[Webinar] Streamline your web hosting managementRegister Today

x
?
Solved

cannot connect mobile phone to windows 2003 sbs/exchange 2003 to pickup emails

Posted on 2014-02-14
14
Medium Priority
?
645 Views
Last Modified: 2014-11-12
hi, I have a few phones that I would like to pickup emails on. we have a windows 2003 sbs running exchange 2003.
I get from the MS test connectivity site

Host name mail.domain.co.uk doesn't match any name found on the server certificate CN=www.domain.co.uk, CN=companyweb, CN=2003SBS, CN=localhost, CN=2003SBS.mydomain.local

windows phone reports
we're having problems connecting to mail.domain.co.uk
error code 80072FA8

we do not use a paid for SSL. And ideally would like to stay away from that on this server.
0
Comment
Question by:total123
  • 5
  • 4
  • 3
  • +2
14 Comments
 
LVL 19

Expert Comment

by:Miguel Angel Perez Muñoz
ID: 39858614
You need to install a SSL certificate in order to get this working using active sync, or you can enable IMAP and use IMAP as mail protocol:http://searchexchange.techtarget.com/tip/How-to-set-up-an-SSL-certificate-to-encrypt-OWA-and-ActiveSync-traffic
http://www.petri.co.il/how-to-enable-imap-access-to-exchange-mailboxes.htm
0
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 39858620
Windows Mobile has a huge problem with self signed certificates. It does not like them one bit.
You should switch to a trusted certificate, as this is SBS 2003, you can use a standard single name SSL certificate, which you can pick up for $10/year if you look around.

Saying that though, with SBS 2003, you are going to have a lot of problems with modern ActiveSync devices because of its age. An upgrade of SBS is the only option to get something reliable.

Simon.
0
 
LVL 31

Expert Comment

by:LeeDerbyshire
ID: 39858691
At this stage, it only seems to be complaining that

mail.domain.co.uk

doesn't match any name found on the server certificate

CN=www.domain.co.uk, CN=companyweb, CN=2003SBS, CN=localhost, CN=2003SBS.mydomain.local

It may help to add the name to the certificate (although I've no idea how you would do that - I didn't even know you could have more than one host name for a certificate). Or issue a new one in the name mail.domain.co.uk .

Of course, it might then complain that it doesn't recognise the issuer. But if you really do have a good reason to avoid buying a certificate for this server, it may be worth trying the new certificate name first.
0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 

Author Comment

by:total123
ID: 39858702
exchange 2003 has never required ssl certs. I've support dozens on exchange 2003 servers with out ever having the cert. but I will except that exchange 2007 upwards does require one.
this is why I don't want to use one on 2003.

thanks for the ideas
0
 
LVL 22

Expert Comment

by:Larry Struckmeyer MVP
ID: 39858756
Host name mail.domain.co.uk doesn't match any name found on the server certificate CN=www.domain.co.uk, CN=companyweb, CN=2003SBS, CN=localhost, CN=2003SBS.mydomain.local

So when you ran the CEICW to generate a self signed cert, what did you put into the certificate field in the wizard?  And is there a public DNS MX record for that name?
0
 

Author Comment

by:total123
ID: 39858772
CEICW would have been run 6 years ago when it was installed, it's not been run since.

there is a public DNS for mail.domain.co.uk
0
 
LVL 22

Expert Comment

by:Larry Struckmeyer MVP
ID: 39860637
Then run it far enough to see the cert name and let us know.  You can just step through it and cancel once you see the cert name.
0
 
LVL 31

Accepted Solution

by:
LeeDerbyshire earned 750 total points
ID: 39860807
You're quite right - it doesn't actually require certs. No version of Exchange actually requires them, in the sense that the SSL requirement can still be unchecked in IIS. It's just that SSL being required has become the default setting over the last decade, since people have become more security-conscious. If you're happy to see if your ActiveSync will work without SSL, then see if you can find the Microsoft-Server-ActiveSync VDir in IIS, and uncheck the Require SSL checkbox.
0
 

Author Comment

by:total123
ID: 39867681
hi, sorry for the delay. SSL cert unchecked doesn't work
0
 
LVL 31

Expert Comment

by:LeeDerbyshire
ID: 39869984
Have you tried configuring the device to not use SSL? If the device is still configured to use SSL (either because the server address starts with https, or there is a 'use secure channel' checkbox somewhere in the config pages), then it will still try to use SSL even if it's not required at the server end.
0
 

Author Comment

by:total123
ID: 39870011
would the microsoft active sync test not work with exchange any more maybe ?


as the webmail access is

http://mail.mydomain.co.uk/exchange
rather than /owa
0
 
LVL 31

Expert Comment

by:LeeDerbyshire
ID: 39872951
You don't enter the OWA URL when configuring ActiveSync - just the basic server address. A/S doesn't have anything to do with OWA - it has its own directory https://mail.domain.com/Microsoft-Server-ActiveSync . Although you are never required to actually enter it in that full form.
0
 

Author Comment

by:total123
ID: 39876098
it seems that my android phones works when ssl is unticked, but ssl ticked doesn't work.
which would be fine if the blackberry device allowed me to untick ssl.
0
 
LVL 22

Assisted Solution

by:Larry Struckmeyer MVP
Larry Struckmeyer MVP earned 750 total points
ID: 39876537
You can purchase a ssl cert from www.ssls.com for 4.95 per year.  It has to be ordered from IIS, not the SBS wizard, and then exported from IIS and imported in the wizard, but it works.  For a higher price you can use enom or Go Daddy or others of your choice.
0

Featured Post

Easily manage email signatures in Office 365

Managing email signatures in Office 365 can be a challenging task if you don't have the right tool. CodeTwo Email Signatures for Office 365 will help you implement a unified email signature look, no matter what email client is used by users. Test it for free!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In my humble opinion (IMHO), TouchDown from Symantec is the best in class for this type of application, but Symantec has end-of-lifed it and although one can keep using it, it will no longer be supported or upgraded.  Time to look for alternatives t…
The Exchange database may sometimes fail to mount owing to various technical reasons. A dismounted EDB file can be the source of many Exchange errors including mailbox inaccessibility for users. Resolving the root cause of mounting problems becomes …
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…
Planning to migrate your EDB file(s) to a new or an existing Outlook PST file? This video will guide you how to convert EDB file(s) to PST. Besides this, it also describes, how one can easily search any item(s) from multiple folders or mailboxes…
Suggested Courses
Course of the Month10 days, 4 hours left to enroll

591 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question