I have been trying to get my 8525 to do OTA Push Mail from our corporate Exchange 2003 SP2 server here where I work. I am the admin so I have access to the Exchange server and all settings are correct on the server itself to deal with OMA.
I can use the web browser of my 8525 and actually browse to our server and view both OWA and OMA directly, but when I configure the server through Activesync it always comes back with error code 80072ee7 (server name not resolved) error.
I am running vp3g's official v3 AT&T rom, and radio 1.48 if that matters. But here's where I think my problem lies and maybe someone with more experience regarding this can correct me if I'm wrong. We are running our OWA site on a high port number above 50000. We also have the OWA site under a subdirectory of the server. When I configure the server in Activesync, I enter the servername, port number and path to the OWA site, but once AS fails and I look at the server setting I find that it has dumped any path information and only keeps the server name and port number info.
So am I correct in assuming that M$ direct push only works with a server where the OWA site exists off the root directory of the IIS server? Or can it support paths into the site?
Actually push email relies on the Microsoft-Server-Activesync web application, and has little to do with OWA/OMA. I seem to recall that specifying port numbers and/or directory paths won't work though... May I ask why you're running the Exchange web services in such an unusual manner? Are you hosting other sites in that same IIS server as well?
kltye said:
Actually push email relies on the Microsoft-Server-Activesync web application, and has little to do with OWA/OMA. I seem to recall that specifying port numbers and/or directory paths won't work though... May I ask why you're running the Exchange web services in such an unusual manner? Are you hosting other sites in that same IIS server as well?
Click to expand...
Click to collapse
Actually that's the way it was set up before I started with the company. We have outside sales people that use the site and they felt it would be slightly more secure if it wasn't sitting on port 80 like most web sites. The boss won't let me change the port number at this time.
So activesync on the 8525 won't allow a port number? I thought it would because it keeps that in the server config info it'll dump any path info, but I figured out the path was not needed after a little tweaking. I just can't do anything about the port at this time.
I'm with kltye... don't think push has much (if anything) to do with OWA/OMA. It runs over port 443 (https). I believe it actually starts on port 80 (http) then switches to 443, but I'll spare you the ugly details on that one. Only need to know that for firewall config purposes.
Drop the port # and path and see how that goes.
Codevyper said:
Actually that's the way it was set up before I started with the company. We have outside sales people that use the site and they felt it would be slightly more secure if it wasn't sitting on port 80 like most web sites. The boss won't let me change the port number at this time.
So activesync on the 8525 won't allow a port number? I thought it would because it keeps that in the server config info it'll dump any path info, but I figured out the path was not needed after a little tweaking. I just can't do anything about the port at this time.
Click to expand...
Click to collapse
Security through obscurity eh?
I'm with vp3g as well: doesn't the https site run over 443? If it doesn't, maybe you can create a new Website and use the same settings as the original Exchange-Activesync web app, but have it listen on 443 for https. Are you able (i.e. "have permission") to open up port 443 on your corporate firewall?
Just did a quick perusal of my Exchange Server... appears as though push is an extension of OMA. If you don't have a Microsoft-Server-ActiveSync virtual directory off the Default Web Site (or some site listening on ports 80 & 443), you may be hosed.
Possibly related, but do you have a trusted SSL cert installed on the server? Without that, you might have a problem connecting.
vp3G said:
Just did a quick perusal of my Exchange Server... appears as though push is an extension of OMA. If you don't have a Microsoft-Server-ActiveSync virtual directory off the Default Web Site (or some site listening on ports 80 & 443), you may be hosed.
Click to expand...
Click to collapse
Yeah that's what I figured. I have the ActiveSync virtual directory within the Default Website along with OMA, but the server is listening on ports 60000 & 443 rather than the typical port 80.
You would think there would be a registry hack for AS on the mobile device whereby you could specify a non-standard port for syncing.
TaurusBullba, to answer your question. We don't have a cert (yet) for the Exchange server. That however doesn't matter for normal http connections, only if I attempt to use port 443 as the connect point for AS. Before the year is out, we'll more than likely acquire a cert for that server as well as our http server, but at the moment. I got nothing.
Inline........
Codevyper said:
Yeah that's what I figured. I have the ActiveSync virtual directory within the Default Website along with OMA, but the server is listening on ports 60000 & 443 rather than the typical port 80.
60000 is probably the killer as I noted earlier that push starts on 80 and jumps to 443.
You would think there would be a registry hack for AS on the mobile device whereby you could specify a non-standard port for syncing.
I think it was built around 80/443 to avoid client-side firewall issues.
TaurusBullba, to answer your question. We don't have a cert (yet) for the Exchange server. That however doesn't matter for normal http connections, only if I attempt to use port 443 as the connect point for AS. Before the year is out, we'll more than likely acquire a cert for that server as well as our http server, but at the moment. I got nothing.
You can do a "self-signed" certificate (i.e., generated by Windows Server) at zero cost. Downside is that it must be exported, copied to the device and installed.
Click to expand...
Click to collapse
vp3G said:
Inline........
Click to expand...
Click to collapse
Thanks for the help everyone. We will be building a new Exchange server later this year and I'll push to throw the site back on 80 at that time. In the meantime, I'll try the self-signed cert and see if that gets me in. Thanks everyone for your help! This site is a great resource for WinMo newbies like myself. BTW vp3g... lovin your AT&T v3 ROM. Solid and no problems overall!
BTW, I don't think ActiveSync starts off with port 80 - I was running a personal Exchange server off my cable connection whose incoming port 80 is blocked and everything worked fine using only 443. Good luck with the setup!
Related
Hi ... I have a problem with the configuration of my email account.
I need to change the default SMTP port 25 with another because my ISP use another ... How can I change It?
The version of my ROM is 3.30.
THNX.
ekkelon said:
Hi ... I have a problem with the configuration of my email account.
I need to change the default SMTP port 25 with another because my ISP use another ... How can I change It?
The version of my ROM is 3.30.
THNX.
Click to expand...
Click to collapse
Apologies if I am wrong on this one but don't you just add it to the end of the mail server address in options?
ie. if mail server is : mail.server.com and you want to use port 2525, then you put in:
mail.server.com:2525
I cant get this to work - anyone know if it would be possible to create a cooked rom with a given port hardcoded into the pocket outlook app?
Dave.
port 2525 sounds like a socketmail email service
nah, 2525 is a common mail services alternate port to get around the ISP's blocking of port 25.
My mail service will also use port 587.
Anyway adding :2525 after the mail.server.com works fine here.
serverort does work
I am using servernameortnum currently in WM6 on my hermes, so it does work.
I am using port 465, the secure SMTP port. that, or 587 (the mail submission agent port) is likely unblocked by ISPs, but you would have to make sure that the server is listening there, and you will almost certainly need to authenticate to the smtp server. Many servers will only allow authentication over a secure link, so you might need SSL enabled too.
I had trouble however with SSL and SMTP AUTH in pocket outlook. If anyone else does, this might be useful: http://lists.exim.org/lurker/message/20040609.135310.ba09a6e4.html
Based on that link I ended up needing to make sure my mail server started conversations on port 465 in SSL/TLS mode (rather than waiting for a STARTTLS). For anyone using Exim, that means setting "tls_on_connect_ports = 465" in your config. For people using a commercial mail server, you might just have to try lots of ports and setting permutations.
So the short version is that serverort does work, but there are other concerns as well.
note that is "colon" "p". or a dumb looking little face.
I am currently using WM6 and am trying to get EMail through our Exchange server setup; however, my Dash s620 will not properly save the server's address.
The address for our OWA is (ex) mail.email.com:8888/exchange
and this address works fine in Internet Explorer etc, but when I enter this into the phone it removes the /exchange and only saves up to :8888, which then gives me "Error synchronizing" when trying to connect. Our Exchange server does have Exchange ActiveSync enabled along with Direct Push enabled.
Any ideas?
Thanks in advance
I think that you have to check your ActiveSync settings on Exchange. I know that Microsoft have a lot of KB's about that.
It does the same thing on mine, erases exchange, but mine is cool. Are you sure you are putting in the Domain?
jt76542 said:
It does the same thing on mine, erases exchange, but mine is cool. Are you sure you are putting in the Domain?
Click to expand...
Click to collapse
Yeah I've tried every which way I could think of for the login credentials.
I'll sift through some more MS articles tomorrow afternoon, see if I can't find anything... baffled though, really.
K this is going to be a huge PITA I can tell.
I adjusted the Virtual Directory for the default web site in Exchange System manager to point directly to /exchange, eliminating the need for anything after the :8888. It works fine in IE etc, quickly brings up a login prompt. Using the phone's IE and going to the http://mail.email.com:8888 works fine, prompts a login accordingly...
I configured a coworkers Blackberry to use our OWA and it works fine, but I'm not sure if it uses Push Email (Exchange ActiveSync).
What is it about the Dash that won't mesh? The server is not using SSL so I couldn't see it being a certificate issue (maybe it still is?). Is there anyone around who manages an Exchange Server and could perhaps shed some light on common settings that need to be adjusted for Exchange ActiveSync?
Such a nuisance
ActiveSync on the phone reports "The server could not be reached. Please verify the server name." Support code: 0x80072EE7
It reports back with this no matter how I enter the address (which again, works fine in IE). Devil phone
8888 is definetly not standard for publishing ActiveSync.
the software will connect to either MailServer:80 if the SSL checkbox is cleared or MailServer:443 if the checkbox is checked.
don't think you'll get ActiveSync connect to something else.
Why don't you change your port back to 80?
you are already exposing your server to internet without any form of protection (no SSL so your password can be sniffed over the network) and having port 8888 buys you nothing in terms of security since any port scanner will report the port as opened and eventually get the HTTP banner from the IIS Server.
So, get back to a standard config and you'll love your DASH again.
UM
hey guys,
am desperately trying to fix my home based exchange server. it's been running fine with 100% uptime since last december. about a week back i was twiddling with some settings in windows and completely destroyed it.
i lost my backup of the entier machine too (it's pretty much a dedicated box for exchange). hence did a rebuild.
however now i'm just not getting it to start up. symptoms:
- OWA (outlook web access) worked. both secure and insecure modes. works on my pc.
- does not work on my PDA - OWA works but no activesync
- disabled ssh and followed the instructions here
- the phone now gives error support code 85010004 "your account in microsoft exchange server does not have permission to synchronise with your current settings. contact your exchange server administrator."
kind of annoying!
- form based authentication is enabled
- basic authentication and integrated windows authentication are ON
- same error whether or not i require SSL.
any tips?
I occasionally get the exact same error message when I sync with my company's exchange server, I have to do a soft reset on the phone and then it works fine. No idea how to fix it so bump
we had quite a few issues originally and think this is one of them i think.
Most revolved around having a recognised accessible dns address that allowed a direct link.
never got ssl to work.
the other issue was getting appropriate certificates that were private to be issued when creating the sync partnership.
can u sync internally using exchange server via a cradled activesync?
get this 2 work first, then look to external push.
I ended up paying it engineers to get it to work over an sbs 2003 box as it was all to much.
but dns addresses being made public, that were also accessible internally (reverse lookup i think) along with no ssl and certificates being correct were our main hurdles.
issue fixed i'm all live! after all that effort i really feel i should open this up to those who don't want to spend days fixing it up...
check http://forum.xda-developers.com/showthread.php?t=346022. currently looking for testers for 1-2 days before i make a subscription based service!
Long time user of windows mobile devices and long time reader of this great forum ( well nearly 2 years anyway )
I've not contributed much as I dont posses the knowledge that some of you guys have.
For those new people that come on here the only advice I would ever give is search and read, the answers are nearly always there.
Anyway on to my point.
I have just set up an exchange server ( windows small business server 2003 ) and have things syncing across the airwaves nicely.
Laptop, desktop and mobile device all saying the same thing with no duplicates poping up. ( Always seemed to be a problem when syncing between two computers, for me anyway )
Also able to use Outlook Web Access.
Set this up for myself for a couple of reasons, firstly to make sure all computers where synced properly and secondly because it was worth a challange to learn how to do it.
If there are any people out there that would like the facility that exchange server gives PM me, as i will give it a go setting it up.
You will get exchange server syncing ( calender, contacts, tasks and emails ) with desktop/laptop outlook, outlook web access and an email address that you will can use to forward existing mail to. ( sorry only way to get emails to you )
Going to open this up for a couple or more people mainly to get it working properly. ( so far no problems for myself )
If I do open it up for more a donation would be nice to help pay for the outlay of equipment and for the increase in my electric bill to keep it going.
So if anyone is interested feel free to PM me.
What do you have it running on? Looking at doing the same myself.
Just a bog standard computer, nothing special
An old MSI K8 Neo motherboard with an Athlon 64 3000 2 Gig ram
Dual 250 gig discs in raid mirror for data
and a 120gig for operating system
Windows 2003 small buisness server with R2 technologies
it was also an excuse to upgrade by desktop as well.
well chuffed with how seamlessly it works with the syncing.
do you have microsoft direct push enabled on that exchange server? I would like to do that myself, don't know if it's possible
Yes got it set up.
They call it direct push but i think it goes more along the lines of your phone keeping a link open to the exchange server then as soon as an email is recieved it gets pushed across.
From what ive seen so far i'm sure the battery life is longer now than having the phone looking at a set time period for new mail.
Easy to set up as well, especially the phone side.
thanks, is the direct push functionality included in exchange server. Is it on the install cd's? I'd like to install it for my own domain, don't want to spend lots of money on blackberry server or services.
2.edge is enabled all the time on your phone, just as with blackberry? Does your phone send data at an interval, or is it the server that sends?
You need to make sure you have SP1 or R2 Technologies version for direct push with the server software
you have to set up a user profile that has permission to you the mobile services.
Also if your on a dynamic ip address its handy to have an external service set up to keep track of any changes there. And to get the full use of the server a domain name.
on the phone side you go to activesyn, and in the menu is configure server option. configure the server and thats it done.
The phone does seem to have a data connection all the time.
While i'm at work today i will write out the steps i had to do to get it working fully.
at work now so here we go :-
1) Get a domain name www.
2) If on broadband and on a dynamic IP use the services of someone like zoneedit for redirection.
(for remote access) vpn.yourdomainname to your broadband ip address
(for mail ) mail.yourdomainname to your broadband ip address
(for web ) www.yourdomainname to either your ip address if hosting it on your server or to the ip address of your web host.
(for ftp access ) ftp.yourdomainname to either your ip address if hosting it on your server or to the ip address of your web host.
follow the other instructions on zoneedit to forward the dns server addresses to your domain name admistrator.
3) Get Windows SBS or Server 2003 SP1 With R2 Technologies
4) Load onto a PC
5) Make sure all service patches and updates are loaded.
6) Download a program for updating any changes of dynamic IP address such as DirectUpdate and set up a couple of updates to the vpn mail and ftp.yourdomainname. ( easy enough follow the instructions )
7) Go through the todo list and set up wizards on the server.
a) make sure when setting up email and internet that in the creation of a certificate you put in vpn.yourdomainname
b) also make sure when setting up user access they have privilages for mobile access
8) go into internet explorer, content menu and find the certificate you have created and export it.
9) connect your phone via activesync to a computer connected to the server network and copy over the certificate.
10) run the certifcate on the phone to install it.
11) go to activesync on the phone ( can disconnect for this bit ) and set up exchange server using the vpn.yourdomainname
12) after that it should sync
I may have missed a couple of steps in that or have done something wrong but it is all the steps i can remember and it worked for me.
I can't get my exchange setup and am really wanting to find a way to at least get (don't need to respond even... just view).
I have all my info the phone asks for for exchange, but I get the following message when it trys to connect:
Your Microsoft Exchange Server account does not have permission to synchronize with your current settings. Contact your Exchange Server administrator.
Click to expand...
Click to collapse
I've also tried setting up a rule in outlook to forward all incoming mail to a gmail account and that's not working either.
Are there any other options I have here? Corporate won't even talk to me (I tried) because they support ONLY phones they provide and they didn't provide this one (they're blackberry fanboys).
I used to have a blackberry (not one they provided) and could get email fine on it through BIS. Is there anything like BIS for phones other than BB? Something where you set up an exchange account online with the service and they then forward the mail to your phone or something?
I was able to setup my Exchange support no sweat. This is the first android device available in the US that can handle the harsh security policies set forth by my company. Works great.
You need to make sure you have the following info:
Account name
Password
Domain
Email Address
Server <this may be your issue>
whether or not they support SSL
The server is most likely not "yourcompany.com". For example my company uses "webmail.yourcompany.com". Secondly, your account name should be the same as your email address with the "@yourcompany.com" part. Its possible for it to be different. You should be able to get the domain name from your corporate PC/Laptop. aside from that, just try with the SSL option. If that fails try it again without.
byproxy said:
I can't get my exchange setup and am really wanting to find a way to at least get (don't need to respond even... just view).
I have all my info the phone asks for for exchange, but I get the following message when it trys to connect:
I've also tried setting up a rule in outlook to forward all incoming mail to a gmail account and that's not working either.
Are there any other options I have here? Corporate won't even talk to me (I tried) because they support ONLY phones they provide and they didn't provide this one (they're blackberry fanboys).
I used to have a blackberry (not one they provided) and could get email fine on it through BIS. Is there anything like BIS for phones other than BB? Something where you set up an exchange account online with the service and they then forward the mail to your phone or something?
Click to expand...
Click to collapse
BIS is different than Exchange, it connects to Exchange but does it's own thing with email, calendar, etc..
If you have never connected to your Exchange server using ActiveSync, it would need to be configured on the Exchange server.
The forwarding is also an Exchange server side configuration that the "fanboys" would need to setup.
I know you can have gmail check email on an external account, did you try configuring that?
okay... so if you don't mine i'll post the info you're saying i need with what i think the information is based on what i'm pulling from my outlook on my work computer. i'll change the info though to keep things secure. this is what i'm asked for when i try to create the account and what i'm entering:
email address: firstname.lastnameATcompanyDOTcom
server address: two options here and i've tried both. the first is listed as the microsoft exchange server on the first window that comes up when i select the account: letters-letter22.ab.lettersDOTnet the second is listed under more settings > connection > exchange proxy settings: ab.lettersDOTcom
domain name: i'm not sure of this one but figured it was one of two things. the first would be what i type in before my username when logging in: ab-letters (so when i log in i type (ab-letters\username). the second would be the url for the OWA option which is: companymailDOTcom
username: again, i've tried two options one is just my username and the other is my full login as needed when logging into outlook or OWA (ab-letters\username).
password: password
and i've tried with both the ssl box checked and not checked.
that said, what am i missing or entering wrong? thanks for the help!
mycomputerisjunk said:
BIS is different than Exchange, it connects to Exchange but does it's own thing with email, calendar, etc..
If you have never connected to your Exchange server using ActiveSync, it would need to be configured on the Exchange server.
The forwarding is also an Exchange server side configuration that the "fanboys" would need to setup.
I know you can have gmail check email on an external account, did you try configuring that?
Click to expand...
Click to collapse
i tried the gmail option. said the server didn't allow for pop access.
use the address you use to access webmail. usually it's
owa.company.com
webmail.company.com
mail.company.com
if they don't allow MS ActiveSync I don't know what you can do.
if POP or IMAP is not an option, and the forward is not working (most companies don't allow that as a data leakage prevention) there is little to nothing you can do.
just weird they don't allow ActiveSync. you would read emails out of the office and become more efficient. very bad business policy.
when i log into OWA... the address is:
h t t p s :// w w w .companymail.com/OWA/
(sorry for the spacing... won't let me post urls)
will that not work?
byproxy said:
okay... so if you don't mine i'll post the info you're saying i need with what i think the information is based on what i'm pulling from my outlook on my work computer. i'll change the info though to keep things secure. this is what i'm asked for when i try to create the account and what i'm entering:
email address: firstname.lastnameATcompanyDOTcom
server address: two options here and i've tried both. the first is listed as the microsoft exchange server on the first window that comes up when i select the account: letters-letter22.ab.lettersDOTnet the second is listed under more settings > connection > exchange proxy settings: ab.lettersDOTcom
domain name: i'm not sure of this one but figured it was one of two things. the first would be what i type in before my username when logging in: ab-letters (so when i log in i type (ab-letters\username). the second would be the url for the OWA option which is: companymailDOTcom
username: again, i've tried two options one is just my username and the other is my full login as needed when logging into outlook or OWA (ab-letters\username).
password: password
and i've tried with both the ssl box checked and not checked.
that said, what am i missing or entering wrong? thanks for the help!
Click to expand...
Click to collapse
Your Email:firstname.lastnameATcompanyDOTcom
Your Server: companymailDOTcom <-- most likely your OWA server
Yoru Domain: ab-letters <--- from ab-letters\username
Accountname: username <-- from username
password: password
That should be enough. Of coarse try the SSL option both ways.
Here.. When we deployed our exchange server this is how we setup the server.
The main 2 things you need to know is email server and active directory domain. For this example ill use:
Email Server: mail.company.com
Domain: company.com
So..
Email: [email protected]
Server: mail.company.com
Domain: company.com (in some cases, it can be left blank)
Username: myname
Password: pass
Depending on how things are configure, sometimes you may need to use company\myname as the username, but most times not.
Also, as I mentioned before.. It really depends on how things are setup. If the server admins don't allow activesync, your out of luck. Also, things like hub transport servers in the mix can effect how email is accessed as well. If your admins can't give you the info you need for this... Um, perhaps they need to find other work.
mycomputerisjunk said:
Domain: company.com (in some cases, it can be left blank)
Click to expand...
Click to collapse
By domain, it looking for your PDC (Primary Domain Controller). Not your companies URL domain unless you somehow named your internal PDC the same thing.
This would be the part that he types just before his username during his authentication sessions.
Let us know how you fair.
tried every suggestion offered here. sadly, no dice. i get the same security warning i mentioned in my first email. given that my previous BB was NOT issues by corporate yet i was able to retrieve work email fine (through BIS of course), i can only assume that they've somehow managed to set up the system so that it doesn't work with anything other than BIS or BES.
looking for any other possible solutions/alternatives. as i mentioned before, the whole forwarding thing didn't work so unless there's another way, gmail isn't even an option. any thoughts?
All out of ideas for getting email and events pushed to your phone. You can use the HTC Sync App and do it at the desktop. Also the OWA client works great in the web browser.
Lastly, you can escalate internally, but I'd recommend writing up a small business case to demonstrate the benefits before you do so. They did that in my company and that got use away from having to use Good Link.
If you can get your exchange administrator to agree to allow Activesync connections for retrieving mail, you could use an app like Nitrodesk's Touchdown v5 (for 2.0 and above).
Been using it on my Droid and it's stable and reliable if a bit choppy when swapping inbox folders.
Hope that helps.
Sent from my Droid using the XDA mobile application powered by Tapatalk
ya. i tried that one too just in case to i knew for certain it was on their end and not something with the phone. nice program.
sadly... no help. there's no way i'm going to convince them to do anything different than what they're doing now. when i say i work for a corporation, i mean i work for a CORPORATION. LOL. it's frikin huge with tons of employees, all over the world. that makes me a tiny little bug. LOL. when i made my call to IT they wouldn't even talk to me about anything email-cellphone related since i'm not high enough to even be considered for a corporate issued BB. LOL.
i do have one more chance. i can't remember what options are available in BIS, but my wife is going to take over my storm1 now that i have the new incredible. we're going in today to make the swap. my hope is that i can set my work email up in BIS as i did before but then auto forward it to a gmail account from within BIS. will be nice if i'm able to do this though it's still stupid that they don't let their frontline workers have access from their personal cellphones.
well, i made a bit of progress today. i still haven't connected yet, but after adding my account to BIS i was able to view the email server it uses to connect to the exchange server which is different from the one i was using before.
that said, i'm not getting that security msg i was getting before. now, though, i keep getting a message saying i can't be authenticated. i've tried lots of different options for the username to see if i could get in with no luck. any thoughts? i feel like i'm closer... but still so far away. thanks for the help!
cyberstraz said:
If you can get your exchange administrator to agree to allow Activesync connections for retrieving mail, you could use an app like Nitrodesk's Touchdown v5 (for 2.0 and above).
Click to expand...
Click to collapse
Personally, I like the one built in to incredible more than the touch down app. I can see it all using the HTC widgets in Sense. Its very nice.
found a work around i thought i'd share. it's not great by any means, but it lets me view work email on my phone.
i setup a seperate gmail account just for work. then in outlook on my work computer i added the gmail account as an imap. then i created a rule to copy all incoming mail to the gmail inbox folder in outlook. this then syncs (obviously) with the gmail account and i pull the gmail to the phone through the native gmail app. it requires me leaving my computer at work on 24/7 but it's the only solution i could come up with for the time being.
Can anyone confirm if the incredible deals with the issues raised in this post ? code.google.com/p/android/issues/detail?id=4475 e.g. remote wipe/Simple Pin request etc?
Thanks.