Grrr, I'm getting a little frustrated, well a lot frustrated. We've just recently gone the route of setting up OWA and now I'm working on ActiveSync. We have an Apache server that is setup with a reverse proxy to do OWA, and it works flawlessly. Attempting to do the same thing with ActiveSync, and it's not working. I go between getting an 0x85010014 error code on the device to it prompting me to "Please correct your Exchange Server password." on the device over and over again. It just depends on what settings I have in IIS, I've broken OWA a few times in this and fixed it, but I don't know what it is I'm missing.
Exchange 2003 sp2, IIS6, and some windows device that my manager had laying around that we've put a sim card in. ISA is out of the loop since we're doing a reverse proxy from an Apache server, and we've had to install a root cert from our colo facility on the device. My apache guy says we don't need the cert on the exchange server because we're doing the reverse proxy. I've got the active sync virtual directory set to ignore client certs, it's also set for no anonymouse access, and Integrated Windows authentication. What else do I need to look at in IIS? What other settings on what other directories do I need to make? Yes, I've been googling and searching for answers since yesterday afternoon and not making any progress. Oh, I get the 10014 error code when I set the active sync virtual directory to have both integrated & basic authentication, or to just basic authentication. Thanks all On 7/16/08, Clayton Doige <[EMAIL PROTECTED]> wrote: > > Sorry to ask what could be a dumb question, but your verisign cert, you > have installed it back into your computer's personal certificate store etc > etc? As it's verisign as long as the FQDN on the cert matches the FQDN on > the iPhone's exchange server address you should be OK. > > 2008/7/16 Dennis Rogov <[EMAIL PROTECTED]>: > >> The cert was deployed by VeriSign. Is there a way to install the >> certificate directly on the machine? >> >> >> Dr >> >> Dennis Rogov >> Senior Network Analyst >> THE Peer GROUP an informed medical communications company >> >> 379 thornall street, 12th floor | edison, nj 08837 usa >> >> Direct: 732-205-8376 | fax: 732.321.0636 |Cell:732.861.2277 >> >> [EMAIL PROTECTED] www.peergroupinc.com >> [This e-mail and any attachments thereto, is intended only for use by >> the addressee(s) named herein and may contain legally privileged and/or >> confidential information. No confidentiality or privilege is waived or >> lost by any mistransmission. If you are not the intended recipient of >> this e-mail, you are hereby notified any dissemination, distribution or >> copying of this email, and any attachments thereto, is strictly >> prohibited. If you receive this email in error please immediately notify >> me at (732) 205-8376 and permanently delete the original copy and any >> copy of any e-mail, and any printout thereof. ] >> >> >> >> >> -----Original Message----- >> From: Clayton Doige [mailto:[EMAIL PROTECTED] >> Sent: Wednesday, July 16, 2008 10:20 AM >> To: MS-Exchange Admin Issues >> Subject: RE: Ok it's starting BB to iPhone >> >> Is the cert trusted? In other words did you generate a cert request, >> send it off to your cert provider, etc etc etc. If you made the cert >> yourself the iPhone won't let you connect unless you install the cert up >> on the iPhone as well which I don't know how to do. HTH somewhat >> >> -----Original Message----- >> From: Dennis Rogov [mailto:[EMAIL PROTECTED] >> Sent: 16 July 2008 14:47 >> To: MS-Exchange Admin Issues >> Subject: RE: Ok it's starting BB to iPhone >> >> I don't have a front end server I just have one exchange I do have an >> SSL for my OWA it's assigned by version. >> >> Dr >> >> >> Dennis Rogov >> Senior Network Analyst >> THE Peer GROUP an informed medical communications company >> >> 379 thornall street, 12th floor | edison, nj 08837 usa >> >> Direct: 732-205-8376 | fax: 732.321.0636 |Cell:732.861.2277 >> >> [EMAIL PROTECTED] www.peergroupinc.com >> [This e-mail and any attachments thereto, is intended only for use by >> the addressee(s) named herein and may contain legally privileged and/or >> confidential information. No confidentiality or privilege is waived or >> lost by any mistransmission. If you are not the intended recipient of >> this e-mail, you are hereby notified any dissemination, distribution or >> copying of this email, and any attachments thereto, is strictly >> prohibited. If you receive this email in error please immediately notify >> me at (732) 205-8376 and permanently delete the original copy and any >> copy of any e-mail, and any printout thereof. ] >> >> >> >> >> -----Original Message----- >> From: Martin Blackstone [mailto:[EMAIL PROTECTED] >> Sent: Wednesday, July 16, 2008 9:35 AM >> To: MS-Exchange Admin Issues >> Subject: RE: Ok it's starting BB to iPhone >> >> Do you have a front end server? >> Do you have an SSL cert installed? If so, who is the provider of it? >> >> -----Original Message----- >> From: Dennis Rogov [mailto:[EMAIL PROTECTED] >> Sent: Wednesday, July 16, 2008 6:31 AM >> To: MS-Exchange Admin Issues >> Subject: RE: Ok it's starting BB to iPhone >> >> Good Morning I am still struggling to activity the IPhone >> >> From the documentation it tells me that I need to have a certificate >> >> "* On the Front-End Server, verify that a server certificate is >> installed and enable SSL for the Exchange ActiveSync virtual directory >> (require basic SSL authentication" >> >> I am somewhat confused whats being asked on the above statement. >> >> Dr >> >> >> Dennis Rogov >> Senior Network Analyst >> THE Peer GROUP an informed medical communications company >> >> 379 thornall street, 12th floor | edison, nj 08837 usa >> >> Direct: 732-205-8376 | fax: 732.321.0636 |Cell:732.861.2277 >> >> [EMAIL PROTECTED] www.peergroupinc.com >> [This e-mail and any attachments thereto, is intended only for use by >> the addressee(s) named herein and may contain legally privileged and/or >> confidential information. No confidentiality or privilege is waived or >> lost by any mistransmission. If you are not the intended recipient of >> this e-mail, you are hereby notified any dissemination, distribution or >> copying of this email, and any attachments thereto, is strictly >> prohibited. If you receive this email in error please immediately notify >> me at (732) 205-8376 and permanently delete the original copy and any >> copy of any e-mail, and any printout thereof. ] >> >> >> >> >> -----Original Message----- >> From: Dennis Rogov [mailto:[EMAIL PROTECTED] >> Sent: Tuesday, July 15, 2008 2:58 PM >> To: MS-Exchange Admin Issues >> Subject: RE: Ok it's starting BB to iPhone >> >> Do you need to have a cert dedicated for the Iphone to work? >> >> Dennis Rogov >> Senior Network Analyst >> THE Peer GROUP an informed medical communications company >> >> 379 thornall street, 12th floor | edison, nj 08837 usa >> >> Direct: 732-205-8376 | fax: 732.321.0636 |Cell:732.861.2277 >> >> [EMAIL PROTECTED] www.peergroupinc.com >> [This e-mail and any attachments thereto, is intended only for use by >> the addressee(s) named herein and may contain legally privileged and/or >> confidential information. No confidentiality or privilege is waived or >> lost by any mistransmission. If you are not the intended recipient of >> this e-mail, you are hereby notified any dissemination, distribution or >> copying of this email, and any attachments thereto, is strictly >> prohibited. If you receive this email in error please immediately notify >> me at (732) 205-8376 and permanently delete the original copy and any >> copy of any e-mail, and any printout thereof. ] >> >> >> >> >> -----Original Message----- >> From: Senter, John [mailto:[EMAIL PROTECTED] >> Sent: Tuesday, July 15, 2008 2:18 PM >> To: MS-Exchange Admin Issues >> Subject: RE: Ok it's starting BB to iPhone >> >> Looks like the Verify the Certificate is given if the cert does not >> have the autodiscover host. >> >> -----Original Message----- >> From: Sobey, Richard A [mailto:[EMAIL PROTECTED] >> Sent: Tuesday, July 15, 2008 5:08 AM >> To: MS-Exchange Admin Issues >> Subject: RE: Ok it's starting BB to iPone >> >> We use a Verisign cert and the iPhone (3G) still couldn't "..Verify the >> certificate". Pressed OK and it all worked, but I'm a bit dubious about >> it. >> >> -----Original Message----- >> From: James Wells [mailto:[EMAIL PROTECTED] >> Sent: 14 July 2008 17:13 >> To: MS-Exchange Admin Issues >> Subject: Re: Ok it's starting BB to iPone >> >> That's a pretty good question...and WM5/6 devices have the same issue. >> >> There is actually an 'iPhone Configuration Utility' that you can use >> to locally provision settings/lock down an iPhone with for Enterprise >> use. One of the tabs lets you install your own certs, in case you use >> internal PKI for the OWA/EAS SSL. >> >> But if you use something from a large cert house (Thawte, Verisign, >> etc). you should be safe. >> >> >> --James >> >> On Mon, Jul 14, 2008 at 10:46 AM, Sam Cayze <[EMAIL PROTECTED]> >> wrote: >> > I wonder what type of SSL certs they accept. Each device has a >> > different list of SSL CAs, right? >> > >> > -----Original Message----- >> > From: James Wells [mailto:[EMAIL PROTECTED] >> > Sent: Monday, July 14, 2008 10:42 AM >> > To: MS-Exchange Admin Issues >> > Subject: Re: Ok it's starting BB to iPone >> > >> > A big part of the iPhone 2.0 is licensing of the Exchange Activesync >> > software from Microsoft. >> > >> > It will allow password policies, remote wipe, etc. Email and Calendar >> > should work flawlessly. I'll know for sure once we get some demos in >> > this week (but from checking the HTTP-agents in our logs, I can see >> > that a few people already have theirs and are working). Whether this >> > is good or bad -- the Exchange copy will overwrite the local email and >> > calendar on the device (only one "profile", I guess). >> > >> > The only requirement from an Exchange perspective is to have OWA >> > servers exposed to the internet for HTTPS. If everything else is set >> > to default, Exchange Activesync will work just fine. The only rare >> > exception would be a firewall that wants to block unusual looking HTTP >> > verbs. >> > >> > >> > --James >> > >> > On Mon, Jul 14, 2008 at 9:52 AM, Clayton Doige >> <[EMAIL PROTECTED]> >> > wrote: >> >> I don't think iPhones do Active Sync do they? I thought you had to do >> > IMAP? >> >> >> >> 2008/7/14 Stefan Jafs <[EMAIL PROTECTED]>: >> >>> >> >>> I have 1 users asking what happens if he replaces his BB with an >> > iPhone? >> >>> >> >>> I'm on the BES server and I assume I delete him on the BES server >> but >> > what >> >>> do I need to do on the E2K3? >> >>> >> >>> Simply turn on Active Sync? >> >>> >> >>> __________________________________________________ >> >>> Stefan Jafs >> >>> >> >>> >> >>> >> >>> This email and any attached files are confidential and intended >> > solely for >> >>> the intended recipient(s). If you are not the named recipient you >> > should not >> >>> read, distribute, copy or alter this email. Any views or opinions >> > expressed >> >>> in this email are those of the author and do not represent those of >> > Amico >> >>> Corporation . Warning: Although precautions have been taken to make >> > sure no >> >>> viruses are present in this email, the company cannot accept >> > responsibility >> >>> for any loss or damage that arise from the use of this email or >> > attachments. >> >>> >> >>> >> >> >> >> >> >> -- >> >> Regards, >> >> >> >> Clayton >> >> [EMAIL PROTECTED] >> >> http://alsipius.com >> >> >> >> >> > >> > ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ >> > ~ http://www.sunbeltsoftware.com/Ninja ~ >> > >> > ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ >> > ~ http://www.sunbeltsoftware.com/Ninja ~ >> > >> >> ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ >> ~ http://www.sunbeltsoftware.com/Ninja ~ >> >> ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ >> ~ http://www.sunbeltsoftware.com/Ninja ~ >> >> ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ >> ~ http://www.sunbeltsoftware.com/Ninja ~ >> >> ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ >> ~ http://www.sunbeltsoftware.com/Ninja ~ >> >> ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ >> ~ http://www.sunbeltsoftware.com/Ninja ~ >> >> >> ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ >> ~ http://www.sunbeltsoftware.com/Ninja ~ >> >> ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ >> ~ http://www.sunbeltsoftware.com/Ninja ~ >> >> ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ >> ~ http://www.sunbeltsoftware.com/Ninja ~ >> >> ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ >> ~ http://www.sunbeltsoftware.com/Ninja ~ >> > > > > -- > Regards, > > Clayton > [EMAIL PROTECTED] > http://alsipius.com > > > -- Sherry Abercrombie "Any sufficiently advanced technology is indistinguishable from magic." Arthur C. Clarke ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ ~ http://www.sunbeltsoftware.com/Ninja ~
