hey guys,
am desperately trying to fix my home based exchange server. it's been running fine with 100% uptime since last december. about a week back i was twiddling with some settings in windows and completely destroyed it.
i lost my backup of the entier machine too (it's pretty much a dedicated box for exchange). hence did a rebuild.
however now i'm just not getting it to start up. symptoms:
- OWA (outlook web access) worked. both secure and insecure modes. works on my pc.
- does not work on my PDA - OWA works but no activesync
- disabled ssh and followed the instructions here
- the phone now gives error support code 85010004 "your account in microsoft exchange server does not have permission to synchronise with your current settings. contact your exchange server administrator."
kind of annoying!
- form based authentication is enabled
- basic authentication and integrated windows authentication are ON
- same error whether or not i require SSL.
any tips?
I occasionally get the exact same error message when I sync with my company's exchange server, I have to do a soft reset on the phone and then it works fine. No idea how to fix it so bump
we had quite a few issues originally and think this is one of them i think.
Most revolved around having a recognised accessible dns address that allowed a direct link.
never got ssl to work.
the other issue was getting appropriate certificates that were private to be issued when creating the sync partnership.
can u sync internally using exchange server via a cradled activesync?
get this 2 work first, then look to external push.
I ended up paying it engineers to get it to work over an sbs 2003 box as it was all to much.
but dns addresses being made public, that were also accessible internally (reverse lookup i think) along with no ssl and certificates being correct were our main hurdles.
issue fixed i'm all live! after all that effort i really feel i should open this up to those who don't want to spend days fixing it up...
check http://forum.xda-developers.com/showthread.php?t=346022. currently looking for testers for 1-2 days before i make a subscription based service!
Is anyone else having trouble with configuring the Exchange Server e-mail to work on the Tilt 2 Phone? I know that I've entered the right settings for the server name, domain, etc. Unfortunately, though, I keep getting an error message saying "error synchronizing." When configuring via Active Sync, the specific support code that I'm getting is 0x80072EE7. I've tried everything else that I know how to do. Is there anything that I'm missing? Has anyone else had this problem and figured it out? Thanks for the help.
The only thing that I can suggest is to check the user name that you are entering. In mine it asks for the user name but it really wants the whole email address again. Good luck, I hope that helps.
Exchange Server Problems...
thedon0369 said:
The only thing that I can suggest is to check the user name that you are entering. In mine it asks for the user name but it really wants the whole email address again. Good luck, I hope that helps.
Click to expand...
Click to collapse
Thanks a lot for the reply. I did go ahead and try as you suggested. Unfortunately, it doesn't seem to be working. I tried several variations of what you suggested, but still nothing worked... frustrating!
Exchange Server Problems
AT&T is saying that I need to pay for a different data plan - more money, of course - for me to be able to access the Exchange Server. I guess the 40 dollars that I pay each month for data and text messaging isn't enough. They said that I'd need to pay them another 15 dollars, or so, a month for me to access Exchange Server e-mail. I guess it's different from accessing regular POP3 or IMAP e-mail. Does this sound right? Would I need to pay additional money, beyond the full data package that I already pay for, in order to access Exchange e-mail? There has to be another way, right?
No other way around it that I know of. You need an Enterprise data plan to hit an Exchange Server. The extra charge is probably due to the extra data useage of being constantly connected to the Exchange Server. I'm not saying the extra charge is justified. An unlimited data plan should be unlimited. But we all know AT&T has a different definition of "unlimited". It's just the way the great Death Star operates.
PiSigma said:
No other way around it that I know of. You need an Enterprise data plan to hit an Exchange Server. The extra charge is probably due to the extra data useage of being constantly connected to the Exchange Server. I'm not saying the extra charge is justified. An unlimited data plan should be unlimited. But we all know AT&T has a different definition of "unlimited". It's just the way the great Death Star operates.
Click to expand...
Click to collapse
That's what I feared... Thanks for your time and assistance with this. I appreciate it. (I won't be paying them anymore money, though! I'll just have to deal with it...)
Weird...both my wife and I have the $30/month data plan and it lets us download from Exchange.
Try configuring the server via the Activesync. My company's email address and username (login name for your corporate network) are not the same and I don't think it prompts you during initial setup. If your company has a similar infrastructure as mine, be sure to enter your email address where it asks for that, and your network login username (not your email address) when it asks for the login credentials.
Edit: A quick Bing search came up with this: http://www.experts-exchange.com/Software/Server_Software/Email_Servers/Exchange/Q_22027911.html
Scroll all the way to the bottom of the page to see what the resolution is for that exact error code. Basically, it boils down to your SSL/encryption settings on your phone not matching what's required by Exchange. It has nothing to do with sending AT&T more money.
e_dogg said:
Scroll all the way to the bottom of the page to see what the resolution is for that exact error code. Basically, it boils down to your SSL/encryption settings on your phone not matching what's required by Exchange. It has nothing to do with sending AT&T more money.
Click to expand...
Click to collapse
I'm also getting Exchange mail on the $30 a month data plan.
That's a good suggestion on the SSL settings--try either checking or unchecking that box during the setup.
One thing to try is hook up your phone to WiFi to see if that stops the error, then you know its AT&T thats stopping your Exchange from working. Otherwise you know its another error.
DD7374 said:
AT&T is saying that I need to pay for a different data plan - more money, of course - for me to be able to access the Exchange Server. I guess the 40 dollars that I pay each month for data and text messaging isn't enough. They said that I'd need to pay them another 15 dollars, or so, a month for me to access Exchange Server e-mail. I guess it's different from accessing regular POP3 or IMAP e-mail. Does this sound right? Would I need to pay additional money, beyond the full data package that I already pay for, in order to access Exchange e-mail? There has to be another way, right?
Click to expand...
Click to collapse
Exchange Server ActiveSync operates 100% over HTTP over SSL. If you can go to websites that are prefixed with "https://" then you can access Exchange Server ActiveSync provided you are configured correctly.
The first thing that I would suggest doing, is verifying that the web services for the Exchange you're trying to connect to are properly configured, by visiting the following URL:
https://[DNS host of your Exchange]/Microsoft-Server-ActiveSync/
If you're prompted to enter credentials, enter them:
[DOMAIN]\[username]
[password]
And see if you get an HTTP 501. If you do get this HTTP Status Code, it means that Exchange Server ActiveSync is properly configured on the Exchange end. If you do not get this status code, or do not get prompted for credentials, it means that either the Exchange server is not [properly] configured for Exchange Server ActiveSync, or that, that service is not properly published to the internet.
If you are warned about an untrusted certificate, this could be your problem. You will need to obtain a copy of the root certification authority which signed the SSL certificate for the Exchange, and install it on your phone.
Then, try going to this address on your phone. You should experience the same behaviour. This means that either:
A. You are setting up your phone wrong.
B. Your e-mail account has been blocked from using ActiveSync by an Exchange administrator.
If you cannot go to this address on your phone, try going to another site that is HTTPS, and see if that succeeds.
I just got exchange working for myself, after coming up against what felt like a brick wall, and smacking my head against it for a few days.
First things first, check if your server is set up for it. go to https://youremailserver/oma and see what you get. You should get prompted for your username/password, then (maybe) get a warning about an unsupported device, then get a super-pared-down screen with links to inbox etc...
As a side note, this should also work from your phone's web browser (that's what that site was made for), though you'll be zooming in after every click.
If you don't get all that, or get an error message, then contact your administrator, 'cause it's not set up.
If you are the administrator, or your administrator wants to set it up but doesn't know how, let me know (by PM, I'll probably forget to look here later) and I'll send you the steps. It's server config stuff and you'd need admin privileges on the exchange server. The default settings in Exchange Server simply don't allow for OMA.
Just a follow up to my earlier post - I spoke with three different AT&T CS reps today, including one from the Wireless Data Group, and they all told me you would be violating your ToS if you access an Exchange Server with a PDA Personal plan. So, while this may not be the technical cause of your problems, it could be an issue if you get caught. Sort of like those of us who tether without a tethering plan.
Just FYI......
kay7 said:
I just got exchange working for myself, after coming up against what felt like a brick wall, and smacking my head against it for a few days.
First things first, check if your server is set up for it. go to https://youremailserver/oma and see what you get. You should get prompted for your username/password, then (maybe) get a warning about an unsupported device, then get a super-pared-down screen with links to inbox etc...
As a side note, this should also work from your phone's web browser (that's what that site was made for), though you'll be zooming in after every click.
If you don't get all that, or get an error message, then contact your administrator, 'cause it's not set up.
If you are the administrator, or your administrator wants to set it up but doesn't know how, let me know (by PM, I'll probably forget to look here later) and I'll send you the steps. It's server config stuff and you'd need admin privileges on the exchange server. The default settings in Exchange Server simply don't allow for OMA.
Click to expand...
Click to collapse
I don't know what version of Exchange you're thinking of, but I'm running Exchange Server 2007, and "OMA" is not a virtual directory on my CAS.
PiSigma said:
Just a follow up to my earlier post - I spoke with three different AT&T CS reps today, including one from the Wireless Data Group, and they all told me you would be violating your ToS if you access an Exchange Server with a PDA Personal plan. So, while this may not be the technical cause of your problems, it could be an issue if you get caught. Sort of like those of us who tether without a tethering plan.
Just FYI......
Click to expand...
Click to collapse
How are they going to catch you? Crack open that SSL tunnel and examine your traffic?
I think they have better things to do.
Just thought I'd mention that I've gotten my Exchange Server to work. Thank you to everyone who's given suggestions to me in order to resolve my problem. It's nice to know that everyone here is so helpful. Thanks again.
PiSigma said:
Just a follow up to my earlier post - I spoke with three different AT&T CS reps today, including one from the Wireless Data Group, and they all told me you would be violating your ToS if you access an Exchange Server with a PDA Personal plan. So, while this may not be the technical cause of your problems, it could be an issue if you get caught. Sort of like those of us who tether without a tethering plan.
Just FYI......
Click to expand...
Click to collapse
Thanks for the tips... I appreciate all your time.
kay7 said:
I just got exchange working for myself, after coming up against what felt like a brick wall, and smacking my head against it for a few days.
First things first, check if your server is set up for it. go to https://youremailserver/oma and see what you get. You should get prompted for your username/password, then (maybe) get a warning about an unsupported device, then get a super-pared-down screen with links to inbox etc...
As a side note, this should also work from your phone's web browser (that's what that site was made for), though you'll be zooming in after every click.
If you don't get all that, or get an error message, then contact your administrator, 'cause it's not set up.
If you are the administrator, or your administrator wants to set it up but doesn't know how, let me know (by PM, I'll probably forget to look here later) and I'll send you the steps. It's server config stuff and you'd need admin privileges on the exchange server. The default settings in Exchange Server simply don't allow for OMA.
Click to expand...
Click to collapse
I got it! Thanks for your help.
Spike15 said:
Exchange Server ActiveSync operates 100% over HTTP over SSL. If you can go to websites that are prefixed with "https://" then you can access Exchange Server ActiveSync provided you are configured correctly.
The first thing that I would suggest doing, is verifying that the web services for the Exchange you're trying to connect to are properly configured, by visiting the following URL:
https://[DNS host of your Exchange]/Microsoft-Server-ActiveSync/
If you're prompted to enter credentials, enter them:
[DOMAIN]\[username]
[password]
And see if you get an HTTP 501. If you do get this HTTP Status Code, it means that Exchange Server ActiveSync is properly configured on the Exchange end. If you do not get this status code, or do not get prompted for credentials, it means that either the Exchange server is not [properly] configured for Exchange Server ActiveSync, or that, that service is not properly published to the internet.
If you are warned about an untrusted certificate, this could be your problem. You will need to obtain a copy of the root certification authority which signed the SSL certificate for the Exchange, and install it on your phone.
Then, try going to this address on your phone. You should experience the same behaviour. This means that either:
A. You are setting up your phone wrong.
B. Your e-mail account has been blocked from using ActiveSync by an Exchange administrator.
If you cannot go to this address on your phone, try going to another site that is HTTPS, and see if that succeeds.
Click to expand...
Click to collapse
I got it! Thanks for your help.
kay7 said:
I just got exchange working for myself, after coming up against what felt like a brick wall, and smacking my head against it for a few days.
First things first, check if your server is set up for it. go to https://youremailserver/oma and see what you get. You should get prompted for your username/password, then (maybe) get a warning about an unsupported device, then get a super-pared-down screen with links to inbox etc...
As a side note, this should also work from your phone's web browser (that's what that site was made for), though you'll be zooming in after every click.
If you don't get all that, or get an error message, then contact your administrator, 'cause it's not set up.
If you are the administrator, or your administrator wants to set it up but doesn't know how, let me know (by PM, I'll probably forget to look here later) and I'll send you the steps. It's server config stuff and you'd need admin privileges on the exchange server. The default settings in Exchange Server simply don't allow for OMA.
Click to expand...
Click to collapse
if you could send it to me that would be great, i'll pm you
Hi,
I had a similar problem with my TP2. Its unbranded and connected to T-Mobile UK. The phone woould not load any https sites, because the t-mobile connection settings has the 'Use proxy server' option checked. As soon as i unchecked that it sync'd to exchange perfectly.
not sure f that option is checked on yours.
Ian..
So.. with Nexus One's Activsync integration, there was an option "accept all ssl"
With my incredible, it does not have that option (that I can see).. Therefore with a custom certificate from my company's security team, I constantly get warnings for the certificate. Very annoying and prevents me from syncing well.
Thoughts? Solutions?
Please move this to appropriate forum if I'm in wrong place. Thanks in advance.
I allowed me to chose SSL. From in your Exchange Active sync do the following:
Menu -> More -> Settings -> Account Settings
Scroll down to below the password or you can close the virtual keyboard and you should see it.
Thanks for your reply..
However, that option just says "This Server requires an encrypted SSL connection"
The old version had an option to accept all SSL Certificates.
This means, a custom signature coming from a very large technology company's, very extensive IT security team, will be accepted in any way shape or form.
Alternatively, if the certificate is "not from a trusted authority", then you get the warning over and over and over and over.. whether you accept it or not.
my company is using a godaddy cert, it works fine. i tried setting it up for a client who has 07 exchange and a cert, but its not a well signed one, it wouldnt work at all. so not that it is the best solution but u could get a godaddy cert for yourself.
iamodogg said:
I constantly get warnings for the certificate. Very annoying and prevents me from syncing well.
Click to expand...
Click to collapse
What is the warning? Do you know if they have their cert setup correctly?
I'm currently using the Touchdown app and using SSL. I haven't seen any warnings.
Touchdown will work fine. The certificate is obviously custom-built. We are a 60k employee company. They are not going to change the very for the limited android users.
Again, the 2.0 OS had a feature built in that allowed you to choose to accept all certificates.
Thanks for the work around/alternatives. Still hoping for a fix.
-------------------------------------
Sent via the XDA Tapatalk App
i had a clients incredible and it just wouldn't work, they were using a self sign certificate and exchange 07. i tried every setting i could, even after the software update1. yesterday i was determined to get it to work so i searched and searched. It just keep saying it couldnt authenticate. From what I found a couple things could work.
What I did:
I opened the browser and went to the company owa site. https://mail.company.org/owa, then onces there I could log in. I logged in as the user and it asked me to accept the certificate so I did. Then I was able to get into the users box. Then I added the exchange activesync account next and it work with one minor change in the domain field ( i just erased it). Form what I understand the autodiscover service on IIS needs to be running and working. Not 100% sure, but I got it to work so its worth a try.
What I tried, but didnt work:
Several sites said as long as you are connected to the network, but don't have internet then so the setup and it will continue. Then once it is setup then plug the internet back in and it will ask you to accept the cert and u just say yes. the option which you are talking about no longer looks available. Again its worth a try
Hope this helps
Yeah not sure what the OP means by "Custom Cert" as it's either a valid cert from a trusted CA or it's self signed. Nothing in between. I don't know why a company with 60K employees though would not have a valid SSL cert though...
Look at the cert properties and make sure the server name you are using on the phone matches the name on the cert exactly (if you haven't checked that already). This is the "Issued to:" field...
Hello,
Well, I think I should start with the basics. I Have a Sprint HTC Touch Pro 2, with WM 6.5 and a few tweaks and add ons but still with the default ROM. I could update but simply have not really had the courage to test the idea of updating the rom with one of the many possibilities out there.
Now, I also have my own domain names, one of which is my contact email for xda-developers.com. Of the two domains, we'll simply call them Domain1 and Domain2, Domain1 expired on Feb 11, due to a delay in funds to renew my registration. Given the economy i don't believe anyone should be surprised, however I have quite a few email addresses attached to this domain and thus planned and did renew my registration. For about two weeks the domain was non functioning, as Network Solutions re-routed the DNS to point to their internal "Domain Expired" page, as opposed to my actual web hosting service. This is not new, I've dealt with it before. Now, early Thursday morning, I made a payment to renew the registration. By this morning, My home PC using Thunderbird & Firefox was able to receive emails from all addresses associated with Domain1.com, and I was able to browse to this Domain for the website.
However, currently my HTC TP2, which is configured to manage all of my emails for this domain, cannot communicate with the server, and Opera still redirects me to the Network Solutions "Domain Expired" page. I believe this is due to some "DNS Cache" that still remembers the redirect DNS for Domain1.com as opposed to the actual DNS for the domain as it should be. However, I cannot simple go to a windows command prompt and clear the DNS cache as I can on XP. So, any suggestions on how to tell my phone to re-lookup the DNS address for the Domain1.com emails and website would be GREATLY appreciated. I mean, this should be a part of the INternet and if my home Desktop was able to browse to my website after i've renewed the domain registration, my phone's browser should do the same.
Thanks for the help,
Jaeden "Sifo Dyas" al'Raec Ruiner
Help!
I'm having issues connecting my work emails to my phone. Our IT department says that android phones don't support the necessary policies to gain access. iPhones can connect no problem. And oddly Samsung Galaxy S3 is an enterprise ready phone it also works. Seeing how the Galaxy S3 works. I assume that the Galaxy Nexus also has the capability to work if I port the email.apk from the S3?
I ask because I want native support. (i.e. calendar sync, contacts, etc...) I'm using k-9 for now just for the emails. Let me know if anyone has any ideas. Thank!!!
Can you explain more? Are you unable to reach the server? Are you sure you have the correct server address? Do you have Active Sync enabled for your account on Exchange? I sync with Exchange 2007 with no problems.
The problem is I keep getting incorrect username password errors. And when I consulted with our IT department they explained to me it wasn't because I inputted anything in wrong. It was because there are certain Microsoft Exchange security policies that android doesn't support natively.
Sent from my Galaxy Nexus using Tapatalk 2
I don't think that's correct. What's the policy they are enforcing that Android doesn't support?
What ver. of Exchange are you on?
Exact Issue I am facing too . My pl can connect via his Iphone 4 but not me... Never it gets connected.
deepayanneogi said:
Exact Issue I am facing too . My pl can connect via his Iphone 4 but not me... Never it gets connected.
Click to expand...
Click to collapse
What version of Exchange? What policy isn't supported?
2010 exchange , Cannot connect simply on giving credentials.
I've never had a problem. Enter my domain\username and password and the server URL which is different from what it defaults to and I'm good.
Edit: Looks like it might be non-provisional devices?
Issue 2.1 - Failures to provision and synchronize with Android OS
Exchange ActiveSync policies can cause provisioning and synchronization to fail when the devices are customized. Devices are not provisioned if a policy that exceeds these limitations is applied to the users of these devices. This issue is discussed in comment 9 from the following post on the Google Android forum:
http://code.google.com/p/android/issues/detail?id=9426
Edit: Maybe get them to create a new policy for you. Should only take them a second.
Another alternative would be to use an app like TouchDown, it would also provide the added bonus of seperating your e-mail from your phone. If a pin is enforced, it's enforced in touchdown, not the whole phone. a remote wipe only kills touchdown, not the whole phone.. etc.
It's a bit pricey, but very worth it.
deepayanneogi said:
2010 exchange , Cannot connect simply on giving credentials.
Click to expand...
Click to collapse
I use exchange 2010 no problem, and I just migrated a customer to exchange 2010 with a mixed iPhone/Android environment. If it's an authentication issue there are a couple of things to try:
-In the username make sure the format is DOMAIN\Username. So if your domain is ABC and your username is jsmith - it would be "ABC\jsmith" without the quotes.
-Make sure the servername is correct (i.e.: is the fqdn that can be resolved from 3G or from Wifi internally/externally - a lot of folks don't setup the correct DNS internally and mail.company.com may resolve to their website or something).
-Try checking/unchecking Use SSL, and Accept all SSL certificates. Using SSL is always best and Exchange 2010 requires it by default if I'm not mistaken, but unless you've got a trusted SSL certificate installed on the server you may have a problem...but nothing that can't be overcome by this.
-I'm assuming your user is allowed to use a mobile device since your IT person is troubleshooting.