Wow so far this is impressive. It is pushing in a timely manner and I do not see issues on performance. It is draining the heck out of the phone battery though!
On Tue, Sep 23, 2008 at 3:05 PM, mqcarp <[EMAIL PROTECTED]> wrote: > I think I have it. I do note that the server setting is very misleading. I > ended up using the direct server address ie mail.domain.com instead of the > direct OMA address like many documents online suggest ie > mail.domain.com/oma > > I never could get it to work manually configuring the device, but did get > it to work with the config utility (I use the web version). I think that > portion is due to the certificate validation being included in the config. > > That said so far only portions of the contacts, no calendar, and only > folder structure is coming across at this point. At least we are getting > somewhere! > > > On Tue, Sep 23, 2008 at 1:44 PM, mqcarp <[EMAIL PROTECTED]> wrote: > >> Thank you for sharing Sherry. I still have a few quirks going on so I will >> keep testing. A dumb mistake was not including the domain name ahead of the >> user name! I have a feeling this may not suit our CEO either, as I keep >> reading about some limitations. Will see. >> >> On Tue, Sep 23, 2008 at 11:58 AM, Sherry Abercrombie <[EMAIL >> PROTECTED]>wrote: >> >>> >>> http://www.techsack.com/2008/08/19/getting-your-iphone-to-work-with-exchange-active-sync-ssl-certificate/ >>> >>> On 9/23/08, mqcarp <[EMAIL PROTECTED]> wrote: >>>> >>>> Interesting, well OMA works fine now both internally and externally, >>>> however ActiveSync will not. This is on an iPhone. Still reviewing >>>> >>>> On Tue, Sep 23, 2008 at 10:53 AM, mqcarp <[EMAIL PROTECTED]> wrote: >>>> >>>>> I got it worked out but it is excruciatingly slow. Very odd. I will >>>>> have to look at this. Thanks all >>>>> >>>>> >>>>> On Tue, Sep 23, 2008 at 9:05 AM, Michael B. Smith < >>>>> [EMAIL PROTECTED]> wrote: >>>>> >>>>>> I did this the first time, long ago and far away. It's just part of >>>>>> the process now…here were my comments the first time I had to do it: >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> http://theessentialexchange.com/blogs/michael/archive/2007/11/13/oma-amp-activesync-after-configuring-rpc-https-and-forms-based-authentication.aspx >>>>>> >>>>>> >>>>>> >>>>>> Regards, >>>>>> >>>>>> >>>>>> >>>>>> Michael B. Smith, MCITP:SA,EMA/MCSE/Exchange MVP >>>>>> >>>>>> My blog: http://TheEssentialExchange.com/blogs/michael >>>>>> >>>>>> Link with me at: http://www.linkedin.com/in/theessentialexchange >>>>>> >>>>>> >>>>>> >>>>>> *From:* mqcarp [mailto:[EMAIL PROTECTED] >>>>>> *Sent:* Tuesday, September 23, 2008 8:48 AM >>>>>> >>>>>> *To:* MS-Exchange Admin Issues >>>>>> *Subject:* Re: ActiveSync Set Up Veterans >>>>>> >>>>>> >>>>>> >>>>>> Do you happen to use a front end Exchange server? We do not, and have >>>>>> come across a problem. In reading about the solution on MS site, this >>>>>> seems >>>>>> odd and insecure. Has anyone had to implement this fix? >>>>>> >>>>>> http://support.microsoft.com/kb/817379/EN-US/ >>>>>> >>>>>> >>>>>> On Mon, Sep 22, 2008 at 2:03 PM, Sherry Abercrombie < >>>>>> [EMAIL PROTECTED]> wrote: >>>>>> >>>>>> I have ISA in my environment, but it is not a part of the >>>>>> OWA/ActiveSync setup. I have a reverse proxy setup at my colo that is >>>>>> used >>>>>> for both OWA and ActiveSync. >>>>>> >>>>>> >>>>>> >>>>>> On 9/22/08, *mqcarp* <[EMAIL PROTECTED]> wrote: >>>>>> >>>>>> Sherry are you using ISA in your environment? >>>>>> >>>>>> >>>>>> >>>>>> On Mon, Sep 22, 2008 at 12:15 PM, Michael B. Smith < >>>>>> [EMAIL PROTECTED]> wrote: >>>>>> >>>>>> The below was current as of the release of Exchange Server 2003 sp2. >>>>>> Not sure if the attribute has additional documented values in Exchange >>>>>> 2007. >>>>>> >>>>>> >>>>>> >>>>>> You can also make the change globally easily using PowerShell or a >>>>>> tool like ADModify.Net. >>>>>> >>>>>> >>>>>> >>>>>> The final Exchange specific tab is Exchange Features, shown in Figure >>>>>> 9-9. The Mobile Services entries allow you to control, on a per-user >>>>>> basis, >>>>>> the mobile capabilities of Exchange. If you, by default, enable mobile >>>>>> services at the global level (Global Settings(R)Mobile Services(R) >>>>>> Properties(R)General) then this window allows you to disable the >>>>>> capabilities at the per-user level. Using the script made available in >>>>>> Microsoft KB 830188 (How to grant permission to use Outlook Mobile >>>>>> Access to >>>>>> specific users of Exchange Server 2003), you can globally disable all >>>>>> users >>>>>> and then pick and choose which specific users are to be allowed access to >>>>>> mobile service capabilities. >>>>>> >>>>>> >>>>>> >>>>>> The per-user AD attribute that controls these functions is named >>>>>> msExchOmaAdminWirelessEnable. If this attribute has a value of zero or >>>>>> the >>>>>> attribute is not present, then all mobile services are enabled. If >>>>>> Outlook >>>>>> Mobile Access (OMA) is disabled, but the other two features are enabled, >>>>>> then the attribute has a value of two (2). The other two items control >>>>>> specific features associated with Exchange ActiveSync (EAS). "User >>>>>> Initiated Synchronization" must be enabled for Up-to-date Notifications >>>>>> to >>>>>> be enabled; however Up-to-date Notifications may be disabled on its own. >>>>>> If >>>>>> only Up-to-date Notifications is disabled, then >>>>>> msExchOmaAdminWirelessEnable >>>>>> has a value of one (1). If both User Initiated Synchronization and >>>>>> Up-to-date Notifications are disabled, then msExchOmaAdminWirelessEnable >>>>>> has >>>>>> a value of five (5). If all three Mobile Services are disabled, then >>>>>> msExchOmaAdminWirelessEnable has a value of seven (7). >>>>>> >>>>>> >>>>>> >>>>>> If you search the Internet, you will find that other values can be >>>>>> specified for this attribute. However, the values described in the prior >>>>>> paragraph are the only values which Microsoft has documented. You are >>>>>> better >>>>>> off only using these values. >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> Regards, >>>>>> >>>>>> >>>>>> >>>>>> Michael B. Smith, MCITP:SA,EMA/MCSE/Exchange MVP >>>>>> >>>>>> My blog: http://TheEssentialExchange.com/blogs/michael >>>>>> >>>>>> Link with me at: http://www.linkedin.com/in/theessentialexchange >>>>>> >>>>>> >>>>>> >>>>>> *From:* Sherry Abercrombie [mailto:[EMAIL PROTECTED] >>>>>> *Sent:* Monday, September 22, 2008 12:55 PM >>>>>> *To:* MS-Exchange Admin Issues >>>>>> *Subject:* Re: ActiveSync Set Up Veterans >>>>>> >>>>>> >>>>>> >>>>>> The Exchange Features tab in AD for each account is the place to >>>>>> enable or disable additional Exchange features such as mobile and OWA. >>>>>> All >>>>>> these features are enabled by default and you will have to disable them. >>>>>> When we recently went through the process to setup OWA and ActiveSync, I >>>>>> had >>>>>> to manually disable everyone except those that had the proper approval >>>>>> for >>>>>> mobile and/or OWA. Check with your HR department because there are legal >>>>>> things to consider with employees checking or receiving email during >>>>>> non-business hours. >>>>>> >>>>>> In your IIS settings for ActiveSync you can set it to require SSL and >>>>>> I wouldn't recommend setting it up any other way. No SSL means that >>>>>> you're >>>>>> network credentials are being sent clear text.......very bad idea. >>>>>> >>>>>> Haven't had need to do any looking at logging for auditing at this >>>>>> point so I can't address that. >>>>>> >>>>>> On 9/22/08, *mqcarp* <[EMAIL PROTECTED]> wrote: >>>>>> >>>>>> Just have a few questions if some of you are using this feature. It >>>>>> seems frighteningly easy to set up on the server side and I want to >>>>>> ensure >>>>>> that the settings are secure. Here are a few observations for you vets on >>>>>> this: >>>>>> >>>>>> * The settings are activated for ALL users when it is enabled. Is it >>>>>> possible to disable it by default and enable specific users in AD? >>>>>> * Is there a log setting to enable for reviewing audit processes for >>>>>> pushes and troubleshooting in Exchange? >>>>>> * For iPhones, I have noticed that the config utility can require a >>>>>> certificate for the server side push set up, but if you set up a device >>>>>> manually, it will accept the connection without this validation. Can >>>>>> this be >>>>>> set to be required to avoid connections this way? >>>>>> >>>>>> This is on Exch 2003. >>>>>> >>>>>> TIA >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> -- >>>>>> Sherry Abercrombie >>>>>> >>>>>> "Any sufficiently advanced technology is indistinguishable from >>>>>> magic." >>>>>> Arthur C. Clarke >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> -- >>>>>> Sherry Abercrombie >>>>>> >>>>>> "Any sufficiently advanced technology is indistinguishable from >>>>>> magic." >>>>>> Arthur C. Clarke >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> >>>>> >>>>> >>>> >>>> >>> >>> >>> >>> -- >>> Sherry Abercrombie >>> >>> "Any sufficiently advanced technology is indistinguishable from magic." >>> Arthur C. Clarke >>> >>> >>> >> >> >> > > ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ ~ http://www.sunbeltsoftware.com/Ninja ~
