Help with exchange server issue - 8525, TyTN, MDA Vario II, JasJam ROM Development

well i'm having problems with my Att 8525. I need to find a way for me to be able to connect to the exchange server at my office on an https connection. We just upgraded our security cert and now this issue keeps coming up. Does any one know how to fix it. Here is the error code: 0X8501001

lino8419 said:
well i'm having problems with my Att 8525. I need to find a way for me to be able to connect to the exchange server at my office on an https connection. We just upgraded our security cert and now this issue keeps coming up. Does any one know how to fix it. Here is the error code: 0X8501001
Click to expand...
Click to collapse
What I had to do was delete the server from the 8525 and then re-enter them. The first time it syncs OTA it should have some on-screen commands with buttons for you to hit "verify security settings" and create password for the device. You might have to download a signed security thingamijigger to it though, a certificate or whatever for it.
Hope This Helps,
Jim

I'll give it a shot right now! thanks!

Well that didn't work? umm i tried re-flashing the rom and nothing. Does anyone know how to allow HTTPS on the phone or a way for me not to use port 80 but port 443? thanks!!

Related

Disable Server Certificate

I've done some searching and one thread on this forum indicates it is not possible to Disable / Ignore Server Certificate checks.
While I have read that some roms have been cooked to do this?
Is there a hack or anything that I can apply to stop "server certificate is not valid" messages?
Thanks.
Lazarous said:
I've done some searching and one thread on this forum indicates it is not possible to Disable / Ignore Server Certificate checks.
While I have read that some roms have been cooked to do this?
Is there a hack or anything that I can apply to stop "server certificate is not valid" messages?
Thanks.
Click to expand...
Click to collapse
A little more information would be really great... Seriously, we know absolutely nothing about your device, ROM version, Exchange server version, etc...
Ah, I do apoligise, I thought it was generic and am fairly new to this!
I am running WM6 on a Vario MDA II.
The message happens when I try to connect to my internet provider to download POP mail.
Lazarous said:
The message happens when I try to connect to my internet provider to download POP mail.
Click to expand...
Click to collapse
So you've ticked the SSL required box on your pop settings for that account?
Does it need SSL? Try it unticked.
Yes. The SSL is ticked.
Without it, it does not work. With it, it works, I get the error -but- can continue.
So far I remember, it is possible to disable cert check (for WM5 at least). Someone posted the required reg tweak in the hermes forum a long time ago.
Good luck for finding it
The easiest way is still to add the CA to the trusted root
try this (worked on WM5),
http://winzenz.blogspot.com/2006/03/hacking-your-windows-mobile-50.html

802.1x Settings: Smart Card or Certificate?

I just installed the latest WM6.1 rom by Kavana. I'm trying to connect to my private/work network, and I need to use EAP type "Smart Card or Certificate", but only PEAP and TLS are listed. Are there any solutions to this issue? I searched on this forum, but could only find the same question asked (but not answered) here:
http://forum.xda-developers.com/showthread.php?p=2028467&highlight=Smartcard#post2028467
Thanks!
Sorry for the lack of details but I had a similar problem. There are several google references to various ways to get certificates working. You can also disable certificate checking which is what I elected to do for now.
To force WM5 or WM6 to accept the PEAP server's certificate without attempting any other validation, add the following registry key:
[\HKLM\Comm\EAP\Extension\25\]
"ValidateServerCert"=dword:00000000
This worked for me. More good hacks and the full article/blog http://www.mobilewave.ro/forum/topic-2549.html
Can you link to those several references on google? Why is the smartcard or certificate option missing from this rom anyway? Are there any registry hacks to get this option back?
Hey man, do your home work and google and you can always change the registry entry if you think that the network your are connecting too is not trustworthy. Otherwise I think you will spend many hours of trial and error like I did.
I tried
"ValidateServerCert"=dword:00000000
I am still not able to connect to network. Also as said above, the TLS is not showing the certificates & smartcard. Also when I click on TLS "properties" nothing shows up. I have certificates installed, I can see it from Settings->Security->Certificates.
Any help. It is getting very frustrating.
Bump. Please chime in.

At my wits end...ActiveSync error 0x80072f0d

I have searched for 2 days all over the net on how to get rid of this error and have tried every way to import my owa certificate but no matter how i do it, the certificate will not install in the root folder which, from everything i have been reading, is why i can't get my sync to work.
Does anyone have any idea how to install the certificate to the ROOT folder and not the INTERMEDIATE folder?
Thank you
Ex2003 SP2 I gather..
Is the cert installed (and working!) on the server? can you access OWA?
Where did you get the .cert from?
Try grabbing the .cert from your OWA page...
yes i can get owa access however i dont know how to check on server as it is my work server. i am getting the cert from my owa page and am installing however it is installing the cert to the intermediate folder and the root folder thus it wont sync.
I had the same problem. I fixed it by turning *off* SSL (even though my office says they require it to be on).
buckaroo said:
I had the same problem. I fixed it by turning *off* SSL (even though my office says they require it to be on).
Click to expand...
Click to collapse
well ya that will work but isnt a very good idea at all for security purposed.
It's not the site cert you need, it's the Certificate Authority cert you need to install on the device, so the device will trust the body that issued the cert to OWA.
If you're the one running the Exchange Server, go to your Certificate Server (ie http://exchange/certsrv ) and click on the "Download a CA certificate, certificate chain, or CRL", then "Download CA Certificate". Install THAT certificate on your device.
Otherwise, direct your IT people to forward you a CA Certificate.
If you built the Exchange Server yourself, you might want to have a looksie here http://www.msexchange.org/tutorials/SSL_Enabling_OWA_2003.html
gregorypleau said:
It's not the site cert you need, it's the Certificate Authority cert you need to install on the device, so the device will trust the body that issued the cert to OWA.
If you're the one running the Exchange Server, go to your Certificate Server (ie http://exchange/certsrv ) and click on the "Download a CA certificate, certificate chain, or CRL", then "Download CA Certificate". Install THAT certificate on your device.
Otherwise, direct your IT people to forward you a CA Certificate.
If you built the Exchange Server yourself, you might want to have a looksie here http://www.msexchange.org/tutorials/SSL_Enabling_OWA_2003.html
Click to expand...
Click to collapse
thank you, this makes more sense now.
buckaroo said:
I had the same problem. I fixed it by turning *off* SSL (even though my office says they require it to be on).
Click to expand...
Click to collapse
Well, so much for your IT department. They shouldn't let the server authenticate w/o the certificate.

Froyo and exchange

I've searched everywhere but cannot find a solution that works.
I've just got a HTC Desire but cannot get ActiveSync to work. No one other has a Desire with froyo so I cannot get any help here. (they do got iPhones or window phones, which all can sync)
I use the exact same settings as they do, however whatever I do I get "authentication failed", and I know that I user correct domain/user/pass.
I tried owa through the browser and that worked fine. I checked the certificate and that was valid. Any ideas?
We run exchange 2003
go check the exchange original certificate's host name.
This was the problem with my setup.
On 2.1 it didn't care, on 2.2 the domain(host name) must be identical to the actual certificate of the exchange.
yoxler said:
I've searched everywhere but cannot find a solution that works.
I've just got a HTC Desire but cannot get ActiveSync to work. No one other has a Desire with froyo so I cannot get any help here. (they do got iPhones or window phones, which all can sync)
I use the exact same settings as they do, however whatever I do I get "authentication failed", and I know that I user correct domain/user/pass.
I tried owa through the browser and that worked fine. I checked the certificate and that was valid. Any ideas?
We run exchange 2003
Click to expand...
Click to collapse
I'm going to assume you are running Froyo - as most exchange servers require remote wipe and unless your device meets the minimum security requirements it will not work.
Have you installed the certificate? (This may not be necessary as ActiveSync pulls the policies from the server)
Settings > Security > Install from SD Card
Froyo supports ".cer" certificates so you should not have a problem here.
Here is the main thing, in security you need to make sure you do the following:
Change screen lock - make sure you set a PIN password (MUST BE PIN!) If you have pattern password enabled you will not connect.
Lock phone after - this should be set to "Immediately"
After over a week of trying to get it working on my Desire changing to PIN password is what I had to do. Let me know if this works for you.
Failing this download the demo version of TouchDown from the android market and try to connect using the "Automatic" method - if it fails it should give you more details on what the actual problem is or you can always email NitroDesk who make the app for help.
Thanks will try!
tried and it did not help. I'll check with the retards managing our echange. My colleague tried with his user/pass and it worked straight away. there's something wrong with my user i guess.
There is a bug with certain configurations of Exchange 2003 where IIS will throw an error when you log in, if your password is set to expire within 14 days.
Try to log in with outlook web access and see you get "HTTP 401 Unauthorised".
If you do, and press F5 and see if it lets you in. If this happens then you just need to change your password and it should start working on your Desire.
Thanks for your answer st0kes, but it did not help. I can access OWA without any problem. I have tried to set a new password but that did not help either.

Exchange issue

Hi,
I have a question about exchange setup. Is a data plan with enterprise mandatory? or can we use it over wifi?
I am trying to setup my corporate exchange. I installed cerificates from email (after lot of searching) and initially it gave certificate error and i went my ie in laptop and pulled all certificates and installed. Now it just says 'there is a problem with the setup error code 85010004'. Please help.
I searched and could not find any more help anywhere.
Thanks & Regards,
Murty.
Maybe this is too simple, but you do need to reboot the phone after installing the certificates; have you tried that?
I have set up exchange activesync over wifi, and it works fine without a cellular plan.
Thanks for confirming for WiFi.i checked with exchange admin and they said I don't have access. I raised request and fingers crossed for now.

Categories

Resources