Related
So.. with Nexus One's Activsync integration, there was an option "accept all ssl"
With my incredible, it does not have that option (that I can see).. Therefore with a custom certificate from my company's security team, I constantly get warnings for the certificate. Very annoying and prevents me from syncing well.
Thoughts? Solutions?
Please move this to appropriate forum if I'm in wrong place. Thanks in advance.
I allowed me to chose SSL. From in your Exchange Active sync do the following:
Menu -> More -> Settings -> Account Settings
Scroll down to below the password or you can close the virtual keyboard and you should see it.
Thanks for your reply..
However, that option just says "This Server requires an encrypted SSL connection"
The old version had an option to accept all SSL Certificates.
This means, a custom signature coming from a very large technology company's, very extensive IT security team, will be accepted in any way shape or form.
Alternatively, if the certificate is "not from a trusted authority", then you get the warning over and over and over and over.. whether you accept it or not.
my company is using a godaddy cert, it works fine. i tried setting it up for a client who has 07 exchange and a cert, but its not a well signed one, it wouldnt work at all. so not that it is the best solution but u could get a godaddy cert for yourself.
iamodogg said:
I constantly get warnings for the certificate. Very annoying and prevents me from syncing well.
Click to expand...
Click to collapse
What is the warning? Do you know if they have their cert setup correctly?
I'm currently using the Touchdown app and using SSL. I haven't seen any warnings.
Touchdown will work fine. The certificate is obviously custom-built. We are a 60k employee company. They are not going to change the very for the limited android users.
Again, the 2.0 OS had a feature built in that allowed you to choose to accept all certificates.
Thanks for the work around/alternatives. Still hoping for a fix.
-------------------------------------
Sent via the XDA Tapatalk App
i had a clients incredible and it just wouldn't work, they were using a self sign certificate and exchange 07. i tried every setting i could, even after the software update1. yesterday i was determined to get it to work so i searched and searched. It just keep saying it couldnt authenticate. From what I found a couple things could work.
What I did:
I opened the browser and went to the company owa site. https://mail.company.org/owa, then onces there I could log in. I logged in as the user and it asked me to accept the certificate so I did. Then I was able to get into the users box. Then I added the exchange activesync account next and it work with one minor change in the domain field ( i just erased it). Form what I understand the autodiscover service on IIS needs to be running and working. Not 100% sure, but I got it to work so its worth a try.
What I tried, but didnt work:
Several sites said as long as you are connected to the network, but don't have internet then so the setup and it will continue. Then once it is setup then plug the internet back in and it will ask you to accept the cert and u just say yes. the option which you are talking about no longer looks available. Again its worth a try
Hope this helps
Yeah not sure what the OP means by "Custom Cert" as it's either a valid cert from a trusted CA or it's self signed. Nothing in between. I don't know why a company with 60K employees though would not have a valid SSL cert though...
Look at the cert properties and make sure the server name you are using on the phone matches the name on the cert exactly (if you haven't checked that already). This is the "Issued to:" field...
I am having problem to see anything in the inbox from my company's exchange server. I have the same setup with my HeroC without any issue. Does anyone have this kind of problem. I am able to sent email from the account.
Thanks
zilla1000 said:
I am having problem to see anything in the inbox from my company's exchange server. I have the same setup with my HeroC without any issue. Does anyone have this kind of problem. I am able to sent email from the account.
Thanks
Click to expand...
Click to collapse
More account info required. I have one real exchange account and 4 google accounts syncing through exchange on the email app without issue. So it's not a fundamental issue with the app.
I will say that setting up exchange between droids, HTC and samsungs can be a pain because they all want the setup info entered differently. I wish the gmail app would handle exchange accounts, it would be so nice to have one process work on all Android phones.
You are doing the manual setup. Sometimes outsourced exchange services can b funky to setup. I had one that weird.
Example:
Email was [email protected]
Sever address was west.ex145.server.net
Domain was ex145
Username was ex145\goober_newdomainname
If you do not use manual config the app assumes the server is bigco.com. I have also seen issues if you have the accept all ssl certificates checked. You would think you would want it checked in something like the example above because all the redirects an domains but checking that created issues.
Thanks for the response; I am using manual setup with the following info (using a generic name as example)
Email was [email protected]
Sever address was exchange.company.com
Domain was company
Username was company\username
There is no problem for the account setup, and I can see the inbox and the sub folders under it; however, all are empty. I can also send email from the email apps. I tried manual refresh, push, it all shows 0 mail. From the Exchange web access, I can see the mobile device sync status; but the last sync time was not updating.
Any suggestion on what else I should try.
Thanks.
delete the account on the phone, and recreate it using the correct settings, after you click save or something after configuring it, it should bring you to your email app inbox with no messages. now wait, after a few minutes it should alert you about needing additional security rights or something. it will either pop up and tell you about it, accept it, or it might just pop up a notification so you'll have to expand your notification bar menu then click the notification to accept it. your miles my vary, but that is what worked for me.
ELSE, this is the full processes I had to do (I'm the exchange admin at my work)
Open Active Directory Users and Computers, enable Advanced Features (View > Advanced Features). Go to the properties of the user you are trying to enable, go to the security tab, click Advanced, Then select Exchange Server (******\Exchange Servers) and click the checkbox for Include inheritable permission from this object’s parent.
Clear the cache for the email program on the Android phone (Settings > Applications > Manage applications > All > Email > Clear data) THIS WILL DELETE ALL E-MAIL ACCOUNTS AND EMAIL ON THE PHONE!!!!!!!!
Add the account as you usually would, it will, do a refresh and it will show no e-mails. In a few seconds you should get an alert that the program needs extra permissions, select that notification and accept it.
Also for anyone who is getting some kind of certificate error or something (i forget the exact error) after flashing a new rom, before flashing the rom wipe everything.
Thanks for all the suggestions; I was not able to get our Exchange Admin to change anything on the server side. I end up of getting "Exchange for Android" apps, and it works without any issue. I am not sure what was the issue on the stock email client. I just like to update this in case anyone else run into the same problem, at least there is a alternative (it is free with 30 day trial, kind of expensive but it works).
Depending on what version of exchange and the policies you may have received a notice to allow the exchange server to enforce policies on your phone. I missed it last time - have to swipe down and look at your notices.
zilla1000 said:
Email was [email protected]
Sever address was exchange.company.com
Domain was company
Username was company\username
Click to expand...
Click to collapse
I see one flaw in your setup right there. You're listing your domain twice. You're listing it in the domain field, and then apparently listing it again in the username field. That can cause some confusion, as it will essentially report to the server to authenticate "domain\username" against the domain you listed. Normally it's one or the other. The \ implies that anything before it is the domain.
Step by step instructions
Hello,
I posted some step by step instructions for setting up MS Exchange on your Android phone you may find helpful.
http://www.completesystemsdesign.co...d-tablet-to-ms-exchange-for-email-sync-2.html
It all depends on your work exchange. for me it was mail.[domain].com but I had to go to touchdown anyways since the stock email app wouldn't let me respond to signed messages.
Has anyone seen a fix for this. I had mine setup correctly and it was displaying incoming emails, but it was not syncing contacts back and forth so i deleted the account and set it back up. Now, i can see all email boxes, send emails, view sent emails, update calendar appts, and contacts. The only issue i am having is seeing emails in my inbox, so i know it is connecting. It just wont sync the inbox for some reason. I got the update to 2.3.6 on the GS2.
I just got my Gnex. It updated to Android 4.04. I try to set up email with my office Exchange account and it fails. The error message says "you don't have permission to sync with this server"
I'm using the same email exchange log in infromation as I have used on my Xoom. No problems there.
I tired using Touchdown and had the same results.
Any ideas?
Thanks
elcap373 said:
I just got my Gnex. It updated to Android 4.04. I try to set up email with my office Exchange account and it fails. The error message says "you don't have permission to sync with this server"
I'm using the same email exchange log in infromation as I have used on my Xoom. No problems there.
I tired using Touchdown and had the same results.
Any ideas?
Thanks
Click to expand...
Click to collapse
sounds like the server itself is rejecting your login.
maybe the company only allows one mobile device with your credentials?
i would remove exchange from your xoom and then try. if it allows you to connect then, there's your answer
I think that is unlikely.. I had a moto dinc syncing fine and upgraded to the nexus.
The dinc and zoom synced fine in parallel.. The dinc is now turned off.
elcap373 said:
I think that is unlikely.. I had a moto dinc syncing fine and upgraded to the nexus.
The dinc and zoom synced fine in parallel.. The dinc is now turned off.
Click to expand...
Click to collapse
that is the only thing I could think of.
It looks like the server is rejecting your login however.
Sent from my Galaxy Nexus
reminds me of an old girlfriend......
There's an option to trigger the security certificates or something - forgot the exact wording, but when I tapped that, I could get into my office Exchange server.
Of course, I like to keep my office things in the office so I quickly disabled the email app.
Ya, there are two dialog boxes:
User secure connection (SSL)
Accept all SSL certificates
My Xoom account shows the first checked. The second not.
Using the same configuration - I get the message that I don't have permission to sync with the server.
When I check the Accept all SSL certificates - I get the same message.
When I go through the setup on my Xoom after completing the inputs - I get the following message:
'This server requires that you allow it to remotely control some security features of your Android device. Do you want to finish setting up this account?'
Is there something about ICS 4.04 running on the Gnex that would pose a problem with this security handshake?
I'm running an ICS 4.04 Cyanogen Mod nightly on my Xoom. I had Gingerbread on my Dinc before I switched to the Gnex. The email exchange sync worked fine on the Dinc.
When I have time I may root and load a custom ROM on it and see if that makes a difference. Although I'd prefer to stay stock for a while - just to get used to the thing.
If anyone has insight into the security issues - I'd appreciate hearing it. A quick Google search of issues relating to Exchange sync shows that there are issues with the Gnex and Exchange handshake. Some people have had to encrypt their phone to get it to work?!?
Certainly this must have been worked out by someone...
Thanks for any suggestions
elcap373 said:
'This server requires that you allow it to remotely control some security features of your Android device. Do you want to finish setting up this account?'
Is there something about ICS 4.04 running on the Gnex that would pose a problem with this security handshake?
Click to expand...
Click to collapse
That's a common message to see depending on the security policies your Exchange Server administrator has established. Among other things, for example, your company probably requires the ability to do a remote wipe of your handset's email should the account be compromised, your device be reported stolen, or you quit or be fired.
Perfectly normal. My company does this as well, and it works beautifully with my Galaxy Nexus...no device encryption needed, and I'm running ICS 4.0.4 IMM76K - one Exchange Server account via the stock email client, and one GMail account via that stock app. All works beautifully.
Jon
sent from my Galaxy Nexus using XDA
Help!
I'm having issues connecting my work emails to my phone. Our IT department says that android phones don't support the necessary policies to gain access. iPhones can connect no problem. And oddly Samsung Galaxy S3 is an enterprise ready phone it also works. Seeing how the Galaxy S3 works. I assume that the Galaxy Nexus also has the capability to work if I port the email.apk from the S3?
I ask because I want native support. (i.e. calendar sync, contacts, etc...) I'm using k-9 for now just for the emails. Let me know if anyone has any ideas. Thank!!!
Can you explain more? Are you unable to reach the server? Are you sure you have the correct server address? Do you have Active Sync enabled for your account on Exchange? I sync with Exchange 2007 with no problems.
The problem is I keep getting incorrect username password errors. And when I consulted with our IT department they explained to me it wasn't because I inputted anything in wrong. It was because there are certain Microsoft Exchange security policies that android doesn't support natively.
Sent from my Galaxy Nexus using Tapatalk 2
I don't think that's correct. What's the policy they are enforcing that Android doesn't support?
What ver. of Exchange are you on?
Exact Issue I am facing too . My pl can connect via his Iphone 4 but not me... Never it gets connected.
deepayanneogi said:
Exact Issue I am facing too . My pl can connect via his Iphone 4 but not me... Never it gets connected.
Click to expand...
Click to collapse
What version of Exchange? What policy isn't supported?
2010 exchange , Cannot connect simply on giving credentials.
I've never had a problem. Enter my domain\username and password and the server URL which is different from what it defaults to and I'm good.
Edit: Looks like it might be non-provisional devices?
Issue 2.1 - Failures to provision and synchronize with Android OS
Exchange ActiveSync policies can cause provisioning and synchronization to fail when the devices are customized. Devices are not provisioned if a policy that exceeds these limitations is applied to the users of these devices. This issue is discussed in comment 9 from the following post on the Google Android forum:
http://code.google.com/p/android/issues/detail?id=9426
Edit: Maybe get them to create a new policy for you. Should only take them a second.
Another alternative would be to use an app like TouchDown, it would also provide the added bonus of seperating your e-mail from your phone. If a pin is enforced, it's enforced in touchdown, not the whole phone. a remote wipe only kills touchdown, not the whole phone.. etc.
It's a bit pricey, but very worth it.
deepayanneogi said:
2010 exchange , Cannot connect simply on giving credentials.
Click to expand...
Click to collapse
I use exchange 2010 no problem, and I just migrated a customer to exchange 2010 with a mixed iPhone/Android environment. If it's an authentication issue there are a couple of things to try:
-In the username make sure the format is DOMAIN\Username. So if your domain is ABC and your username is jsmith - it would be "ABC\jsmith" without the quotes.
-Make sure the servername is correct (i.e.: is the fqdn that can be resolved from 3G or from Wifi internally/externally - a lot of folks don't setup the correct DNS internally and mail.company.com may resolve to their website or something).
-Try checking/unchecking Use SSL, and Accept all SSL certificates. Using SSL is always best and Exchange 2010 requires it by default if I'm not mistaken, but unless you've got a trusted SSL certificate installed on the server you may have a problem...but nothing that can't be overcome by this.
-I'm assuming your user is allowed to use a mobile device since your IT person is troubleshooting.
hey guys,
new member here so can't post in the dev's section...
i am using sep 20 version of nightly CM10 JB, and am trying to set up the Exchange server for outlook web app thru my Email client. In the settings when i select use SSL and hit next, the notification pops up and says "your android devise does not support the security protocol required...". There is also a button to try to load a certificate, but the phone cannot locate the certificate in the SD root folder. Anyone else has this problem? What do i do?
Thanks for all your responses
Try doing a clean flash and wipe all caches. All my exchange accounts use SSL which is required anyway if I'm not mistaken.
That's something new I've never encountered before.
Sent from my SGH-T999 using xda app-developers app
are you running CM10 Jelly bean?
Can you export or save the exchange certificate and then email it or otherwise transfer the file to your phone so you can import it into the local certificate store?
...this is one of the reasons I use Touchdown... it works with the exchange server I run for dev purposes which uses a self signed SSL certificate without complaining too overly much. Touchdown and CM10 get along just fine.
ronin4740 said:
Can you export or save the exchange certificate and then email it or otherwise transfer the file to your phone so you can import it into the local certificate store?
...this is one of the reasons I use Touchdown... it works with the exchange server I run for dev purposes which uses a self signed SSL certificate without complaining too overly much. Touchdown and CM10 get along just fine.
Click to expand...
Click to collapse
i am using Touchdown now. It works fine. But its only trial thats free. and i hate how i have to use multiple apps to check all my email.
If there was an app that could support all accounts (POP and Exchange) it would be awesome
anyone?
mityaz07 said:
i am using Touchdown now. It works fine. But its only trial thats free. and i hate how i have to use multiple apps to check all my email.
If there was an app that could support all accounts (POP and Exchange) it would be awesome
Click to expand...
Click to collapse
I use the builtin client for POP3/IMAP accounts... It will also work with Hotmail accounts. So, I do use two clients but for me it's not the large an issue.