I believe it is under Mobile Services, but it is *NOT* Mobile Access. That is a 
different feature, essentially a real stripped down version of OWA

...Tim


> -----Original Message-----
> From: Maglinger, Paul [mailto:pmaglin...@scvl.com]
> Sent: Monday, August 24, 2009 11:57 AM
> To: NT System Admin Issues
> Subject: RE: Still struggling with iPhone, ISA and SSL certs...
> 
> Would that show up as ActiveSync in ADUC, Exchange Features, or is it
> referred to as Outlook Mobile Access under Mobile Services?
> 
> -----Original Message-----
> From: Tim Evans [mailto:tev...@sparling.com]
> Sent: Monday, August 24, 2009 1:49 PM
> To: NT System Admin Issues
> Subject: RE: Still struggling with iPhone, ISA and SSL certs...
> 
> Yes, that would imply that ActiveSync is on the server. But you said
> that the error message said that the user's account was not enabled for
> activesync. You need to make sure that the account is enabled first.
> 
> 
> ...Tim
> 
> 
> > -----Original Message-----
> > From: Maglinger, Paul [mailto:pmaglin...@scvl.com]
> > Sent: Monday, August 24, 2009 11:42 AM
> > To: NT System Admin Issues
> > Subject: RE: Still struggling with iPhone, ISA and SSL certs...
> >
> > > One of my users came in with an iPhone and it just worked with the
> > standard configuration we had for all our WM devices. > At the time,
> we
> > were also using an internal certificate and it just worked.
> >
> > That's right... just twist the knife... :-)
> >
> > > Do you have it working with any WM devices?
> >
> > Just with OWA now.  And as I said, just internally between the WM
> device
> > and the Exchange server.  We want to get that done before we throw the
> > ISA into the mix.
> >
> > In the IIS Manager, there is a virtual directory called
> > Micrsoft-Server-ActiveSync.  So doesn't that indicate that it's there?
> >
> > Yep, running Exchange 2003 SP2.
> >
> > -----Original Message-----
> > From: Tim Evans [mailto:tev...@sparling.com]
> > Sent: Monday, August 24, 2009 1:19 PM
> > To: NT System Admin Issues
> > Subject: RE: Still struggling with iPhone, ISA and SSL certs...
> >
> > One of my users came in with an iPhone and it just worked with the
> > standard configuration we had for all our WM devices. At the time, we
> > were also using an internal certificate and it just worked.
> >
> > Do you have it working with any WM devices?
> > ActiveSync is not OMA or OWA. In Exchange 2007, it is called
> ActiveSync.
> > In Exchange 2003, I think it was called "Always Up to Date" or Push or
> > something like that.
> > Just to confirm, you are on 2003 SP2? You do need SP to get
> ActiveSync.
> >
> >
> > ...Tim
> >
> >
> > > -----Original Message-----
> > > From: Maglinger, Paul [mailto:pmaglin...@scvl.com]
> > > Sent: Monday, August 24, 2009 10:56 AM
> > > To: NT System Admin Issues
> > > Subject: RE: Still struggling with iPhone, ISA and SSL certs...
> > >
> > > We've broken this down into several steps trying to get this to
> work.
> > > We backed away from using the iPhone and used a Windows Mobile
> device
> > to
> > > connect to the Exchange server using our internal wireless network
> > > without SSL and was able to get that to work through OWA, but the
> > > ActiveSync is still not working.  We're getting "Your account in
> > > Microsoft Exchange Server does not have permission to sync with your
> > > current settings".  We've checked Outlook Mobile Access and Outlook
> > Web
> > > Access settings and they're both enabled.  We've Google this and
> tried
> > > just about everything we've found and still not working.
> > >
> > > For those who just tuned in, we eventually want to get this working
> > > running an iPhone through an ISA 2006 server to Exchange 2003.
> > >
> > > -Paul
> > >
> > > -----Original Message-----
> > > From: Ken Schaefer [mailto:k...@adopenstatic.com]
> > > Sent: Saturday, August 22, 2009 12:35 AM
> > > To: NT System Admin Issues
> > > Subject: RE: Still struggling with iPhone, ISA and SSL certs...
> > >
> > > Huh? PKI is relatively simple technology. Usually both parties need
> to
> > > trust a mutual third party (a CA). A similar concept to Kerberos or
> > even
> > > AD in general (both clients and servers trust DCs)
> > >
> > > The tricky part about PKI is all the processes you have around
> > managing
> > > your CA, key escrow etc. What is the actual issue you are facing?
> > >
> > > Cheers
> > > Ken
> > >
> > > -----Original Message-----
> > > From: Maglinger, Paul [mailto:pmaglin...@scvl.com]
> > > Sent: Friday, 21 August 2009 10:12 PM
> > > To: NT System Admin Issues
> > > Subject: Still struggling with iPhone, ISA and SSL certs...
> > >
> > > As the Security Admin and I are still trying to get the
> > >
> >
> hell-spawned-demonic-iPhone-from-the-putrid-cesspool-of-caustic-industri
> > > al-waste-products to work through our ISA, we referred back to the
> ISA
> > > 2006 Migration Guide by Syngress.  The SA came in the morning and
> > showed
> > > me the following section in the book:
> > >
> > > "The topic of Certificate Authorities (CAs)and PKI (Public Key
> > > Infrastructure) is usually enough to drive many administrators away
> > from
> > > even considering SSL.  There are a number of reasons for this:
> > >  - The available documentation on certificate authorities and PKI,
> in
> > > general, is difficult to understand.
> > >  - The subject has the potential to be extremely complex.
> > >  - You need to learn an entirely new vocabulary to understand the
> CAs
> > > and PKI.  Often the documentation on these subjects doesn't define
> the
> > > new words, or they use equally arcane terms to define the arcane
> term
> > > for which you're trying to get the definition.
> > >  - There doesn't seem to be any support for the network and firewall
> > > administrator who just wants to get a CA setup and running so that
> he
> > > can use certificates for SSL and L2TP/IPSec authentication and
> > > encryption."
> > >
> > >
> > > Boy, that just seems to sew it up in a nutshell, doesn't it?  You'd
> > > think that if this opinion is as common as I believe it to be,
> > somebody
> > > out there could simplify the process somewhat...
> > >
> > > *thunk* *thunk* *thunk*  (head banging against desk...)
> > >
> > >
> > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> > > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
> > >
> > >
> > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> > > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
> >
> >
> > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
> >
> >
> > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
> 
> 
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
> 
> 
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

Reply via email to