Solved

Active sync to mobile phones stopped working

Posted on 2013-11-18
6
339 Views
Last Modified: 2013-11-20
We moved a 2003 exchange email server to another location and changed the mx records to point to the new location.  The email and web email all are working.  I am getting a certificate error on the website and the mobile devices, however that does not seem to be the problem. The mobile phone seem connect to the exchange server and send back a message that the certificate has a problem. The name of the site does not match the name of the certificate. I say continue and then get unable to connect to server.
I go into iis Microsoft-server-activesync and when a change anything authentication methods I get different errors (this tells me that my phone is getting to the server).  The settings I have now in directory security and the authentication access control are basic authentication checked.
0
Comment
Question by:DaveGerke
  • 3
  • 3
6 Comments
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 39657927
If you are getting SSL errors then that is the problem - ActiveSync is very sensitive to SSL problems on most devices.
Is it a trusted SSL certificate? If not it should be. Have the host names involved changed?
If you browse from a desktop to the host name that you are using, do you get the SSL prompt? If so, look at the SSL certificate. Is it the correct one?

Simon.
0
 

Author Comment

by:DaveGerke
ID: 39657957
We had ssl errors before I moved servers and webmail works with the DSL error. I have punted working on this and have paid Microsoft $300 to fix. Have been on phone for two hours
0
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 39657963
Webmail will work with SSL errors, activesync cannot cope with the certificate prompts.
A trusted SSL certificate is $10, would save a lot of the hassles.

Simon.
0
Three Reasons Why Backup is Strategic

Backup is strategic to your business because your data is strategic to your business. Without backup, your business will fail. This white paper explains why it is vital for you to design and immediately execute a backup strategy to protect 100 percent of your data.

 

Author Comment

by:DaveGerke
ID: 39659550
Simon,
I was just going to use the built in certificates from exchange on the server.  I pay about $200 a year for SSL certs for other websites we have. Where can I get a $10 SSL cert.  Do I need to buy the cert for my website email address webmail.caregrp.com/exchange or my exchange server ZEUS?  Not sure how to install this and will need to do some reading.  Thanks for the help.
0
 
LVL 63

Accepted Solution

by:
Simon Butler (Sembee) earned 500 total points
ID: 39664178
There is no need to pay $200 for a certificate.
You can get certificates for $10 from GoDaddy, which are trusted by most mobile devices. If you don't want the GoDaddy name on the certificate then find a reseller account - they use the same certificates just without the GoDaddy name.

On Exchange 2007 and higher the self signed certificates are not supported for use with ActiveSync.

Simon.
0
 

Author Closing Comment

by:DaveGerke
ID: 39664201
This was helpful and I had Microsoft fix the problem that had to do with a internal IP number in my IIS owa granted access list. I just missed it when I moved the servers.  I was asking if the $10 certificate was a year term. I can find that all out by just visiting the site for go daddy or geotrust who I use now. I'm not sure why I am paying so much I will research.  I did not realize all SSL certificates were the same.  This was really a side conversation on my problem and I will give the points to this item which I need to address anyways to have a cleaner system.
0

Featured Post

Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article explains in simple steps how to renew expiring Exchange Server Internal Transport Certificate.
The new Gmail Phishing Scam going around is surprising even the savviest of users with its sophisticated techniques.
To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…
how to add IIS SMTP to handle application/Scanner relays into office 365.

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question