Hello,
Been using Black v1.2 for a few days, was holding out for version 2 before asking for help but this doesn't help me - excellent rom btw.
Our Exchange server is using self signed certificates, which have expired. I have been working on our Tech support to have this renewed but not holding my breath for this to be done anytime soon.
In WM5 there was a registry hack (added a DWORD of value 0 called secure to the partnership key) which forced activesync to ignore the above problem, however this doesnt work in WM6, does anyone have a solution to this?
I did try searching first but could see a solution.
Cheers,
James
Your tech support guys must be useless. Self signed certs, well so do I. But it only takes a couple of mins to re-issue and install.
Try running without SSL. This would work better, anyway.
If all of the certs have expired, they should be getting many problems with people failing to connect on their phones and any Outlook client using HTTP over RPC (now called Outlook Anywhere).
I don't agree
Self signed certs should be ok. Get a CER version and load it to the handheld. Previous versions of WM would take a program called CERTCHK.EXE and bypass the trusted root authority check. You can also install the root cert of your local CA, if you can have your admins deliver that.
Running without SSL transmits your password in the clear. NOT A GOOD IDEA, last I checked.
jeffreycentex said:
Try running without SSL. This would work better, anyway.
If all of the certs have expired, they should be getting many problems with people failing to connect on their phones and any Outlook client using HTTP over RPC (now called Outlook Anywhere).
Click to expand...
Click to collapse
Cheers for the Replies,
I had a go at extracting the root/intermediate certificate using sslchainsaver, and then installing them onto the device but I still get the same problem...
http://blogs.msdn.com/windowsmobile/archive/2006/08/11/sslchainsaver.aspx
Plus our server won’t allow none ssl traffic (a bit cheeky of them having no valid cert ), just looks like am stuck waiting for them to update the certificate...
btw for your information, this was the hack to force WM5 not to check the certificate.
http://winzenz.blogspot.com/2006/03/hacking-your-windows-mobile-50.html
Thanks again
James
I fixed mine the old fashioned way
James,
You may want to try this. Once I loaded Black 2.0, the cert said "expired". I went into WMDC, deleted the previous partnership, logged into Outlook. Connected the device, set up partnership, then let it sync.
It must have installed the cert, because ASync is working perfectly again.
Give that a go and see if it works.
Regards,
Steve
brownjl said:
Cheers for the Replies,
I had a go at extracting the root/intermediate certificate using sslchainsaver, and then installing them onto the device but I still get the same problem...
http://blogs.msdn.com/windowsmobile/archive/2006/08/11/sslchainsaver.aspx
Plus our server won’t allow none ssl traffic (a bit cheeky of them having no valid cert ), just looks like am stuck waiting for them to update the certificate...
btw for your information, this was the hack to force WM5 not to check the certificate.
http://winzenz.blogspot.com/2006/03/hacking-your-windows-mobile-50.html
Thanks again
James
Click to expand...
Click to collapse
silverfox0214 said:
James,
You may want to try this. Once I loaded Black 2.0, the cert said "expired". I went into WMDC, deleted the previous partnership, logged into Outlook. Connected the device, set up partnership, then let it sync.
It must have installed the cert, because ASync is working perfectly again.
Give that a go and see if it works.
Regards,
Steve
Click to expand...
Click to collapse
You Got my hopes up then
I gave that a go, deleted the partnership on the device. This time I used WMDC to set up the partnership, which did state that the Certificate could not be verified but gave me an option to use it anyway. But still the same result - I get erorr 0x80072F17 when trying to sync wirelessly.
Cheers,
James
Problem with Push Outlook eMail on Cingular
I have the same issue on this thread. I deleted all the partnerships and restarted several times but keep getting an error code0x85030027
MS Exchange Server requires a personal certificate to log on ....
Anyone has a fix to this issue ?
Thanks
Zimriman
Cingy Black 2.5
I am currently using WM6 and am trying to get EMail through our Exchange server setup; however, my Dash s620 will not properly save the server's address.
The address for our OWA is (ex) mail.email.com:8888/exchange
and this address works fine in Internet Explorer etc, but when I enter this into the phone it removes the /exchange and only saves up to :8888, which then gives me "Error synchronizing" when trying to connect. Our Exchange server does have Exchange ActiveSync enabled along with Direct Push enabled.
Any ideas?
Thanks in advance
I think that you have to check your ActiveSync settings on Exchange. I know that Microsoft have a lot of KB's about that.
It does the same thing on mine, erases exchange, but mine is cool. Are you sure you are putting in the Domain?
jt76542 said:
It does the same thing on mine, erases exchange, but mine is cool. Are you sure you are putting in the Domain?
Click to expand...
Click to collapse
Yeah I've tried every which way I could think of for the login credentials.
I'll sift through some more MS articles tomorrow afternoon, see if I can't find anything... baffled though, really.
K this is going to be a huge PITA I can tell.
I adjusted the Virtual Directory for the default web site in Exchange System manager to point directly to /exchange, eliminating the need for anything after the :8888. It works fine in IE etc, quickly brings up a login prompt. Using the phone's IE and going to the http://mail.email.com:8888 works fine, prompts a login accordingly...
I configured a coworkers Blackberry to use our OWA and it works fine, but I'm not sure if it uses Push Email (Exchange ActiveSync).
What is it about the Dash that won't mesh? The server is not using SSL so I couldn't see it being a certificate issue (maybe it still is?). Is there anyone around who manages an Exchange Server and could perhaps shed some light on common settings that need to be adjusted for Exchange ActiveSync?
Such a nuisance
ActiveSync on the phone reports "The server could not be reached. Please verify the server name." Support code: 0x80072EE7
It reports back with this no matter how I enter the address (which again, works fine in IE). Devil phone
8888 is definetly not standard for publishing ActiveSync.
the software will connect to either MailServer:80 if the SSL checkbox is cleared or MailServer:443 if the checkbox is checked.
don't think you'll get ActiveSync connect to something else.
Why don't you change your port back to 80?
you are already exposing your server to internet without any form of protection (no SSL so your password can be sniffed over the network) and having port 8888 buys you nothing in terms of security since any port scanner will report the port as opened and eventually get the HTTP banner from the IIS Server.
So, get back to a standard config and you'll love your DASH again.
UM
Hi,
My touch is used for work.
Everytime I do an upgrade that requires a hard reset, I have to wait until our IT person comes to the office once a week to get my emails setup again.
They will not give me the password as it's the exchange server password I guess.
Anyway to do a backup that will keep the setup/password for after I do the update so I don't have to wait until the guy is in the office?
Thanks.
LIP
Hmm. I have an exchange server at my home (I'm an MCSE/MCT). I don't have this problem.
I don't understand why he won't give you the password. That password should be unique to you. Personally, I don't know any of my client's passwords and I don't want to. Any administrator who knows their client's passwords has set themselves up for a legal mess.
Anyways. Are you connecting through a VPN?
Hi,
I don't understand this either to be honest but I'm not an expert with exchange (I know nothing about it to be honest).
He needed my password as well so I'm not sure what other password he is on about.
We use VPN but I don't know how this works with windows mobile devices.
Thanks.
LIP
There is not a server specific password with exchange, unless for some reason he has isolated exchange on it's own AD Structure and manually creates usersnames in that domain for your email. I've seen IT guys do weird things, so I never put anything to chance.
Here is something you can do before an upgrade.
Go into activesync, then menu->configure server.
Write down all the options and configured settings.
And pay close attention to the username\domain field in the second screen. If that is the same as what you sign in with at work, then there is not another password.
The only problem I see you running into if it is the same password you normally use, is maybe he did not use a trusted CA for the server's certificate.
If that is the case, you will get the yellow exclamation error saying there is a problem with the server's certificate.
Easy fix for that, go to the server's address on your laptop/desktop, and save the certificate to a file. Then import it on your phone and you should be good to go.
Now in regards to the VPN... You normally do not see a vpn in use unless they allow you to access the resources on the domain from your phone. (Sharepoint, and exch2007 shared folder access for example)
If they are, you would have some additional vpn software installed or are using the built in vpn configuration.
That would be under Start->Settings->Connections. Under "My Work Network" tap "Manage existing connections". At the bottom, tap VPN.
If you see something in here you are using a vpn. If you don't, you probably are not, unless you see some vpn client installed in your programs.
Hope this gives you enough info to give it a try yourself after the next upgrade.
Good luck, and best wishes.
Is anyone else having trouble with configuring the Exchange Server e-mail to work on the Tilt 2 Phone? I know that I've entered the right settings for the server name, domain, etc. Unfortunately, though, I keep getting an error message saying "error synchronizing." When configuring via Active Sync, the specific support code that I'm getting is 0x80072EE7. I've tried everything else that I know how to do. Is there anything that I'm missing? Has anyone else had this problem and figured it out? Thanks for the help.
The only thing that I can suggest is to check the user name that you are entering. In mine it asks for the user name but it really wants the whole email address again. Good luck, I hope that helps.
Exchange Server Problems...
thedon0369 said:
The only thing that I can suggest is to check the user name that you are entering. In mine it asks for the user name but it really wants the whole email address again. Good luck, I hope that helps.
Click to expand...
Click to collapse
Thanks a lot for the reply. I did go ahead and try as you suggested. Unfortunately, it doesn't seem to be working. I tried several variations of what you suggested, but still nothing worked... frustrating!
Exchange Server Problems
AT&T is saying that I need to pay for a different data plan - more money, of course - for me to be able to access the Exchange Server. I guess the 40 dollars that I pay each month for data and text messaging isn't enough. They said that I'd need to pay them another 15 dollars, or so, a month for me to access Exchange Server e-mail. I guess it's different from accessing regular POP3 or IMAP e-mail. Does this sound right? Would I need to pay additional money, beyond the full data package that I already pay for, in order to access Exchange e-mail? There has to be another way, right?
No other way around it that I know of. You need an Enterprise data plan to hit an Exchange Server. The extra charge is probably due to the extra data useage of being constantly connected to the Exchange Server. I'm not saying the extra charge is justified. An unlimited data plan should be unlimited. But we all know AT&T has a different definition of "unlimited". It's just the way the great Death Star operates.
PiSigma said:
No other way around it that I know of. You need an Enterprise data plan to hit an Exchange Server. The extra charge is probably due to the extra data useage of being constantly connected to the Exchange Server. I'm not saying the extra charge is justified. An unlimited data plan should be unlimited. But we all know AT&T has a different definition of "unlimited". It's just the way the great Death Star operates.
Click to expand...
Click to collapse
That's what I feared... Thanks for your time and assistance with this. I appreciate it. (I won't be paying them anymore money, though! I'll just have to deal with it...)
Weird...both my wife and I have the $30/month data plan and it lets us download from Exchange.
Try configuring the server via the Activesync. My company's email address and username (login name for your corporate network) are not the same and I don't think it prompts you during initial setup. If your company has a similar infrastructure as mine, be sure to enter your email address where it asks for that, and your network login username (not your email address) when it asks for the login credentials.
Edit: A quick Bing search came up with this: http://www.experts-exchange.com/Software/Server_Software/Email_Servers/Exchange/Q_22027911.html
Scroll all the way to the bottom of the page to see what the resolution is for that exact error code. Basically, it boils down to your SSL/encryption settings on your phone not matching what's required by Exchange. It has nothing to do with sending AT&T more money.
e_dogg said:
Scroll all the way to the bottom of the page to see what the resolution is for that exact error code. Basically, it boils down to your SSL/encryption settings on your phone not matching what's required by Exchange. It has nothing to do with sending AT&T more money.
Click to expand...
Click to collapse
I'm also getting Exchange mail on the $30 a month data plan.
That's a good suggestion on the SSL settings--try either checking or unchecking that box during the setup.
One thing to try is hook up your phone to WiFi to see if that stops the error, then you know its AT&T thats stopping your Exchange from working. Otherwise you know its another error.
DD7374 said:
AT&T is saying that I need to pay for a different data plan - more money, of course - for me to be able to access the Exchange Server. I guess the 40 dollars that I pay each month for data and text messaging isn't enough. They said that I'd need to pay them another 15 dollars, or so, a month for me to access Exchange Server e-mail. I guess it's different from accessing regular POP3 or IMAP e-mail. Does this sound right? Would I need to pay additional money, beyond the full data package that I already pay for, in order to access Exchange e-mail? There has to be another way, right?
Click to expand...
Click to collapse
Exchange Server ActiveSync operates 100% over HTTP over SSL. If you can go to websites that are prefixed with "https://" then you can access Exchange Server ActiveSync provided you are configured correctly.
The first thing that I would suggest doing, is verifying that the web services for the Exchange you're trying to connect to are properly configured, by visiting the following URL:
https://[DNS host of your Exchange]/Microsoft-Server-ActiveSync/
If you're prompted to enter credentials, enter them:
[DOMAIN]\[username]
[password]
And see if you get an HTTP 501. If you do get this HTTP Status Code, it means that Exchange Server ActiveSync is properly configured on the Exchange end. If you do not get this status code, or do not get prompted for credentials, it means that either the Exchange server is not [properly] configured for Exchange Server ActiveSync, or that, that service is not properly published to the internet.
If you are warned about an untrusted certificate, this could be your problem. You will need to obtain a copy of the root certification authority which signed the SSL certificate for the Exchange, and install it on your phone.
Then, try going to this address on your phone. You should experience the same behaviour. This means that either:
A. You are setting up your phone wrong.
B. Your e-mail account has been blocked from using ActiveSync by an Exchange administrator.
If you cannot go to this address on your phone, try going to another site that is HTTPS, and see if that succeeds.
I just got exchange working for myself, after coming up against what felt like a brick wall, and smacking my head against it for a few days.
First things first, check if your server is set up for it. go to https://youremailserver/oma and see what you get. You should get prompted for your username/password, then (maybe) get a warning about an unsupported device, then get a super-pared-down screen with links to inbox etc...
As a side note, this should also work from your phone's web browser (that's what that site was made for), though you'll be zooming in after every click.
If you don't get all that, or get an error message, then contact your administrator, 'cause it's not set up.
If you are the administrator, or your administrator wants to set it up but doesn't know how, let me know (by PM, I'll probably forget to look here later) and I'll send you the steps. It's server config stuff and you'd need admin privileges on the exchange server. The default settings in Exchange Server simply don't allow for OMA.
Just a follow up to my earlier post - I spoke with three different AT&T CS reps today, including one from the Wireless Data Group, and they all told me you would be violating your ToS if you access an Exchange Server with a PDA Personal plan. So, while this may not be the technical cause of your problems, it could be an issue if you get caught. Sort of like those of us who tether without a tethering plan.
Just FYI......
kay7 said:
I just got exchange working for myself, after coming up against what felt like a brick wall, and smacking my head against it for a few days.
First things first, check if your server is set up for it. go to https://youremailserver/oma and see what you get. You should get prompted for your username/password, then (maybe) get a warning about an unsupported device, then get a super-pared-down screen with links to inbox etc...
As a side note, this should also work from your phone's web browser (that's what that site was made for), though you'll be zooming in after every click.
If you don't get all that, or get an error message, then contact your administrator, 'cause it's not set up.
If you are the administrator, or your administrator wants to set it up but doesn't know how, let me know (by PM, I'll probably forget to look here later) and I'll send you the steps. It's server config stuff and you'd need admin privileges on the exchange server. The default settings in Exchange Server simply don't allow for OMA.
Click to expand...
Click to collapse
I don't know what version of Exchange you're thinking of, but I'm running Exchange Server 2007, and "OMA" is not a virtual directory on my CAS.
PiSigma said:
Just a follow up to my earlier post - I spoke with three different AT&T CS reps today, including one from the Wireless Data Group, and they all told me you would be violating your ToS if you access an Exchange Server with a PDA Personal plan. So, while this may not be the technical cause of your problems, it could be an issue if you get caught. Sort of like those of us who tether without a tethering plan.
Just FYI......
Click to expand...
Click to collapse
How are they going to catch you? Crack open that SSL tunnel and examine your traffic?
I think they have better things to do.
Just thought I'd mention that I've gotten my Exchange Server to work. Thank you to everyone who's given suggestions to me in order to resolve my problem. It's nice to know that everyone here is so helpful. Thanks again.
PiSigma said:
Just a follow up to my earlier post - I spoke with three different AT&T CS reps today, including one from the Wireless Data Group, and they all told me you would be violating your ToS if you access an Exchange Server with a PDA Personal plan. So, while this may not be the technical cause of your problems, it could be an issue if you get caught. Sort of like those of us who tether without a tethering plan.
Just FYI......
Click to expand...
Click to collapse
Thanks for the tips... I appreciate all your time.
kay7 said:
I just got exchange working for myself, after coming up against what felt like a brick wall, and smacking my head against it for a few days.
First things first, check if your server is set up for it. go to https://youremailserver/oma and see what you get. You should get prompted for your username/password, then (maybe) get a warning about an unsupported device, then get a super-pared-down screen with links to inbox etc...
As a side note, this should also work from your phone's web browser (that's what that site was made for), though you'll be zooming in after every click.
If you don't get all that, or get an error message, then contact your administrator, 'cause it's not set up.
If you are the administrator, or your administrator wants to set it up but doesn't know how, let me know (by PM, I'll probably forget to look here later) and I'll send you the steps. It's server config stuff and you'd need admin privileges on the exchange server. The default settings in Exchange Server simply don't allow for OMA.
Click to expand...
Click to collapse
I got it! Thanks for your help.
Spike15 said:
Exchange Server ActiveSync operates 100% over HTTP over SSL. If you can go to websites that are prefixed with "https://" then you can access Exchange Server ActiveSync provided you are configured correctly.
The first thing that I would suggest doing, is verifying that the web services for the Exchange you're trying to connect to are properly configured, by visiting the following URL:
https://[DNS host of your Exchange]/Microsoft-Server-ActiveSync/
If you're prompted to enter credentials, enter them:
[DOMAIN]\[username]
[password]
And see if you get an HTTP 501. If you do get this HTTP Status Code, it means that Exchange Server ActiveSync is properly configured on the Exchange end. If you do not get this status code, or do not get prompted for credentials, it means that either the Exchange server is not [properly] configured for Exchange Server ActiveSync, or that, that service is not properly published to the internet.
If you are warned about an untrusted certificate, this could be your problem. You will need to obtain a copy of the root certification authority which signed the SSL certificate for the Exchange, and install it on your phone.
Then, try going to this address on your phone. You should experience the same behaviour. This means that either:
A. You are setting up your phone wrong.
B. Your e-mail account has been blocked from using ActiveSync by an Exchange administrator.
If you cannot go to this address on your phone, try going to another site that is HTTPS, and see if that succeeds.
Click to expand...
Click to collapse
I got it! Thanks for your help.
kay7 said:
I just got exchange working for myself, after coming up against what felt like a brick wall, and smacking my head against it for a few days.
First things first, check if your server is set up for it. go to https://youremailserver/oma and see what you get. You should get prompted for your username/password, then (maybe) get a warning about an unsupported device, then get a super-pared-down screen with links to inbox etc...
As a side note, this should also work from your phone's web browser (that's what that site was made for), though you'll be zooming in after every click.
If you don't get all that, or get an error message, then contact your administrator, 'cause it's not set up.
If you are the administrator, or your administrator wants to set it up but doesn't know how, let me know (by PM, I'll probably forget to look here later) and I'll send you the steps. It's server config stuff and you'd need admin privileges on the exchange server. The default settings in Exchange Server simply don't allow for OMA.
Click to expand...
Click to collapse
if you could send it to me that would be great, i'll pm you
Hi,
I had a similar problem with my TP2. Its unbranded and connected to T-Mobile UK. The phone woould not load any https sites, because the t-mobile connection settings has the 'Use proxy server' option checked. As soon as i unchecked that it sync'd to exchange perfectly.
not sure f that option is checked on yours.
Ian..
Hi all,
A strange thing it's happening to me. I just switch few day ago from android to wp7 and i cannot connect to my corporate exchange server.
With android i stay connected with no problem, but wp7 give me a lot of problems.
In a first moment, inserting all the right data in account and sync, an error advise me that the certificate is not valid... strange couse android neverask me a certificate. Anyway the IT office give me an autosign certificate that iend to my personal account on wp7 and install it. Now the error is change and i cannot sync to exchange with error code 80072F06 "Not updated... certificate problem.."
That's sound strange... in android the only message i had the first time i created the account that alert me that the remote server request to menage some information of the device.... continue or cancel. Obviously i continue, and all works great. Now in wp7 nothings works!!!
Creating the account in android i noticed i fields i selected to accept all SSL certificate. In wp7 i cannot find nothing similar.
Read on various blog i see that a problem is in exchange server configuration, not in wp7.... but however in android i had no problem.
So i ask you if exist some tweak registry key on wp7 i can manage to let accept automatically SSL certificate.
Sorry for my english.
Thank you.
Inviato dal mio EPAD usando Tapatalk
i have a similar problem too... i'm just migrating from galaxy s to focus
never had a problem with my office exchange using android
most likely a self signed certificate that has not been configured correctly, also try to get your admin to export the root cert for you not the one issued through OWA, but the one on the server.
I had the same problem. You have to install ALL certificates, including root and intermediate certificates. A good way is to mail to your windows live address and double click on the certificates.
Then everything will work without a flaw.
I dont know, why this works in Android and Iphone without installing those root certificates.
Frank
Just as a sidenote: you will have to restart your device before the certificates actually work.
ok. I'll try to install all kind of certificate the IT office can give me.
i don't now if the problem can be that the certificate has the address exchange.mybusiness.com while the external server i must set on WP7 is mail.mybusiness.com...
However on Monday i can do other try, first to launch the phone in the wall...
EDIT:
6 months have passed ...
Nothing more?
A few tweaks that will allow windows phone to accept all connections?