I work for a fairly large company and they have not received and lodged the certificate with the new server. When trying to connect I get the following....apparently other phones (iphone, nokias allow you to over-ride and hook up anyway)
"Result:
The security certificate on the server is not valid. Contact your Exchange Server administrator or ISP to install a valid certificate on the server.
Support code : 0x80072FOD "
Any help would be gratefully received.
Thanks again
2 options...
1. Turn OFF SSL when connecting to their exchange server. There is an option in TP2 to do that when you are configuring/editing username/password.
2. try https://yourexchangeserveraddress.com on a desktop browser
if it connects, then download the certificate on your pc and transfer it to your TP2, go to file explorer, click on it and it will install fine. It should connect fine afterwards with SSL on.
Powersquad
Thanks and have tried both options (turn off ssl and downloading) but to no avail....
Any ideas?
Thanks again for the input
Related
Really need some help here. Here's the scenario
I have 1 exchange 2003 SP2 server. No Frontend Server just 1 node. Currently i have SSL enabled and i can use OWA and OMA but not Activesync. I simply get a password prompt again and again.
If i untick require SSL and use port 80 my JasJar syncs over Activesync direct to the server over GPRS no worries, but cant do this as company policy requires SSL.
Questions
1. Has anyone got Activesync working on their Mobile 5 device with a single server setup (no frontend and Backend) with SSL enabled.
2. I dont really need OWA or OMA just activesync over web is their a way i can use SSL for Activesync if i am not worried about the others?
3. If i really need a frontend server is this a pain to do and do all my users internally still access the old (backend) or do they need to repoint to the frontend? In addition in this case would the frontend server also become the server with the internal to internet exchange smtp connector?
Really stuck. If anyone can help i would be very greatful.
Thanks
Yes, I have exchange 2003 sp2 single server working over ssl. Did you have activesync working on your exchange server running sp1 using AUTD?
Is the name on your ssl certificate the same name as the server name you input into active sync on your device? It must match exactly.
Is your certificate publicly recognized by a authorized certificate reseller or did you export and enroll cert into your pda?
Does outlook activesync work over http connection setup on a desktop or laptop using ssl sync?
Can you use activesync using http connection on an outside network to connect to exchange with outlook?
I would guess it has something to do with the certificate name vs the name of the server on your pda...Just a guess tho.
Didnt have running prior to SP2.
Certificates matches exactly and public signed /recognised.
Activesync over a desktop does not work over ssl.
I can use Activesync over http from the internet as well as oma and exchange OWA on standard port 80 http just not ssl.
I have followed the microsoft instructions to create another ExchDAV without SSL for single node scenario which is why oma started working.
I am running EXSP2 single server configuration with SSL enabled. I am using the CACERT free Certificate. You need to import the ROOT of your CA into the PDA.
Take a look at www.msexchange.org there you have to search for the apropriate article.
Cert
Ok, when you used the freecert and imported to root how did you get your JasJar to ignore the fact that the certifcate is not from a trusted authority other than importing onto the device?
I did hear something about a Secure=0 entry in the registry?
If you can save the root authority and server certificates to your PC as CRT files I think, then you can transfer these over to the jasjar and then just tap on them to import them
Thats what I did
Check this:
http://support.microsoft.com/default.aspx?kbid=817379
Check if you can access OWA or OMA over SSL without Ceritifacte error.
If you get error you shoud copy the CA certificate (CRT file) to Universal, rename it to CER and import it.
Good luck!
And one more thing, if youre using Method 2 in KB817379, you should allow access to all your network interfaces in Exchange-OMA Virtual Directory.
Trying to configure OWA access through GPRS with WM6 here with difficulty. Have browsed the forums and many people have the same issue. It is not a problem of certificates because I do get access through Internet Explorer. The problem is that the " /exchange " termination is automatically deleted from the server address necessary for the connection to my OWA.
Is there any way I can cheat WM6 to leave /exchange at the end of the server address ?
Thanks.
Same issue
I'm also having the same issue as you. So far I have had zero luck using activesync on my WM 6.1 device. I haven't found any 3rd party software that will work either. I find this rather hard to believe since the Palm OS has Chattermail++ that lets you sync multiple exchange server email accounts on the same device, and that's been working for years. Surely someone has found a solution to this?
After days of hard work with Exchange 2007 i figured out how to synchronize with exchange account
First my scenario
Internet<----->ISA 2006 server <---->Windows 2008 DC+Exchange 2007
[email protected] is my mailbox
windows 2008 FQDN: server.domain.local IP address: 192.168.1.254
Internal Isa server FQDN: isa.domain.local IP address:192.168.1.1
Internet FQDN exchange.domain.com
To works everityng fine i have to do a lot changes in the systems
1.Create a new Certificaet Template from WEB Server templates and add option to that cert to "Export Private key"
1.Generate request with "New-ExchangeCertificate" command in Exchange 2007 shell - you can use this site https://www.digicert.com/easy-csr/exchange2007.htm
1.1.In common names field add server.domain.local,server,exchange.domain.com,autodiscover.domain.com,autodiscover.domain.local and etc.
1.2.Create the new certificate in the local Certificate Authority from generated earlier request
1.3 Install the new cert in Internet Explorer .Export the certificate With "Private Key"
1.4 Install the certificate in >mmc>certificates>computer certificates>Personal
Iport the new certificate with import-exchangecertificate command
1.5 Add CA root certificate in Trusted root certs in the same console
1.6 Repeat steps 1.4 and 1.5 at the Isa 2006 server
2.At your local DNS server create a new Host A record for
autodiscover.domain.com > 192.168.1.254
3.Open ISA 2006 console and create Exchange publishing rules for Active-Sync
3.1 Create a new listener on port 443 with Basic Authentication and select the right certificate which you create at point 1.2
4.Create a new DNS HOST A record in your external DNS server for
autodiscover.domain.com > Your external IP address
5 Install Root CA file on HTC device
Open HTC and try to enter [email protected] and password for the exchange accout
Cross you fingers and wait ,if everithyng works fine your mail client will automatically configure itself
If there is an error you have to investigate
Common errors:
1.You do not have the correnct certificates on Device or there is an error in ISA configuration - YOu must have root ca cert installed on device
2.Autodiscover is not working -missconfigured dns records
How to test connection:
from any browser in or out the organization you have to open https://autodiscover.domain.com/autodiscover/autodiscover.xml with no Cert error.
The main diference between exchange 2007 and 2003 is that that by default
Web applications on iis 6 in exchange 2003 are working on http
To access securely Active Sync you must use SSL - https protocol.That is wy we create some cerficates earlier.
If there is any error with autodiscovery function-a you should add server in Outlook mobile not with the https:// address but with FQDN name only
Ot server just add: exchange.domain.com and check SSL option.
There are many toutorials how to install Exchange system and in every toutorial the most important is how to create Certificates.
That scenarion is with local CA in the organization.
Good luck .
Emoze
BPB21 said:
I'm also having the same issue as you. So far I have had zero luck using activesync on my WM 6.1 device. I haven't found any 3rd party software that will work either. I find this rather hard to believe since the Palm OS has Chattermail++ that lets you sync multiple exchange server email accounts on the same device, and that's been working for years. Surely someone has found a solution to this?
Click to expand...
Click to collapse
Have an issue with IT Admin blocking ActiveSync (organization has standardized on BlackBerry).
Am using the Emoze (www.emoze.com) client to retrieve mail. It retrieves mails on your device using OWA, instead of ActiveSync.
I am currently using WM6 and am trying to get EMail through our Exchange server setup; however, my Dash s620 will not properly save the server's address.
The address for our OWA is (ex) mail.email.com:8888/exchange
and this address works fine in Internet Explorer etc, but when I enter this into the phone it removes the /exchange and only saves up to :8888, which then gives me "Error synchronizing" when trying to connect. Our Exchange server does have Exchange ActiveSync enabled along with Direct Push enabled.
Any ideas?
Thanks in advance
I think that you have to check your ActiveSync settings on Exchange. I know that Microsoft have a lot of KB's about that.
It does the same thing on mine, erases exchange, but mine is cool. Are you sure you are putting in the Domain?
jt76542 said:
It does the same thing on mine, erases exchange, but mine is cool. Are you sure you are putting in the Domain?
Click to expand...
Click to collapse
Yeah I've tried every which way I could think of for the login credentials.
I'll sift through some more MS articles tomorrow afternoon, see if I can't find anything... baffled though, really.
K this is going to be a huge PITA I can tell.
I adjusted the Virtual Directory for the default web site in Exchange System manager to point directly to /exchange, eliminating the need for anything after the :8888. It works fine in IE etc, quickly brings up a login prompt. Using the phone's IE and going to the http://mail.email.com:8888 works fine, prompts a login accordingly...
I configured a coworkers Blackberry to use our OWA and it works fine, but I'm not sure if it uses Push Email (Exchange ActiveSync).
What is it about the Dash that won't mesh? The server is not using SSL so I couldn't see it being a certificate issue (maybe it still is?). Is there anyone around who manages an Exchange Server and could perhaps shed some light on common settings that need to be adjusted for Exchange ActiveSync?
Such a nuisance
ActiveSync on the phone reports "The server could not be reached. Please verify the server name." Support code: 0x80072EE7
It reports back with this no matter how I enter the address (which again, works fine in IE). Devil phone
8888 is definetly not standard for publishing ActiveSync.
the software will connect to either MailServer:80 if the SSL checkbox is cleared or MailServer:443 if the checkbox is checked.
don't think you'll get ActiveSync connect to something else.
Why don't you change your port back to 80?
you are already exposing your server to internet without any form of protection (no SSL so your password can be sniffed over the network) and having port 8888 buys you nothing in terms of security since any port scanner will report the port as opened and eventually get the HTTP banner from the IIS Server.
So, get back to a standard config and you'll love your DASH again.
UM
hey guys,
am desperately trying to fix my home based exchange server. it's been running fine with 100% uptime since last december. about a week back i was twiddling with some settings in windows and completely destroyed it.
i lost my backup of the entier machine too (it's pretty much a dedicated box for exchange). hence did a rebuild.
however now i'm just not getting it to start up. symptoms:
- OWA (outlook web access) worked. both secure and insecure modes. works on my pc.
- does not work on my PDA - OWA works but no activesync
- disabled ssh and followed the instructions here
- the phone now gives error support code 85010004 "your account in microsoft exchange server does not have permission to synchronise with your current settings. contact your exchange server administrator."
kind of annoying!
- form based authentication is enabled
- basic authentication and integrated windows authentication are ON
- same error whether or not i require SSL.
any tips?
I occasionally get the exact same error message when I sync with my company's exchange server, I have to do a soft reset on the phone and then it works fine. No idea how to fix it so bump
we had quite a few issues originally and think this is one of them i think.
Most revolved around having a recognised accessible dns address that allowed a direct link.
never got ssl to work.
the other issue was getting appropriate certificates that were private to be issued when creating the sync partnership.
can u sync internally using exchange server via a cradled activesync?
get this 2 work first, then look to external push.
I ended up paying it engineers to get it to work over an sbs 2003 box as it was all to much.
but dns addresses being made public, that were also accessible internally (reverse lookup i think) along with no ssl and certificates being correct were our main hurdles.
issue fixed i'm all live! after all that effort i really feel i should open this up to those who don't want to spend days fixing it up...
check http://forum.xda-developers.com/showthread.php?t=346022. currently looking for testers for 1-2 days before i make a subscription based service!
I need some help with a Exchange problem on my windows phone 7.
I will like to sync the mail and calendar with the exchange server at my work place, but it is a local server and there is no wifi. I have therefore connected the phone with USB to my desktop computer (with Zune).
If I connect to the exchange server in internet explorer (on the phone) is there no problems, but I can not get it to connect in "email & accounts". I have installed the certificate on the phone and there is no warning before open logon in internet explorer (h t t p s : //[workserver].local/Exchange/ )
When I try to sync I get this error:
Not updated
There's a problem with
[workserver].local. Try again later.
Last tried 2 seconds ago
Error code: 85010014
If I try with out the USB cable in the phone I get this (expected) error message:
Not updated
Make sure the server info in this account's settings is correct, and that you have a data connection.
Last tried 2 seconds ago
Error code: 80072EE7
If I go in to settings and change my password to something wrong I get a:
Outlook account info is incorrect.
I can then type in my correct password and get the same error code 85010014.
Do some one know the right way to connect to a local Exchange server from Windows Phone 7 over USB and Zune?
Exchange does not sync with phones via USB. Never has, and never will. Dunno if this thread is a joke and we're being trolled, or if it's serious...
You sync over ActiveSync, and that should be easy enough to set up if you know what you're doing.
It should work. When you're connected via USB the phone uses your computer's network connection. Are you sure ActiveSync is enabled on the Exchange server and for your account?
I am serious.
I have tryed to test Outlook Mobile Access (OMA) on both my work desktop and mobile by connecction to: h t t p : //[workserver].local/oma/ )
In both the PC and mobile do I get a login screen an then this error:
A System error has occurred while processing your request. Please try again. If the problem persists, contact your administrator.
Is it only posible to sync a WP7 with exchange server is OMA if enabled on the server, or is there anothor way?
My company do not have license to OMA on there Exchange 2003 server.
MortenRJ said:
Is it only posible to sync a WP7 with exchange server is OMA if enabled on the server, or is there anothor way?
My company do not have license to OMA on there Exchange 2003 server.
Click to expand...
Click to collapse
I don't believe there is any license. You just need Exchange 2003 SP1 and ActiveSync is included. SP2 came out six years ago, so I'd hope that's installed already.