can check your server configuration and tweak any incorrect settings as necessary:

http://www.experts-exchange.com/Software/Server_Software/Email_Servers/Exchange/A_1798-Exchange-2003-Activesync-Connection-Problems-FAQ.html

Any problems, please let me know.

Alan
0
 

Author Comment

by:russus
ID: 36484453
thank you both, i checked to see if 443 is opened, and it looks like it is. but when i test it using "canyouseeme.org" i get error: i could not see the service on ip address 192.*.*.* (port 443) reason: network is unreachable.



please see attached and let me know what im doing wrong
thank you
443-opened.JPG
0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 36484480
What Firewall / Router do you have?  Sometime the Remote Management of the router is mapped to the Router itself and you will therefore have to change the default port to something like 444 instead of 443.

That should allow port 443 to be passed through the router.
0
 

Author Comment

by:russus
ID: 36484486
to be honest, it's the first time i connect to this firewall, it is "monowall" and to access it, i put https:\\defaultGatewayIP:48484
0
 

Author Comment

by:russus
ID: 36484494
so you're saying to open port 444 and forward it to the mail server exactly same to 443?
0
 

Author Comment

by:russus
ID: 36484546
i tested port 25 and 80 and i get same error with network unreachable! how can it be? i still receive emails on 25
0
 
LVL 9

Expert Comment

by:davealford
ID: 36484590
Check the TCP port 443 rule in the monowall configuration and confirm it is forwarding to the correct internal IP address
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 36485228
Don't open & forward port 444 - Activesync can't use ports other than 80 / 443.

Sounds like a firewall issue / firewall configuration issue if the port isn't testing as open.  Not heard of a monowall before!!
0
 

Author Comment

by:russus
ID: 36487033
dave i could see a rule that forwards anything that comes through port 443 to the ip address of the mail server
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 36487190
Let's ignore the firewall for now - in case it is working and in stealth mode or similar.

Please read my article, visit the test site at https://testexchangeconnectivity.com, run the Exchange Activesync test (DO NOT RUN ANYTHING WITH AUTODISCOVER) and then post the results.

You can obscure your domain name / IP Address (or I can for you).

Alan
0
 

Author Comment

by:russus
ID: 36487454
Alan i read your article, i started with the points and got stuck with testing port 443. i'll run the test and post results shortly. thanks
0
 

Author Comment

by:russus
ID: 36487485
Alan pls find connectivity test attached
connectivity-test.JPG
0
 

Author Comment

by:russus
ID: 36487489
Please remove any sensitive data if i've forgotten something. thank you
0
 

Author Comment

by:russus
ID: 36487871
any follow up? i don't know much about certificates in fact this is maybe the first time i had to deal with this. it says on the image attached "validating certificate name failed" then i went in "tell me more how to resolve" but couldnt find much or didn't know what to look for.

all your help is appreciated. thank you
0
 

Author Comment

by:russus
ID: 36487990
hey alan, in your article, in
Exchange 2003 (Part of Small Business Server):

Microsoft-Server-Activesync Virtual Directory
•      Authentication = Basic
•      Default Domain = NETBIOS domain name - e.g., yourcompany*
•      Realm = NETBIOS name
•      IP Address Restrictions = Granted Access
•      Secure Communications = Require SSL and Require 128-Bit Encryption NOT ticked

Realm=netbios name (i keep this blank or i add "yourcompany" ?
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 36488073
Realm isn't vital - MS keep it blank and the Domain as "\" - but I have fixed issues by adding the Domain in as the internal NETBIOS name.

Try \ and blank and see how you get on.

As you have SBS - you can use my article to generate your own SSL cert using the correct name.

Run through the Connect to the Internet Wizard, change nothing until you get to the Cert part and create a new one for mail.domain.com (I will edit your image above later on).

Once done - re-check your IIS Settings as the Wizard usually adjusts some, then test again.
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 36488122
FYI - I'm travelling about today, so replies may be slow in coming.  Replacing a couple of routers for a customer at their Office / Home and setting up a site-to-site VPN.

My article should walk you through most of what you need.
0
 

Author Comment

by:russus
ID: 36488173
thanks Alan just got to the SSL Certification bit, i'll let you know how it goes.
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 36488178
No probs - I'm moving location again soon.
0
 

Author Comment

by:russus
ID: 36488237
Alan i got to "create web server certificate" and it is at the moment "mydomain.com" so i'll need to change that to "mail.mydomain.com" ?
pls note we access owa using "https:\\mail.mydomain.com\exchange". is changing it will affect BB users? also note BB users don't have this problem
thanks
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 36488244
Yes - change that to mail.domain.com - which should make OWA users happier as they won't get an SSL cert error every time.

BB users should be fine.
0
 

Author Closing Comment

by:russus
ID: 36489082
read through article and followed instructions. the solution that worked for me was recreating ssl certificate that mached my "mail.domain.com".

Alan thank you so much for your help
0
 

Author Comment

by:russus
ID: 36489106
thank you v much Alan, changing certificate to match my "mail.domain.com" did it for me. cheers
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 36490620
Great news - glad that you are working and that my article worked for you.

Don't forget to vote for it too :)

Best wishes

Alan
0

Featured Post

Enroll in October's Free Course of the Month

Do you work with and analyze data? Enroll in October's Course of the Month for 7+ hours of SQL training, allowing you to quickly and efficiently store or retrieve data. It's free for Premium Members, Team Accounts, and Qualified Experts!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article lists the top 5 free OST to PST Converter Tools. These tools save a lot of time for users when they want to convert OST to PST after their exchange server is no longer available or some other critical issue with exchange server or impor…
One-stop solution for Exchange Administrators to address all MS Exchange Server issues, which is known by the name of Stellar Exchange Toolkit.
In this video we show how to create a Contact in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Contact ta…
In this video we show how to create a mailbox database in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Servers >> Data…
Suggested Courses

636 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question