Solved

How can I enable our Exchange server to allow Droid phones to connect

Posted on 2011-09-26
26
307 Views
Last Modified: 2012-05-12
How can I enable our Exchange server to allow Droid phones to connect they currently cannot. We had users with Blackberries and they worked but the droids will not. I can sync the droid to other email servers for other networks but not this one. We have a single 2003 Exchange server nothing special. All the Droid says in cannot connect. I know I have the mail server setting right on the phone. From the server side, what am I missing?
0
Comment
Question by:Axis52401
  • 12
  • 10
  • +3
26 Comments
 
LVL 14

Expert Comment

by:Kaffiend
ID: 36654848
Well, have you seen this guide, or something like it?
http://exchange.sembee.info/2003/activesync/server.asp

Let us know where you are stuck in the process.

Also, really old Droids (Android 1.x) will have a problem, no matter if your configuration is perfect.
0
 
LVL 2

Author Comment

by:Axis52401
ID: 36676813
I checked that site and the steps and when i do a sit says and https://host.example.com/oma (where host.example.com is the name on your SSL certificate). I get the text version on the email account like ti says yet I am still unable to connect via the Droid. I have a 2 Droids I am testing. One is Brand new and the other is about a yea old. On the year old one I can connect to another server with it so I'm sure its not a problem on the phone.
0
 
LVL 22

Expert Comment

by:yo_bee
ID: 36678287
What version os Windows server are you running?
0
NAS Cloud Backup Strategies

This article explains backup scenarios when using network storage. We review the so-called “3-2-1 strategy” and summarize the methods you can use to send NAS data to the cloud

 
LVL 22

Expert Comment

by:yo_bee
ID: 36678981
Also do you have a cert for the server?
0
 
LVL 2

Author Comment

by:Axis52401
ID: 36678982
Windows Small Business Server 2003
0
 
LVL 22

Expert Comment

by:yo_bee
ID: 36679604
You have OWA setup and are able to connect externally?
0
 
LVL 2

Author Comment

by:Axis52401
ID: 36680311
There is no cert set up but that doesn't stop any of my other clients at other offices from connecting to their 2003 Exchange servers.
The OWA used to work but not that I check I just get a blank page not even an error just a blank white page.
0
 
LVL 2

Author Comment

by:Axis52401
ID: 36683185
The OWA appears to work internally
0
 
LVL 22

Expert Comment

by:yo_bee
ID: 36687982
Internal and External are total different monsters.
You need to confirm that OWA even works from an external connection before you go any further.


http://support.microsoft.com/kb/817379
0
 
LVL 95

Expert Comment

by:Lee W, MVP
ID: 36692286
Also, if you have no SSL cert installed, you are not working securely.  This is generally considered unwise.  If you must run this way and can't afford a cheap GoDaddy SSL cert, then you'll have to make sure you are configuring the android NOT to use SSL/ HTTPS when connecting to the server.
0
 
LVL 22

Expert Comment

by:yo_bee
ID: 36692523
I.Please verify Authentication settings by the following steps.

For Exchange-oma virtual directory:

1. Open IIS Manager

2. Open properties of virtual directory Exchange-oma

3. Select Directory Security tab

4. Select Edit in Authentication and access control box. Make sure the
authentication setting as below:

Authentication Methods

Enabled Basic authentication

Enabled Integrated Windows authentication

Disabled anonymous access

Note:  make use the ssl option is unchedked on driod.
http://support.vzw.com/clc/devices/knowledge_base.html?id=26594

0
 
LVL 5

Expert Comment

by:Swapnil Prajapati
ID: 36707538
Have you tried giving your full OWA link in the server name ?
0
 
LVL 25

Expert Comment

by:RobMobility
ID: 36708379
Hi,

An alternative to Exchange ActiveSync is Good Mobile Enterprise - provides a BES like solution with IT Policy controls, messaging and Secure browser to intranet sites (some platforms).

www.good.com

Regards,


RobMobility.
0
 
LVL 2

Author Comment

by:Axis52401
ID: 36709248
yo_bee:
That link is titled Exchange ActiveSync and Outlook Mobile Access errors occur when SSL or forms-based authentication is required for Exchange Server 2003. But we don't require SSL so I don't see how that Applies.

Lee I know its not secure but in other situations it does work. I have other clients with similiar setups and the Droids will connect as long as its unchecked on the phone.

yo_bee: I followed those stops and OWA and the phone still won't connect. Is OWA necessary for the Droid to connect?


Swap I don't know what you mean, On the phone? OWA isn't working anyway
0
 
LVL 22

Expert Comment

by:yo_bee
ID: 36711796
OWA and Active Sync use similar channels.

For instance If I have a user in my firm wanted to access the mail from the internet while outside the firm they enter https://Webmail.domain.com
This address is the same address used for EAS.

So in some way they are interconnected.

If you are not able to access your Server external through Port 80 (which is what you are trying to set this up on) then EAS will not work.

You will need to route the public address through the router to the internal exchange server (NAT).

These are some things to keep in mind.

You can test internally to see if it even works, but from that point on you need to figure out how to get the devices to communicate from the outside.

I have attached a flow process to this comment to help draw a picture
EAS-flow.PNG
0
 
LVL 2

Author Comment

by:Axis52401
ID: 36712196
I have routed port 80 on their Sonicwall firewall to the mail server just as it says how to. I don't know if any way of testing that to be sure its open or not
0
 
LVL 22

Expert Comment

by:yo_bee
ID: 36712350
Do you have multiple public IP's or just one?
You can always just enter the public address in a browser and see what returns

Also this link
https://www.testexchangeconnectivity.com/ has been posted on various thread in EE and seems to help troubleshoot Exchange connectivity issues.

0
 
LVL 2

Author Comment

by:Axis52401
ID: 36712775
One public IP address I ran that test and got the below. All I can see is its getting an SSL cert from our Sonicwall firewall. I don't know why that is. Is there some way of not using SSL at all?

ExRCA is testing Exchange ActiveSync.
       The Exchange ActiveSync test failed.
       
      Test Steps
       
      Attempting to resolve the host name mail.sfdins.com in DNS.
       The host name resolved successfully.
       
      Additional Details
       IP addresses returned: 207.191.217.231
      Testing TCP port 443 on host mail.sfdins.com to ensure it's listening and open.
       The port was opened successfully.
      Testing the SSL certificate to make sure it's valid.
       The SSL certificate failed one or more certificate validation checks.
       
      Test Steps
       
      ExRCA is attempting to obtain the SSL certificate from remote server mail.sfdins.com on port 443.
       ExRCA successfully obtained the remote SSL certificate.
       
      Additional Details
       Remote Certificate Subject: CN=192.168.168.168, OU=HTTPS Management Certificate for SonicWALL (self-signed), O=HTTPS Management Certificate for SonicWALL (self-signed), L=Sunnyvale, S=California, C=US, Issuer: CN=192.168.168.168, OU=HTTPS Management Certificate for SonicWALL (self-signed), O=HTTPS Management Certificate for SonicWALL (self-signed), L=Sunnyvale, S=California, C=US.
      Validating the certificate name.
       Certificate name validation failed.
        Tell me more about this issue and how to resolve it
       
      Additional Details
       Host name mail.sfdins.com doesn't match any name found on the server certificate CN=192.168.168.168, OU=HTTPS Management Certificate for SonicWALL (self-signed), O=HTTPS Management Certificate for SonicWALL (self-signed), L=Sunnyvale, S=California, C=US.
0
 
LVL 22

Expert Comment

by:yo_bee
ID: 36713538
I will see if I can put something together with some more detail this evening.
0
 
LVL 2

Author Comment

by:Axis52401
ID: 36713597
Thanks for all your help
0
 
LVL 22

Expert Comment

by:yo_bee
ID: 36714030
No Problem!
From what your test results show it looks like the test is trying to communicate over port 443 and not port 80 which is what you are trying to do.

So lets start with the firewall.
So you say you have Port routed to the Exchange server.
I have attached a screenshot of an example that I have setup for a small client.
Does your setup look like this?
 NAT table
0
 
LVL 2

Author Comment

by:Axis52401
ID: 36714185
Sort of we have a Sonicwall and from what i can tell both port 80 and 443 are set to the internal IP address of our Mail server 192.168.10.5. Though from that exchange test it seems like the SSL response is coming from the Sonicwall even though our sonicwall is set to 192.168.10.1.

0
 
LVL 22

Expert Comment

by:yo_bee
ID: 36714207
If you OWA is working you should be able to just enter the ip-address (Public) of your ISP in an browser.
http://ip-address/exchange or http://ip-address/owa.  What do you enter internally after the exchange server name?
0
 
LVL 2

Author Comment

by:Axis52401
ID: 36714238
Internally I can user either http://192.168.10.5/exchange or http://servername/exchange and they both work. Externally I tried both http://publicIP/exchange and http://mxrecorddns/exchange and neither work.
0
 
LVL 22

Expert Comment

by:yo_bee
ID: 36714249
do you have any IP exclusions on the IIS ?
0
 
LVL 22

Accepted Solution

by:
yo_bee earned 500 total points
ID: 36714259
Open IIS > Web Sites > Default Web Site > Right click and select properties > Directory Sercurity Tab > IP address and domian name restrictions
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Learn to move / copy / export exchange contacts to iPhone without using any software. Also see the issues in configuration of exchange with iPhone to migrate contacts.
MS Outlook is a world-class email client application that is mainly used for e-communication globally.  In this article, we will discuss the basic idea about MS Outlook, its advanced features, and types of MS Outlook File formats.
how to add IIS SMTP to handle application/Scanner relays into office 365.
This video demonstrates how to sync Microsoft Exchange Public Folders with smartphones using CodeTwo Exchange Sync and Exchange ActiveSync. To learn more about CodeTwo Exchange Sync and download the free trial, go to: http://www.codetwo.com/excha…

808 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question