vB Easy Archive - The Quintessential Guide to Exchange and Windows Mobile Connectivity

Pages: 1 2 3

The Quintessential Guide to Exchange and Windows Mobile Connectivity
(Click here to view the original thread with full colors/images)

Posted by: autigers20

check your phone date

Posted by: roffer

Is there a third party app or a quick fix/tweak for getting automatic realtime alerts on Windows Mobile 5 when a message arrives in an Inbox subfolder (using MSFP, Activesync 4.1 and Exchange 2003 SP2)!?

Trying to get rid of the remaining Blackberrys left in the office, but this issue is a point of pain for our current BB users.

Help!

Posted by: whtrbt7

So far there is no 3rd party developed WM5 inbox subfolder notification system. I've been on the lookout for the application for about 2 years now. This issue will most likely be fixed in Photon however since MS knows about the issue.

Posted by: nyvram

I am getting the frustrating generic exchange error as well. Here are the specifics:

- Our IT folks tell me mobile access is ON and we're definitely running Exchange 2003 sp2.

- We use a pretty locked-down Checkpoint firewall and I've read here & there about certain ports we need open (AED Port 3324?) but so far I haven't been able to put together a cohesive argument for our IT to open any new ports. IOW, if a special port needs to be opened, I would have to have them add it explicitly.

- I am using an MDA with new ROM (directpush enabled) version 5.1.195 (Build 14847.2.0.0)

- I have d/l & installed the cert on my phone (VeriSign/RSA Secure Server CA)

- On my PC if I go to 'https://mail.domain.com/oma' I get an error (A System error has occurred while processing your request. Please try again. If the problem persists, contact your administrator.)

- On my phone I can browse to 'https://mail.domain.com/exchange' in PIE and see my mail messages without any difficulty

- If I attempt to activesync to exchange server via bluetooth while on our network, I got the following error code: 85002003.

- Our IT guys are very busy and so far aren't willing to try look through server logs to see what error is showing up on their end.

Any diagnosis based on the symptoms above? I have read through this entire thread..but realize most of the 'pre-push' info may not be appropriate to my situation. I can't help but think its something easy (maybe I'm just hoping).

Thanks and let me know if there's any other info I can provide.

Posted by: nyvram

One more piece of information; our IT department just told me they don't have a 'front end' server that talks to the 'back end' server for Exchange; its all on one integrated box.

Having said that, he rattled off something to me about requiring SSL which is why people have to type in 'https://mail.domain.com/exchange' instead of having to simply type in 'http://mail.domain.com'..and have it redirect to 'https://mail.domain.com/exchange' automatically.

Not sure what all that means, but he implied it might have something to do with why a server error is generated when attempting to to directly to 'https://mail.domain.com/oma'.

I'm not sure if this info is helpful or not..just thought I'd add it.

Posted by: nyvram

SOLVED!

Let me see if I can describe quickly the resolution. According to the IT person, he had to create a new virtual directory without SSL enabled in order for OMA email access. This then allows access to the email on the server without the full SSL connection being required.

It was pretty funny; I was in a meeting and my calendar reminder went off. I looked down to dismiss it and saw I had 5 new messages(!). I went to open my MMS directory and realized those were OUTLOOK messages...not MMS. Very cool stuff.

Now..does anyone have a quick solution for me to get rid of all the duplicated calendar entries on my phone? I had been syncing the calendar to my desktop and now that I'm hooked up to exchange...I have duplicates of 113 entries! Argh!

Posted by: tmosda

Guys, I'm going crazy over setting my ActiveSync with my corporate exchange server.

I'm getting the most famous 0x80072f0d

Here's what I did

Went to OWA website and exported the certificate from IE.
Copied the certificate to my SDA and installed it.
Cleared the server connection.
Rebooted and setup the connection again.

Still the same error.

The certificate installed on my PC says windows does not have enough information to verify this certificate

Does it mean the certificate is not acceptable by AS?

What am I doing wrong

Posted by: whtrbt7

Duplicates will need to be removed manually. I normally suggest a clean exchange activesync and just stick with Exchange activesync to avoid issues.

Regarding the certificate error, you downloaded a corrupt certificate. Try reinstalling the certificate after a clean download.

Posted by: drunkentiger56

idk where this belongs but how do i connect my kjam to the internet through wifi?

Posted by: Eagle117

We use this software to remove duplicate contacts and calendar entries when our PDAs go crazy.

http://www.mapilab.com/outlook/remove_duplicates/

Posted by: nyvram

Holy cow! $24!! I'll stick with the manual deletions...since they only occurred for the short period where I was shifting from PC-sync to Exchange sync.

Unless my office wants to buy it for me..nice tool though.

Posted by: finster869

I have several related questions dealing with the heartbeat interval and battery life.

When using direct push, what are the optimal numbers for the various heartbeat settings on exchange server and the device in order to preserve battery life?

Does increasing the time between pings increase battery life?

If so, if we change various heartbeat registry settings on the device from 480 to 1560 (keeping max at 1680), will that lengthen the time between pings thereby increasing battery life?

Does the device control the time between pings or exchange server?

Thanks.

Posted by: Eagle117

Holy Cow! You have to pay for software that saves you time!

We have issues quite often with WM2003 devices and them just loosing sync with their desktop and duplicating every contact and calendar entry so it paid for itself in no time. Especially when you have 3000 contacts to begin with.

We haven't had this problem while syncing directly with Exchange yet....

Posted by: whtrbt7

EAS should be really stable especially compared with the AS4.x to PC syncs. Software to remove duplicates sometimes have false positives which suck so I try not to use them too often. Now, I don't use it at all since everyone I support uses EAS anyways. It's just so much easier and simple. I hate the whole, connect your mobile to PC to sync anyways.

Regarding heartbeat intervals and battery life, the less often you ping, the longer the battery life. This is just common sense. The battery life you save is however nominal so if you wanted to have a faster heartbeat, you're not going to be penalized heavily for it in terms of battery life. The Exchange server is also responsible for the heartbeat signature, not the device.

Posted by: gblinckmann

Quote:

Originally Posted by whtrbt7

Regarding heartbeat intervals and battery life, the less often you ping, the longer the battery life. This is just common sense. The battery life you save is however nominal so if you wanted to have a faster heartbeat, you're not going to be penalized heavily for it in terms of battery life. The Exchange server is also responsible for the heartbeat signature, not the device.

I was thinking that I was going to be saving battery life with AUTD2 (push email) over the 10-minute scheduled syncs. Given that I have a 30 minute ping time, this seemed reasonable. I'm only getting about 6 hours of battery life during weekdays if I don't make any phone calls.

A Blackberry on my mailbox shows a virtually full battery at the end of the day.

Is AUTD2 really this bad for batteries, or am I missing something? I can't see anything being a "Blackberry killer" that doesn't even last one day on a charge, or is only usable by people who don't get a lot of email....

I'm using a Treo 700W on Verizon.

Posted by: whtrbt7

First I should say that CDMA and GSM devices are different. Direct Push from MS is designed to save battery life and get your messages quickly. PPCPEs however have pretty short battery life on the whole. The PPCPEs used to have about 2-4 hours of useful battery life including calls on GSM but now it is extended to nearly 8 hours. CDMA however uses much more power and with an EVDO connection, the battery can get zapped in nearly 4 hours if you include calls. So the question turns to why Blackberries can last for nearly a week. The answer is simple. Blackberry software can't do much and doesn't need as much processing power in order to process e-mails. You also can't edit attachments on Blackberries like you can on a PPCPE. In terms of office functionality, the PPCPE is going to own the Blackberry in terms of getting useful work done while you are away from the office. So while you may enjoy having the higher data speeds of CDMA/EVDO, you are sapping battery life by using that type of network. I would suggest getting a larger battery.

Posted by: TEXMudder

I can not get Direct Push working. I have a ROM upgraded 8125 that has direct push on it. I enabled verbose logging and get this in the log:

=-=-=-= Server Response =-=-=-
HTTP/1.1 401 Unauthorized
Date: Tue, 09 May 2006 18:47:07 GMT
Server: Apache/1.3.12 (Unix) mod_ssl/2.6.6 OpenSSL/0.9.5a MAG/6.3.1.8.0
Content-Length: 83
Content-Type: text/html
WWW-Authenticate: Basic realm="mail.company.com"
X-Powered-By: ASP.NET
Via: 1.1 alpmagr1fe13-dmz.mycingular.net
Warning: 214 MSP-PROXY TransformationApplied

Other people in my company are using DirectPush with the Treo 700w so I know it works. Any thoughts as to why this would not work with Cingular? I find it odd that there is a mention of Apache in the verbose logs, but I assume this is some sort of proxy that all cingular data is going through.

Posted by: TEXMudder

BTW, the support code I get is 80830003

Posted by: whtrbt7

@TEXMudder
On the Exchange server, launch Internet Services Manager. Right click on the Microsoft-Server-ActiveSync virtual directory and choose Properties. Select the Directory Security tab. Click the Edit button in the Secure Communications section and select the option to “Ignore client certificates.”

Posted by: ndamico

has anyone had a problem where tasks, calendar, and emails will sync but not be viewable on the device? for example i can see the activesync progress (email 0/5 for example) and will see it finish but it won't show any new emails on the device. if i have oulook open on hte local pc which is connected via exchange server service, then everything will work ok?

Posted by: gblinckmann

Quote:

Originally Posted by gblinckmann

I found what was causing the horrible battery drain! I hope this helps someone else.

I'm used to using Blackberry devices. They don't do exactly what Windows Mobile devices do. I had been keeping my Treo on and in AUTD2 mode all day when using Outlook most of the day. Every email that I responded to, every delete, every update on every calendar entry and reminder all kicked off syncs. They were happening about once a minute! I'm on a 1xRTT network out here, not EV-DO, so even with this the battery would die.

A simple solution here is a charging cradle. On a 1xRTT network, I don't get phone calls when syncing, either. So all these syncs cause my phone calls to go to voicemail. The cradle will keep syncing over the network when I'm in the office. Out of the office, battery life isn't a problem. If I'm not in Outlook managing my email, I just get syncs when new mail comes in. I can easily get 24 hours on a battery when travelling.

Posted by: TEXMudder

Quote:

Originally Posted by whtrbt7

@TEXMudder
On the Exchange server, launch Internet Services Manager. Right click on the Microsoft-Server-ActiveSync virtual directory and choose Properties. Select the Directory Security tab. Click the Edit button in the Secure Communications section and select the option to “Ignore client certificates.”

This option was already checked. On that screen that is the only thing checked.

Posted by: TEXMudder

As a test I enabled SSL and made sure the ignore option was checked and now the activesync verbose logs have no errors, but activesync shows error 80072F0D

Posted by: TEXMudder

Found out from digging through the 15 pages of this post that I needed to import our root cert. Did so and I am up and running.

Posted by: TEXMudder

How does DirectPush work with personal folders. Right now I have my email set up to go to my personsal folders and not be left on the Exchange server. It seems to be working sporadically. I was thinking maybe the messages are being pulled off the server too fast for the direct push to take place. Any thoughts? Am I forced to leave them on the server?

Posted by: whtrbt7

@TEXMudder
Glad to hear you found the answer from this thread. At least you are getting free info that is reliable. I'll be spearheading the next server/mobile device revolution in the next 5-10 years so you better be ready for these forums to become obsolete =).

Regarding Personal Folders, do you mean a separate PST file? The structure you should be using is to retain all current information on the Exchange server and then archiving to PST files backed up locally and on the Windows server. Stupid non-SQL compliant Exchange is not capable of retaining large amounts of information effectively. Direct Push requires several steps right now since Exchange and Windows Server is not efficient enough. This translates into a delay of 10-15 seconds IRL.

Posted by: TEXMudder

Bummer on leaving the mail on the server. Just not my style. I guess I'll try it and see how it goes.

Posted by: galupo

I've left my 6700 syncing for a bit and it still has made no porgress i disabled ssl

Posted by: cordth

Hello,

We are using MS to create certificates. We have been able to access the registry and make changes tha have been noted in other web-sites....
HKLM\Security\Policies\Policies\00001001 = 2 => 1 (RAPI)
HKLM\Security\Policies\Policies\00001005 = 16 => 40 (Cert)
HKLM\Security\Policies\Policies\00001017 = 128 => 144 (?).

Afterwards, we have used a couple of apps to help us install non-certifed certs. We have been unsuccessful. Any/all help would be great

Cordt

Posted by: snoopybah

Hi, I have read through most of this thread and many others to try to figure out synching my 6700 to our business Exchange server. I have installed the cert for the path used for Exchange and verified that it is the correct cert based on a post you gave around March, 06 explaining how to tell from OWA using the "click the lock" method. Anyway, I think I may know the problem but need help getting around it.

My exchange server is accessed with https://machinename.domain.com/exchange

If I simply type https://machinename.domain.com I go to our company's Sharepoint site. In activesynch I can not add the exchange suffix because it simply wipes it out when I save.

When I try to synch I get a "this certificate isn't valid" error. However, since we don't require SSL I tried it by unchecking the SSL option in activesynch and get the message "the server you are synchronizing with is not an Exchange server, or is running incompatible software "

This lead me to realize that Sharepoint is the site located at machinename.domain.com and not exchange. Is this a problem or can you give me other ideas to try?

Posted by: whtrbt7

You have the wrong FQDN that is being masked through Windows Server. What you have access to right now is the OWA portal which is why you are not accessing the Exchange server correctly. Ask your network admin about the FQDN of the Exchange server. The other option is to get the IP address of the Exchange server but if it doesn't have one, then the FQDN is going to be the only way. You don't need the OWA portal, just the FQDN of the main front-end Exchange server.

Posted by: jepjep13

Hello,

This is probably not the right place to post this but the rabbit has helped so much. I am on exchange through 1and1 and I need to send an auto reply to every email that comes in, on exchange it will only let one reply go out to each person and I can't figure any way around it. Can you provide any assistance?

Thank you,
James

Posted by: galupo

im getting a 80072F06 my friend and i have an exchange box up with self cert ssl is there any way to remove teh old one and install a new one or is there a way i can chagne the common name on the cert and if so what should the common name be if not the name of the computer?

Posted by: whtrbt7

@jepjep13
Auto reply??? Why not just use the vacation message?

@galupo
You just delete the old cert and install a new cert that matches the domain name.

Posted by: jepjep13

yes, using the "Out of Office Assistant" will only send one response to each person rather than once to each piece of mail, regardless if you get 10 emails from one person it will only send the reply message once.

Thank you,

James

Posted by: ScottW

I'm also getting the 0x85010014 trying to sync with or without SSL. I've tried the suggested fixes without success.

The mobile device is an MDA Vario (HTC Wizard) WM 5.0
The server is running SBE Server 2003 / Exchange 2003 SP2 / IIS 6.0 / ISA 2000 FP1 (OMA and OWA are both working fine)

I have a home-brew certificate on the server specifying the FQDN and a copy of this has successfully installed on the device.

I have disabled FBA on the Virtual Exchange server.

SSL is set to "not required" on the following: Exchange, Exchange-OMA, Exch-Web, Microsoft-Server-Activesync & OMA.

I have created a virtual directory for exchange (exchange-oma) and configured the registry to point to it.

Any suggestions would be much appreciated - I have a team of reps without email (we've just moved away from Blackberries) waiting for me to fix this.

Posted by: telus_guy

Me and a colleague at work both have WM2003 SE devices and our exchange server is 2003 SP2.

1. What will we miss out on by not having WM 5?
2. Will we not be able to take advantage of the 'push' capability in SP2?
3. If we cannot take advantage of the 'push' feature, will our emails have to be pulled down on a schedule rather then receiving them immediately?
4. Will we still benefit from the compression in SP 2 even though we aren't using the 'push' feature?

TG

Posted by: cordth

ScottW,

I was where you were and struggeled for almost 2 weeks (Sprint's trial period). My thoughts are that with WM5 and Sprint, the security is very tight. With that in mind, I even tried to bring my own home brew cert on the device.....it was a no go.

I finally went to Comodo and requested specifically a cert that would work with WM5.... It took going 3-4 rounds with them to finally get the correct one ( I had to IM with support and was told my "original" cert was the wrong type -- request a new one..... blah, blah, blah). Once I got the correct cert, everything worked like a charm.

On a closing note, I would go to Comodo's support IM and see if you can get away with the cheapest cert or which one will meet thw WM5 requirement. Let me know how it goes for you

Cordth

Posted by: cordth

Everyone,

We use Sprint for our connectivity. I tried almost everything on these pages.... except for buying a cert that will connect with mobile devices. It took a couple of rounds with Comodo to getting a cert. Once it was installed properly with the root cert also installed on the server... things work beautifully now.

Posted by: Eagle117

Quote:

Originally Posted by telus_guy

Me and a colleague at work both have WM2003 SE devices and our exchange server is 2003 SP2.

1. What will we miss out on by not having WM 5?
2. Will we not be able to take advantage of the 'push' capability in SP2?
3. If we cannot take advantage of the 'push' feature, will our emails have to be pulled down on a schedule rather then receiving them immediately?
4. Will we still benefit from the compression in SP 2 even though we aren't using the 'push' feature?

TG

You will be able to use a type of "push" capability, but it will have to send an SMS message to your phone to tell it to sync. So if you get a lot of new messages, calendar entries, or contacts, then you will use a lot of text messaging. You could incur some pretty amazing charges like this. You can still sync directly to the Exchange server, I recommend syncing on a schedule though, like every 15 minutes or so.

Posted by: telus_guy

Quote:

Originally Posted by Eagle117

So what your saying is I have two choices, I can use a type of 'push' that involves SMS messages or I can simply choose to do a scheduled sync which does not involve any SMS messaging.

Thanks

Posted by: tmosda

Could someone help me resolve this error

Do I need a Root certificate from my exchange server? My helpdesk is telling me that the certificate exported from IE is the root cert.. Which I disagree but I couldn't find any article/reference to exporting root certificate from exchange server...

I'd really apprericate any help/links..
Once I get this working I'll create a step-by-step tutorial and post here.

Quote:

Originally Posted by tmosda

Guys, I'm going crazy over setting my ActiveSync with my corporate exchange server.

I'm getting the most famous 0x80072f0d

Here's what I did

Went to OWA website and exported the certificate from IE.
Copied the certificate to my SDA and installed it.
Cleared the server connection.
Rebooted and setup the connection again.

Still the same error.

The certificate installed on my PC says windows does not have enough information to verify this certificate

Does it mean the certificate is not acceptable by AS?

What am I doing wrong

Posted by: whtrbt7

@jepjep13
I would suggest creating a temporary server rule to auto-reply to all incoming e-mail messages.

@Scottw
Redo the virtual directory and make sure permissions are set correctly.

@telus_guy
1. You will be missing direct push which is an HTTP push method compared to AUTD which is an SMS push method.
2. You will have AUTD instead of DirectPush
3. You can use either AUTD which can sometimes be flakey and expensive or you can use a scheduled sync.
4. Compression is active on all e-mails, contacts, and calendar since the database is compressed before transfer.

Posted by: MorningZ

Quote:

Originally Posted by whtrbt7

So far there is no 3rd party developed WM5 inbox subfolder notification system. I've been on the lookout for the application for about 2 years now. This issue will most likely be fixed in Photon however since MS knows about the issue.

Are there any alternative options to getting this working?

Like for instance, it seems from reading this topic that if I have a server-side rule setup for an email to go into a subfolder, then my phone will sync and receive the email header but *won't* notify me of a new message

So is switching off server-side rules and maybe having my office computer run rules on the client side the solution? that way all my email goes into the root inbox (meaning my phone can sync AND notify me) but will "filter" when i open up Outlook on my work desktop

Posted by: whtrbt7

It is possible to run rules on a client PC to sort and file mails when you open outlook. You do need to be careful however of people opening up your Outlook in the office/home and having the autosort go through. This however is only a workaround. I would suggest having e-mails copied to their respective folders while allowing everything to arrive in the inbox for notification purposes. If you're wondering about PC-only rules, just set your Outlook to sort mails "on this machine only". Pretty simple.

Posted by: MorningZ

Actually.. no one would log in as me here on my desktop except, well, me :-)

I just added "Play a Sound" to the rules, which turned it into client-side, driving the folders i want sent to my phone, and if Outlook is closed, which is usually the case as OE is a resource pig... all rules that i don't want to goto the 8125 are still server-side and keep that stuff off over the air syncing :-)

It's working out great....

Posted by: korval

I am having issues syncing up my Motorola Q to my exchange server.

The error I get is 0x85010004. SSL is not required on any of the VD's, so I am not using a certificate. Do I have to be? I've setup Treo700W's without SSL and a certificate on exchange activesync. I would try to install the SSL certificate but I do not know how on a smartphone, everything I've read says I won't have "permissions" on my device to install certificate.

I know whtrbt7 you said to check for permissions, but I've looked through all the relevant VD and I can't seem to find anywhere denying me access.

The strange thing is I tried to hookup my Motorola Q to a DIFFERENT exchange server that I know works (I've hooked up Pocket PC devices to it) and I get the same error on my Q.

Does Windows Smartphone handle things differently than PocketPC? I've been trying for hours to get this damn thing to work.

Posted by: telus_guy

It can be difficult and problematic to get WM devices to work with active sync and exchange, I know I had a rough time getting my bosses MDA to work. I would reccomend that you only consider using active sync with SSL, otherwise your email traffic will be travelling over the cell networks unencrypted and therefore unprotected. Microsoft has a list of certificate authoroties they reccomend so you can look at buying a certificate from them and then installing it on your exchange 2003 server. Once that is done its pretty simple to get it working. I dont have any experience with windows smartphones on the other hand.

You may want to check out this article that talks about exchange 2003 and the way in which mobile devices can connect, I don't know if it specifically talks about windows smartphones, but check it out anyway.

http://www.msexchange.org/tutorials...technology.html

TG

Posted by: korval

no when I try to sync is says "please correct your exchange server password", even though the login info is 100% correct

Posted by: telus_guy

Its possible you may have to use domainname/username for the username.

You also have to make sure you have the internal domain name correct.

Lets say your internal domain name is company.local then you have to put company.local in the domain information on your device, not just companyname.

TG

Posted by: korval

I tried domain.local, the error is:

please correct your exchange server password.
Domain\user name:
mydomain\myusername

It already has the username in the domain\user format in the error message.

Posted by: telus_guy

Then try just username without the domain.

NG

Posted by: korval

i can't configure it without a domain

Posted by: telus_guy

I mean the domain/username, just use a username.

TG

Posted by: korval

i've tried that many times

Posted by: seanj

I apologize if this has already been answered. Is there anyway I can get emails sent to my smartphone immediately after they arrive at the exchange server?

Posted by: whtrbt7

@Korval
Double check your virtual directory to see if SSL is required or one of the root directories are configured to use SSL. If you are, certs need to be installed on the device. It's also possible that the Exchange server structure isn't allowing communications to the server. Did you get this to work with any other device?

@seanj
You should be able to get DirectPush to work on the new WM5.x which will give you the e-mails as quickly as your network speed will allow.

Posted by: risenshine85

this question has to do with activesync, I am trying to use activesync with e61, at first it worked just fine, and all of a sudden, the email doesnt sync anymore

the device just says "connecting' and nothing happens. I checked the device logs and it gives http error: request timeout...

wud anybody be able to guess what could be the reason, server admin has rebooted the server, all disabled and activated activesync again....

Posted by: telus_guy

Could it have something to do with signal strength perhaps?

Have you soft reset your device?

Have you made any changes to the settings are are they as they were when it was working?

TG

Posted by: risenshine85

no, i havent made any changes to the device, it was syncing just fine and all of a sudden it just stopped. I have also soft reset my device, I even removed and installed the activesync symbian solftware... from my phone

Posted by: whtrbt7

with transport software it may be difficult to tell what's going wrong. This is especially when it comes to activesync. It's possible that there is a corrupt entry in the e-mail database which is preventing it from synchronizing correctly. You may want to turn on WiFi to synchronize to force your way through the data. The other thing you may want to consider is to check the storage space of the E61. It's possible that you could have run out of space.

Posted by: risenshine85

The error I get when I look at the logs is "HTTP Error: Request Timeout"
So, what would be the best way to do it? ask admin to recreate the whole account?

Posted by: nerlichman

I updated the Q with the certificate update and updated the Q with my exchange server's certificate. Now it authorizes, but here is my new error message:

You have an incorrect SSL certificate common name in the Host Name Field. For example, you may have entered www.tailspintoys.com when the common name on the certificate is actually www.wingtiptoys.com. Make sure the server name is entered correctly.

Support Code: 0x80072F06

Is there a way to update our exchange server with a certificate that is already properly validated on the Q. Please HELP..

Posted by: whtrbt7

@risenshine85
I would suggest recreating the account and repopulating the account with your information slowly. I would be careful with the mail information especially.

@nerlichman
Please follow the directions I posted to this thread. I have proper procedures to install the correct certificates.

Posted by: Zinfari

Ok, I've read through this thread and tried/checked everything that is mentioned.

I'm running SBS 2003 is about the only difference I see, but otherwise I'm up to date on Exchange and on the correct SP.

I have both a 700w and a Q that I'm testing with so it's obviously my setup.

1. I have run through the SBS Internet and mail wizard and selected OMA.
2. I have checked the settings in IIS against what is stated in method 2 of setting up the virtual directory (just to make sure that the sbs wizard did indeed configure it correctly).
3. Checked to make sure that the SBS wizard added the appropriate registry key

I am using a self generated key. The key was generated using the FWDM (mail.company.com).

4. I have installed the cert on both of the phones and it shows as valid in the root certificates.

5. I am able to surf to https:\\mail.company.com\oma and get a valid SSL lock. No warnings.

6. I then try activesync also using the FQDM and requiring SSL connection.

I end up with support code: 0x80072ee2.

I also tried entering the reg key for SMTPProxy as that kind of looked like it was also something that was suggested, but I couldnt' tell for sure. Restarted IIS and tried again with the same results so that key has been removed.

If I use the IP address instead of the FQDM it yells about my cert, which it should.

Any ideas what I'm missing?

Thanks,
-Zinfari

Posted by: Zinfari

I should clarify a couple things.

The Q gets support code 0x80072ee2
The 700w get support code 0x85010014

I have not updated the 700w to the new feature pack yet as I want to figure this issue out first.

Also I added back in the SMTPProxy registry value, but I don't see any difference. The codes are the same with or without the entry.

Posted by: Zinfari

another update:

Upgraded the 700w with the feature pack. No changes to error code or behavior.

Posted by: eb597

Hello

I need help please.

I previously set up 3 HP6515s to download emails via vpn and active sync which after some initial teething problems and now all working wonderfully.

Now I have a K-JAM and a QTEC which are both WM 5.0 and nether of them work. I've set them up exactly the same as the HP's. The error code I'm getting is 0X80072EE7.

They will sync when connected to my PC and they sync wirelessly but not over the mobile network. I can VPN into our network, but everything falls apart and nothing works.

Any ideas please.

Em

Posted by: eb597

Another quick question! How do I change the subnet mask on my i-mate, it is set on 255.255.255.255, which maybe why nothing works.

Posted by: whtrbt7

@Zinfari
I posted specific directions on certificate installation on this thread, please follow them. The errors that you are getting for the Q is a timeout while the 700w is server related. Most likely, you don't have the server set up correctly. See if you can check the HTTP access and then make sure that you test without SSL first before you activate SSL on all virtual directories within IIS. Basically what I'm trying to tell you is that your server setup is not done correctly so you should simplify and then add on features later including SSL and certs. I assume that this is an office based exchange server. Make sure that you install Windows Server 2003 and Exchange server 2003 correctly first before you try synchronization.

@eb597
The name resolution on the new Windows Mobile 5.x devices is failing meaning that those devices do not have access to your Exchange server via VPN. Make sure that you have VPN access via the mobile networks (ie if you are using t-mobile as your carrier, you should be using the internet3 APN for access.) Once you have the VPN tunnel set up correctly, you should have the permissions to access the exchange server. Make sure you use the FQDN while in the VPN tunnel and you should be able to get the entire system working. There is also no need to change the subnet mask because you are using a VPN tunnel via mobile networks.

Posted by: Garrisrp

If I delete an e-mail from my WM5.0 phone it will not delete from my laptop. If I delete an e-mail from the laptop, it will delete from the phone. Further, if I open an e-mail from the phone, it will show up as read on the laptop.

I synch through my company's exchange server.

For the life of me I can't figure out what to do. Any advice will be appreciated.

RPG

Posted by: Eagle117

A new e-mail or a new calendar/contact will trigger an ActiveSync to your phone. If you delete the e-mail from your phone, that does not automatically trigger a new sync by itself. If you deleted the e-mail from the phone and then manually started an ActiveSync, or if you deleted it from the phone and then a new message came in, it would sync with the server again and your change would show up on your laptop.

Posted by: BradTexas

OK, maybe someone can answer this. i have been trying to figure if out for 2 weeks. Here is the situation. I have have a sprint ppc6700 and have activesync connected to a hosted (1and1) exchange server.(using pocket outlook) the email and all works flawlessly. They problem is, if i have it sync "as new items arrive", i cannot make a phone the 'first time' . the first time it dials it immediately shows "call ended". i then can redial immediately and it will work. if i set it at a 'timed interval' it works. i know you cant have voice and data at the same time, which i am not. the activesync connection is just 'idle'. Sprint tech support has tried and tried to figure it out and cant. i have downgraded to the old rom that uses SMS based syncing and it works find, its just the new rom and 'true push' that is giving me the problem.

Any help and i would be eternally grateful.

Posted by: whtrbt7

I wasn't aware that there was a ROM version for the ppc6700 that was AKU2.0+ certified was public yet. I think you need to use the older ROM until the full updated ROM is ready for public consumption. Normally a feature such as calling after synchronization is hindered in non-public released ROMs.

Posted by: Garrisrp

Thanks for the reply but these do not work. I can manually synch and the deleted e-mail from the phone never deletes from the laptop. Any other ideas?

Posted by: korval

Any way to have Exchange automatically download the full content of emails? I'm using a Motorola Q Smartphone hooked up to SBS 2003.

Every time I receive a longer email I have to click "Get the rest of this message", which then displays "message will download next time you connect and receive e-mail." Is there any way to bypass this? It seems extremely inconvenient.

Posted by: whtrbt7

@garrisp
There may be a database error in your PPCPE. I would suggest a hard reset. Normally, AES will delete from all locations if the e-mail is deleted from a single location. The beauty of the entire system is that everything is in sync all the time.

@korval
You should be able to get the entire e-mail on the Q by setting Activesync options to get the entire e-mail instead of limiting the size. Just set to all instead of headers only, 0.5kb, 1kb, or 5kb.

Posted by: eb597

Ok I'm getting fedup with this now. 3 HP6515's are set up by connecting to the internet via GPRS and then using vpn to connect to our network. They all work fine but are not windows mobile 5.0 so therefore are not push email enabled. I didn't use the vodafone mylan because I couldn't get it to work.

So new imate Kjam turns up and I set it up exactly the same as the HP. It doesn't work! So I changed from connecting to the internet to connecting to mylan. This also doesn't work, and now I can't disconnect the mylan session without turning the Kjam off.

If I connect through internet then I can connect to VPN but get an error of 0X80072EE2 when trying to use activeSync. Our ISA recognises that I'm connected via VPN but wont let me go anywhere.

If I connect through mylan then the vpn dosen't connect (although there is no error message) and I still get an error of 0X80072EE2 when trying to use ActiveSync and the ISA server doesn't think I'm connected.

Sorry if I being completely stupid but please help me because it is driving me insane

Posted by: whtrbt7

If anyone is interested, the Beta for Exchange 2007 is in the sign-up phase. Take a look here: http://www.microsoft.com/exchange/p...n/overview.mspx

Posted by: prsmith

Any help appreciated. Trying to connect my E61 to the companies MS exchange server. IP address does seem to work in the Mail for Exchange on the phone.

Posted by: whtrbt7

You need to get the FQDN from the IT manager and you also need to make sure you either need to VPN in or whether or not it's protected by something else.

Posted by: Pomosapien

Can anyone help me with my Qtek 9100 (WM5; new rom), or rather my WM5, in connecting to the internet at my home?

I've been able to connect once, today, but briefly before it went back to the "cannot connect. change settings."

I don't know if I've screwed something up or whether it could be my home router (2Wire). I haven't tried places like Starbucks yet but was wondering if it's something to do with my home router or the WM5 configs.

Any help is appreciated.

(Yes, I admit it, I'm illiterate when it comes to computers. But I really like my Qtek!)

Posted by: rblover69

my question would be I heard of people using mail2web.com as a free exhange server but when I log in and setup my web live account the only option I see to do an exchange account comes with a 5.95 price a mnth service. So I'm confused as to which service to choose using windows push in my 8125 I want to recive all my pop emails sevices directly. Any info and help on this. And purchasing this will allow me to push my pop3 accounts right.

Posted by: risenshine85

mail2web offers free exchange account. Something like username@mail2web.com

You could upgrade it to your username@yourdomain.com exchange account and that can be pruchased for 5.95 or 8.95 whichever plan you get...

but from reading your post it seems ...youjust need your pop email pushed! So, just get a free mail2web account, which you already have. Log into your control panel and use the email aggregator tab, add all the pop emails in there!

You already have an free account. Log into control panel to figure out the settings

All you need is:

Username
Pass
Domain
Exchange mailserver address

Posted by: rblover69

that sounds good but with that free account where do i get the setting to get it pushed to my 8125 with push email. When i go into my push setting it asks me for the server addresse etc so ......thats where i get lost im dying to use the push email client

Posted by: risenshine85

Log into your control panel at mail2web.com
And you should be able to see your settings there.

Don't worry its there. And you really don't need to buy a service if you are just merely looking to have your pop emails pushed. BUt I think email aggregator they have, it scans every 15 mins for email from pop clients. So, not really pop per say.

If you have email that does support IMAP and IDLE, you can have some sort of pushe mail per say.

Posted by: rblover69

yea thanks it doe work, however i do notice there is a latency issue sometimes...is that becasue of the emial client or the server delay anyway to adjust to receive imedietley or to check the speed of the emails being sent recieve . I love how my whole out look syncs wirelessly contacts tasks everything almost no reason to sync with my pc now besides installing exe files lol

Posted by: Urban Strata

Hi whtrbt7 (and others),

I don't know if your outstanding level of expertise extends into Lotus Notes connectivity, but if so, I was hoping you might be able to take a look at my post here:

http://www.howardforums.com/showpos...665&postcount=4

Thanks!

Posted by: nah2323

im trying to setup my pop/smtp mail trough outlook. i get the mail from the pop server but cannot send anything. also my MMS wont send either.. what am i doing wrong?

Posted by: ronag

Excellent thread!! its helped me get my UTStarcom 6700 somewhat setup & working.

I can sync fine (Exchage Activesync + Desktop sync) when connected with a USB cable, but when trying to sync over EV-DO, I get the following error:

0x800072EE2 The server cannot be reached, this can be caused by network conditions...blah blah blah.

Basically, it tries to sync, and displays "looking for changes" on the activesync screen on the device, then just stops and returns the above error.

I am using SSL, and have all the certificate issues worked out (those were the initial errors that would not even allow me to sync with a cable!!), and now I'm lost....the only references I can find to this error are related to Windows Update

Thanks in advance, and once again, EXCELLENT thread!

Posted by: .dll

Hey, this is connectivity, right?
Have you been able to 'suckcessfull' connect a wm5 device to a small microsoft network throu bluetooth?, if so your smarter than me! I've bearly slept for the last 5 days & when i have, its been holding a mouse in my one hand & stili in the other, my gfriend's refusing to see me & and i'm getting strange looks from the cat. Dont help me to connect help me get my live back together!

I own a I-mate K-jam(HTC Wizard) which I know(from reading every danm tutorial on the net) uses ms bt stack, which doesn't have any LAP support. There's a lot of 3rd party app's claming to work around this(resco, network browser, ect), so i guess my Q(to anyone who can awnser this) is it possible. Also using BlueSoleil usb cf card.

Posted by: whtrbt7

Alright I'm back from vacation.

@Urban Strata, I'll take a look at the thread and see what's going on.

@Ronag, thanks for the compliments and regarding your error code, it seems that you are timing out on the server somehow. Are you using a VPN or an open SSL to the Exchange server? I would highly recommend that you take a look at the server log and see your access rights.

@.dll
This thread is for Exchange server connectivity. You can't connect to a Bluetooth Network for storage via the normal profiles on the HTC Wizard. You would have to connect via WiFi instead.

Posted by: ronag

Thanks!! I've got things working better...but still not 100%

Direct Push is now working

Activesync is working (via USB)

....but I cannot send email!!

here is the error:

Your message xxxxx has not been sent, and has been moved to the drafts folder.

Certificates are not available for the following recipients or for one or more members of the following distribution lists xxxx.

I get this error regardless of who I try to send to!!

Please help.....I'm almost there....so close I can taste it...

Posted by: MrFredy

How do i go about creating a self-signed cert to install on the phone? I need help trying to get active sync to work, but i have a cert problem. So I need a third-party or a self-signed one. How do I go about the self-signed one? If third Party which one do i need to get?

Posted by: whtrbt7

@ronag
Try reinstalling the certs. I think one of your certs was corrupted or is unusable. It should work after that. Remember, you should install the cert directly from the server. The instructions are on this thread. Review and execute.

@MrFredy
Please read the thread since it contains the answers to your questions. Also there are lots of 3rd party cert providers out there but the most well known ones such as Verisign may be a little expensive. Only secure your server with a 3rd party cert if you have a wide organization that needs to be secure.

Posted by: ronag

thanks for the suggestion, but it didn't work. I tried the following:

reinstalling the certificate on my ppc over top of the existing - device reset.....nothing

deleted certificate from my ppc - device reset / then installed it - device reset....still nothing

is there anything else I can try???

Posted by: that_kid

Quote:

Originally Posted by ronag

Thanks!! I've got things working better...but still not 100%

Direct Push is now working

Activesync is working (via USB)

....but I cannot send email!!

Open activesync on the device goto the e-mail options and choose Advanced, then uncheck "encrypt all outgoing e-mail messages" that'll take care of the certificate issue.

Posted by: ronag

Quote:

Originally Posted by that_kid

Open activesync on the device goto the e-mail options and choose Advanced, then uncheck "encrypt all outgoing e-mail messages" that'll take care of the certificate issue.

Wow....that worked!!! THANKS....

now, by "unchecking" that box...what is the bad news, I'm assuming this was only a "work around" and not necessarily the ideal setup!?

Posted by: rblover69

any way to see sent messges when u send them from outlook using mail2web as a exhange server. So far when its sent , ..it gone lol also notice when sending and delayed the email get put in drafts rather then outbox. Any info on that

Posted by: that_kid

Quote:

Originally Posted by ronag

Wow....that worked!!! THANKS....

now, by "unchecking" that box...what is the bad news, I'm assuming this was only a "work around" and not necessarily the ideal setup!?

No bad news, that option is only used if you have a secure cert that you use to sign/encrypt your mail. If you are not doing any of those then you don't need to have those options checked.

Posted by: BillC

Just bought a Treo 700W and set up 2 POP3 Emails.
The first account name was left as default , the account name is POP3.
I named the second account properly.
So I would like to 'edit' the account named POP3.
I can edit all the user names, addresses etc but when I get to
the POP3 account page it will not let me edit.
I also looked for a way to Delete the entire account.
Any Ideas.
Thanks

Posted by: that_kid

There's no way to rename the account after you create it but to delete it just tap and hold on the account name on the first options page and you will be presented with a delete option.

Posted by: Ahr19

I looked through all 34 pages of this thread and didn't see my answer. I own a hp 6965 and I am trying to set it up to send/receive my AOL email.

I have the receive part working well, but it will not send. It is going through the 'GPRS Cingular' I se up and it will try to Send mail but say: "The Message(s) could not be sent. Check that you have network coverage and that your account information is correct. Then try sending again"

Anybody have any help for me??

Posted by: yak86

from what I know, aol blocks the smtp server. I tried setting up an aol account once (earlier this year) using a desktop email client and was able to send mail. anyone know if its changed? (of if I'm wrong?)

Posted by: yak86

on a separate note. I just set up an exchange account on 4smartphone. works out good in that I can sync my inbox. but my sent items seems to be out of shape. mail which I sent out all seems to sync into my folder but the dates are all messed up. instead of having the sent date, it shows the date and time which it was synced (now). however the dates of the messages on the owa server are correct as they are on my computer (mac mail). anyone know what's going on?

Thanks

Posted by: Ahr19

Quote:

Originally Posted by yak86

from what I know, aol blocks the smtp server. I tried setting up an aol account once (earlier this year) using a desktop email client and was able to send mail. anyone know if its changed? (of if I'm wrong?)

Does this mean I may be better off learning about an "exchange" account and setting that up to get my AOL email?

Posted by: whtrbt7

This thread is reserved for Microsoft Exchange use, not general e-mail. Exchange I feel is a superior e-mail and PIM system. For AOL IMAP e-mail SMTP, you need to set the port number as 587 when you first create the IMAP account. AOL is a pretty crummy way to go however so I suggest that people open up Exchange accounts to replace their existing e-mail systems.

Posted by: Ahr19

Quote:

Originally Posted by whtrbt7

This thread is reserved for Microsoft Exchange use, not general e-mail. Exchange I feel is a superior e-mail and PIM system. For AOL IMAP e-mail SMTP, you need to set the port number as 587 when you first create the IMAP account. AOL is a pretty crummy way to go however so I suggest that people open up Exchange accounts to replace their existing e-mail systems.

Can you please share with me why you feel Exhange is a superior email system to regular email? Thanks.

Posted by: whtrbt7

Exchange keeps all of your mail on a centralized server for multiple forms of access including Blackberry Enterprise Server, Goodlink, Outlook Web Access, Exchange Activesync to multiple devices including the Nokia E61, E62, Samsung I320, Motorola Q, HTC Universal, Hermes, Magician, Wizard, ATOM, ATOM Exec, etc... Basically, it allows you access to all mails, folders, contacts, calendar appointments, and tasks through multiple systems. All these features make it optimal for business and personal use. Once you start using it, you just can't stop.

Posted by: DLMobile

I have a new S200 that won't do push e-mail properly. I've set this up in the past on a KJAM and on a Cingular 2125 and it worked great. On the S200 the push-email keeps stopping. Also, it appears as if GPRS keeps disconnecting. I'm using Cingular and setup GPRS as described on the Cingular site for an 8125 (link below). I even tried StayConnected to keep the connection alive. This worked for a few hours and push-email worked. Then StayConnected started throwing errors saying it disconnected for an unknown reason. I'm beginning to wonder if I have a hardware problem (just got the S200 yesterday). I want to make sure I'm not missing anything. Anyone have any ideas?

Thanks

https://onlinecare.cingular.com/sup...ls/KB56475.html

Posted by: Jakaroe808

Quote:

Originally Posted by Wallace Lau

You will need to add your CA's root cert into the device. If I understand it correctly, the device is still not trusting your home-brew cert (since you have your own CA, and your CA obviously is not trusted by the device by default). The same problem will also occur even if you let Exchange generate its own cert (instead of using your in-house CA), because Exchange's cert won't be from a trusted root CA either.

I have to run through the same process because I am using a GoDaddy cert on my Exchange server, and although its a public cert it is a intermediate cert backed by ValiCert, which of cause was NOT part of the default trusted Certificate Authority (ala Verisign or Thawts) in the device.

Anyway, to install the cert in your device you simply need to export it from your server and run the cert in your PPC. My 9100 recognize the .cer file format and automatically imported the root cert without having to install any additional software. Anyway, assuming you know enough about Exchange and CA, here are the simplified steps.

1. Open IE and go to your OWA interface. Double click on the "lock" icon on the bottom to see the detail of your current cert, and go to "Certification Path". If more then one cert is listed on the path, write down the top item which is the root CA your server is using. It might be something like www.YourCompany.com or server.YourCompany.com depends on how you set Exchange and your CA up.

2. Go to either your exchange or GC box, open MMC (Start -> Run -> "MMC" -> Ok) and add the Certificates Snap-in (not Certificate Authority snap-in) for your "computer account" / "local computer". Alternatively you can run the MMC from your desktop and remotely open your Exchange box's computer account... but to be safe I'd terminal-service to the Exchange box and do it from there.

3. Open up the "Trusted Root Certificate Authorities" tree, and under "Certificates" look for one that is named exactly like the one you found on #1. Right click, All Task, Export and export it as a DER Encoded X.509 cert.

4. Copy the exported cert onto your iMate.

5. Open up File Explorer in your iMate, find that file, and double click to execute. It should automatically imported the cert.

6. Now try sync'ing again. Good luck.

Wallace

I know this post is from late 2005 but I just had to thank you.. I have absolutely no experience with Exchange 2003 but your post walked me right through and seconds after installing the cert emails began pouring in again.. Thanks Wallace Lau very very much.

Posted by: dekard

gah! I hate these problems.

i730 with verizon's wm5 update. imported the cert and its showing up on the handheld.

server is exchange sp2. push works perfectly on tero 700w's. the i730 under wm 2003 was just fine under this as well, aside from push not working.

updated to wm5 and I can't get the device to sync with the exchange server to save my life. here's what I've done...

cert installed on the wm5 i730. verified.
rebooted phone
accessed oma & owa fine.. no security warnings, just login info requested.
rebooted phone
tried all the above on my laptop @ the office then at home on another pc.
rebooted phone
rebooted laptop and pc
removed AS 4.2 and outlook 2007 beta. Reinstalled office 2003 and AS 4.2 just to be sure...
rebooted phone
rebooted server
accessed oma \ owa just fine.

I'm getting the 85010014 error and can't seem to beat it... I'm more than open to suggestions at this point.. PLEASE HELP!!

lol

Posted by: blackdoc

Bear with me for being somewhat of a noobie with certificates here.
I have a 4smartphone.net professional exchange account and love it,
Can I

Install a certificate to encrypt my mail on my TyTn and OWA?
How do I do so if possible?

Gracias

Posted by: jedmb

Problems with 1and1 exchange hosting:

I have had 1and1's exchange hosting since May. Over this time, I have experienced two problems.
1) I am getting a 'delay' over the last two weeks: Mail that was sent five hours ago is just showing up in my inbox, and coming in out of order of how it was sent.

How my mail is set up:
a) Multiple accounts are all forwarded to gmail, which I use as my spam scrubber.
b) Gmail then forwards on to my 1and1 exchange account, which I receive the email through on my Qtek 8500/OWA/Outlook.

How I know this problem is occurring: When I go in and look at my mail in gmail, there are usually messages sitting there which have not yet been received by 1and1. Any ideas?

2) The second problem is that I have been receiving push email sporadically at best on my smartphone (Qtek 8500). I called Cingular to have them add my IMEI # to my account, and all internet settings are working perfectly. There are times when I go an entire day without ever receiving push email on my phone! I don't know if this is a Cingular problem or a 1and1 problem.

Thank you for your help!

Posted by: autigers20

1and1 has acknowledged there being delays with their service delivering emails recently. both me and a co-worker of mine experienced this issue and have since left 1and1. their service was not worth paying for in my opinion. i've had good experience using 4smartphone's service, if you need another. also mail2web has a free service if you don't need desktop outlook sync with your exchange account.

Posted by: jedmb

In that case, I'll probably migrate over to 4smartphone.

Question: What is the best way to archive all of my folders, mail, contacts, and calendar items to import into an account with 4smartphone?

Thank you!

Posted by: autigers20

Quote:

Originally Posted by jedmb

Question: What is the best way to archive all of my folders, mail, contacts, and calendar items to import into an account with 4smartphone?

this might help: http://tech.bryandavis.net/content....=form&id=123577

Posted by: skblake

I apologize if this has already been asked. I have a user with a Treo 700w who does not want his mail deleted from Exchange when it is deleted on his Treo (similar to a BlackBerry config).

Is there a way to do this on a Treo?

TIA

Sean

Posted by: goestoeleven

Quote:

Originally Posted by jedmb

In that case, I'll probably migrate over to 4smartphone.

Question: What is the best way to archive all of my folders, mail, contacts, and calendar items to import into an account with 4smartphone?

Thank you!

Smartphone will give you instructions on how to do this after you sign up with them. I'm happy with their service

Posted by: ronag

I've got a new issue that has cropped up over the past week....

It seems like every few days my device stops syncronizing with Exchange, and the error is some certificate error, and says I need to connect it to my desktop PC to "enroll for a certificate"

Once I connect with my desktop (via USB) and input my logon credentials in Activesync it "enrolls for a certificate" and I'm good to go....for a few days.

There have been no config changes I've made since I got everything working (thanks again to all those participating in this thread), but obviously this can be a pain if I'm away from the office for an extended time, and I have this issue pop up!!

Any idea what is happening, or is there a way to lengthen the life of a certificate so I don't have to do this every few days!?

Posted by: whtrbt7

I'm back after much consulting work.

Thanks to all that participate in this thread. AKU2.3 updates are getting released and all is well with the Windows Mobile world until the next major hickup.

I'll take some time to answer some questions.

@dekard
Check your SSL settings on the server and on the phone. Certs need to be issued from the same domain as the server SSL. When in doubt, use Verisign or another 3rd party cert provider.

@jedmb
There was a few days where 1and1 had some latency issues with their servers. In fact, all exchange hosters will have these problems from time to time if their queue builds and it slows down the servers. For a while there was a blacklist issue and since 1and1 is one of the larger providers, blacklisting can be a major issue. After the issue was fixed, the e-mail and sync has been very fast.

The other issue with your setup is that you are using gmail as a spam scrubber. With a 1and1 account, there are spam protection abilities that you can set. Just refer to your 1and1 faq section to learn how to apply spam filters. By forwarding from account to account, you are creating a loop which would slow down mails. There is however a bad side effect of spam control which is that your mail can get stored in the IMAP trash or bulk folder which needs to be retrieved separately.

Finally, the HTC Star100 does in fact support AKU2.2 DirectPush if it has been upgraded. The feature would be missing if you had one of the earlier units on the market which did not have DirectPush. It may also be caused by a firmware error so the best fix is a firmware flash.

@skblake
Exchange is meant to have the ability to reflect everything you do on the phone directly to the server and the rest of the computers in your network. What you are looking for is most likely a POP3 solution or to just make read e-mails invisible.

@ronag
Your exchange server may have expiring certs which expire every few days. Many companies do this for security reasons. You should be able to re-acquire the cert by accessing your account via WiFi instead of by USB. What matters most is that you have a fast internet connection to the server through an open port. Some companies issue an encryption key that you carry in your wallet that will give you an access code for the server depending on the time and date. These are normally randomly generated 128-256 bit codes. Once you connect to the server using the access key, you should be able to resynchronize data. It's also to make sure that you don't run off with company secrets or national defense secrets

Posted by: brucedelta

Hopefully someone here can shed some light on how this works for me.
I broke the screen on my xv6600 and picked up a xv6700.
On the 6600 I synced with my work exchange server as follows:
Activsync server set to the severname (SBS2003svr is actual name).
I then set up a VPN connection which was marked somehow as my work connection. So the VPN went to the public address (ie: company.com) and when my activsync did its thing the phone dialed the cellular connection and then the VPN, after which it logged into the exchange server.
Now with the 6700 I can not figure out how to make it dial the VPN. The concept of a work connection seems to be missing.

I even looked at my coworkers samsung i730 for reference, but his is set up the same as I remember the 6600 being set up.

Any help on this would be appreciated.
My server also supports outlook webmail, so I tried to go directly to that, but I am not sure if the router is passing the correct traffic or if it will work, so the VPN is preferable. For webmail I use a address of company.com/exchange:9163 (an arbitrary port). I have tried to activsync to company.com:9163 but that does not work either.

Posted by: ReDRoVeR

Im looking for some advice.

I own a cingular 8125 phone.
I am currently using mail2web free service. The emails get pushed from my forwarded pop3 Id say within 60 seconds to my phone! Fabulous! Very happy about that. But their pro plan is 12 per month.

I want full functionality of exchange. meaning sync of calendar contacts etc etc. with my desktop outlook and my 8125 and the exchange server.

I am trying the 4smartphone.net pro plan. It seems that emails dont get pushed to my device using the same forwarding method as the mail2web for 30 minutes. also people receive my emails from my 8125 but I dont receive replys at times. I emailed 4smartphone.net and they say there is nothing wrong.

I dont understand how the mail2web works great and the 4smartphone.net doesnt.

Anyways I was looking at the 1on1 service. They seem to be reasonably priced.

Anyone have any advice based on knowledge and experience they can share?

Thanks

Posted by: eb597

I have three HP's which up until last week worked perfectly. Now strangely they all get the error HTTP_400. There have been no changes to the devices, so can anyone tell me what changes could have been made to either Exchange 2003 or ISA 2004 to make this happen. I can then go and beat my colleague with a big stick.

Thanks

Posted by: eb597

The HP's are now working fine, thanks

Posted by: ronag

Quote:

Originally Posted by whtrbt7

I'm back after much consulting work.

Thanks to all that participate in this thread. AKU2.3 updates are getting released and all is well with the Windows Mobile world until the next major hickup.

I'll take some time to answer some questions.

@ronag
Your exchange server may have expiring certs which expire every few days. Many companies do this for security reasons. You should be able to re-acquire the cert by accessing your account via WiFi instead of by USB. What matters most is that you have a fast internet connection to the server through an open port. Some companies issue an encryption key that you carry in your wallet that will give you an access code for the server depending on the time and date. These are normally randomly generated 128-256 bit codes. Once you connect to the server using the access key, you should be able to resynchronize data. It's also to make sure that you don't run off with company secrets or national defense secrets

I had a look at the certificates on our server, and they are valid for one year!! I can see in the Certificate folder all the ones I've been issued every few days (when I lose connectivity), and yet the previous one hasn't expired!! I also checked the expiry date of the certificate on the device, and it matches what was issued (valid for 1 year from the issue date)

I also tried connecting via WiFi (I'm assuming you were referring to OWA), and although I could login, and see my folder list & layout, if I tried to click on a folder, it would ask for my credentials again, and after entering them correctly, just say "access denied"....

Any other places I should be looking?? Thanks again for all your help.

Posted by: egyptegypt

Is it possible to access an Exchange server using RPC over HTTPS on a WM5 device? Using this system there isn't really any "synching" since the email messages reside on the server. I've got this working great on my laptop but can't figure out how to get it running on my iPAQ. Any advice?

Posted by: whtrbt7

access to the exchange server via WM5 device can be done via RPC over HTTPS IF you have a program to use RPC over HTTPS. RPC over HTTPS would be great for WM5 however it does use up a lot of bandwidth. You would also have to figure out a way to cache (yeah almost the same as synchronizing) the data since you don't know how quickly the server can update your info or how fast your WM5 device is able to process the information. Generally, RPC over HTTPS would be very slow on a WM5 device compared to Activesync but it would be more complete since notes and other intensive information could be synchronized over.

Posted by: egyptegypt

Do you know of such a program for RPC over HTTPS? I'm not concerned about bandwidth as I've got an unlimited data plan and I can live with slowness as long as it works.
Thanks.

Posted by: GazmanJoyce

Folks,

I've been pulling my hair out with this one for weeks now. Apologies if this problem has been raised and solved earlier (had a quick look with no joy)

We're running Small Business Server with Exchange 2003 SP2. We've got a number of new Orange SPV M3100s (HTC Hermes?) running WM5.

I've managed to setup the Exchange ActiveSync connection and use 'home-grown' certs to get the device connecting over the air to the server (and locally) and 'apparently' syncing. New items on the device are added to my exchange account but the device never downloads the exchange items (mail etc.). i.e. I can send mail from the device but not recieve, additionally once its sent it does not appear in the sent folder on the device....

From what I can see all the virtual directories are setup right and we are not using URLSCAN on the server (could block headers) ... any thoughts would be greatly appreciated... Basically the device thinks its connected and working OK but it isn't.

Couple of notes:
1. I've tried syncing with a third party hosted exchange server and it worked perfectly... i.e. theres something wrong on my server/network setup
2. We ahve 4 devices in the company and all are having the same issue - as does the MS emulator which I have tried as well.

Posted by: whtrbt7

@GazmanJoyce
Alright, it looks like you've got some major issues. It looks like Activesync is set up but it's possible that you aren't using the mail application within Exchange Activesync which would explain the lack of sent mail synchronization and the missing mails overall. The other possibility is that the Exchange server isn't handling mail accounts well. In the meantime, I would suggest backing up all the existing account information into PST files. Are contacts and calendar items arriving on the devices BTW? I would suggest recreating the user accounts in the AD and then re-importing items back into the accounts. Also to receive sent mails on the client devices, you need to go to manage folders and mark sent items to be synchronized. If the new AD doesn't work, you need to take a look at your log files. If you see sync error 5, then that means you need to contact Microsoft for a hotfix. Also please refer to http://support.microsoft.com/kb/883380/en-us to reset your virtual directories. It's possible that your existing virtual directories either have corrupted items or are not configured correctly for the AES.

Posted by: blackdoc

Has anyone had success setting up secure email on a WM5 device via Exchange Server? My results are mixed, using 4smartphone

Posted by: GazmanJoyce

Aha - I found the issue after much research....

Exchange is working fine but the Sophos PureMessage scanner on the exchange server is setup incorrectly.

See:
http://www.sophos.com/support/knowl...ticle/3186.html

Whilst the devices are now working as expected I now have a memory leak associated to the scanning - this is hopefully resolved by an upgrade of Sophos PureMessage.

Hope this helps others out with similar issues....

Posted by: exander

Wow, this is a long thread. I've skimmed but I'll admit I didn't read all of it. I'm hoping someone can point me in the right direction.

My IT guys don't know anything about setting up exchange or whatever else needs to be done to push mail to my phone.

Is there somewhere I can find a guide for them? Do they need an SSL Cert? We don't use one.

Thanks for the help.

Posted by: qmacker

exander -

I haven't read these forums in a while, but basically here's a quick guideline.

If you can use Outlook Web Access (OWA) at your company, you can PROBABLY get email with your mobile device.

If your IT guys are that clueless (and it sounds like they are), then they probably do not have your Exchange Server running Exchange Service Pack 2 (ExSP2). They need to hyave ExSP2 installed in order for the "push" service to work. However, you can still get email to/from your mobile device, even without ExSP2, but you'll need to tell your device to do a Send/Receive (check for new mail) every few minutes (say, every five minutes).

The other problem you might have though, is if the certificate on the Exchange Server is a "self-signed" certificate. I'd say it is, by the sounds of your email. In this case, your device will not "trust" the certificate. Therefore you need to get the certificate onto your device first, and then you need to install it on your device.

So, the first thing you need to do is get an "installable" version of the certificate onto your device. Here's how:

(Before anyone flames me here, I've had problems just copying the "original" cert onto the device. I've found for it to install on the device without any problems, you need to Export it first.)

1) Using Internet Explorer, go to your company's Outlook Web Access site. e.g. https://mail.mycompany.com/exchange (don't forget the "s" after http).

2) If your company's certificate is self-signed, you will be presented with a Security Alert.

3) On the Security Alert, click View Certificate.

4) Click on the Details tab.

5) On the Details tab, click the Copy to File button (on the lower right).

6) This will start the "Welcome to the Certificate Export Wizard" - click Next.

7) Choose the default format: DER encoded binary X.509 (.CER) - click Next.

8) File to Export: click "Browse" and navigate to your desktop. Give the file a name (e.g.

MyCompanyCert) - click Next.

9) Click Finish. You should now have the certificate on your desktop.

10) The next "trick" is to get the certificate onto your Pocket PC.

11) Install ActiveSync on your computer, and configure it to access your company's Exchange server.

You won't be able to get it to sync with the Exchange server right away, but that's okay, we just

want to get the "ground laid" first. Set it up and when it is done, let it try and sync. It won't

be able to, because your device does not "trust" the certificate.

12) Once ActiveSync is setup, use the "Explore" button (in ActiveSync on your computer) to browse

your device. Now, COPY the certificate we created earlier into the My Documents folder on your

device. You can copy it to any folder, but My Documents will make it easier to find later.

13) Once it's copied over, pick up your device, and find File Explorer in the Programs (on the

device's Start Menu).

14) Find the certificate in the My Documents folder, and CLICK ON IT.

15) You will be asked if you want to install/trust the certificate. Say Yes.

16) Your device should now sync with your Exchange Server.

NOTE: If your company has Exchange Service Pack 2 installed, you will know by checking the

following: Open ActiveSync on your device (Start>Programs>ActiveSync). Click "Menu" then

"Schedule." If the options to sync include "As items arrive" then your company is using ExSP2 with

Direct-Push enabled (Direct-Push is enabled by default on ExSP2).

That's it. Hope it helps!

Posted by: qmacker

Just re-reading exander's original post again, it looks like I just spent ten minutes writing instructions iin vain. I should have said:

exander - It sounds like your company does not have an Exchange server. You need an Exchange server for the push email function to work.

(That took a little less time!)

Posted by: exander

It wasn't in vain.

We have exchange with sp2. My guy says they don't SSL. Is that still ok?

Edit: I can't connect on the net to the exchange server using HTTPS. Only HTTP.

Posted by: qmacker

That sounds pretty crazy - not using SSL. I don't know why they would do that, as there are a few "tweaks" you need to do to disable it.

My guess is that your IT guys have fiddled with the Exchange server to such an extent, as to make it inoperable for mobile use. They have probably gone in and changed certain security settings in IIS to not use SSL (why, I don't know), and have checked and unchecked so many boxes, that they have messed up the whole thing. I might be wrong, but that's my hunch.

If everything was done properly, not using SSL (which isn't really doing it properly), it should simply be a matter of unchecking the "This server requires an encrypted (SSL) connection" within ActiveSync.

If that doesn't work, then they have messed something up with the Exchange server or with IIS.

Posted by: aliarman

I have a HTC Tytn s/n: 636xxxx, brand new from PhoneSource-USA, shipped two weeks ago. I had it all working with Exchange (OWA) etc, but I wasn't happy with the phone performance (1.03). so I tried RadioROMs 1.20 and 1.16 from xda-developers.com, and neither of them seem to make a difference, in fact it felt they were worse. So I decided to go back, and I downloaded and flashed the original shipping HTC ROM 1.18.255.3. After re-init, I cannot get ActiveSynch to work. Exchange server keeps asking my password. I know my login credentials are correct, because if I use the Internet Explorer, I can login to my owa.mycompany.com without any problems. If I don't enter a password during ActiveSynch setup, and enter it when Tytn is trying to access the server, it gives me certificate expiration error, which is incorrect. The cert is valid till 2008. I even exported the certificate from the web access and installed onto the Tytn, but still no cigar.. Any wild ideas to try?

Posted by: cthore

I have Exchange 2003 R2 running and have successfully used Exchange ActiveSync to sync with a Treo 650, a Treo 700P and a Motorola Q. Now have a new Treo 700WX and cannot get it to work. When we try to sync it goes a long time and then eventually fails with error 0x80072EE2. I looked up the error code and it says it is a temporary condition. But, the error comes up each time we try and it has been happening for several days. Any ideas?

Posted by: slapstix

Hey everyone, quite an incredible strain of information here, it has helped me through a lot in setting up activesync. Thanks so much!

I have one final hurdle it seems.

Activesync works properly with all my devices in my network (6700, Q, 700wx) though not on any one device do any items DELETE off of the server when they are deleted on the device.

Emails deleted on device do not sync with server.
Emails deleted on server sync with device, and are removed from inbox.

When synchronizing after deleting an item off the device, it reports synchronizing email 0/2 then follows through 2/2.

Items still remain on server.

Any help would be appreciated, and thanks in advance!

Posted by: whtrbt7

@cthore
Your error of 0x80072EE2 means that you timed out of the server. Check network traffic and also your access logs on the server. I would also check your FQDN since it may not be correct. Check all the EAS settings to be sure that everything was entered correctly.

@slapstix
If you see synchronization of 2 mail messages every time you delete something, it should be correctly deleted off the server. Do you have server backups that are preventing information deletion? Another possibility is that your EAS setup has a bug. If this is the case, uncheck mail synchronization and run EAS a few times before resynchronizing mail.

Posted by: ld555

While installing the Certificate an get the error "ALERT: Security permission was insufficient to update your device." Is there a fix?

I am using a decert i930 on Nextel.

2nd question: SERVER is server.companyname.com ** what is domain ... is it the same.

Without the CA installed ... whenever I Activesync ... it returns me back to the password field. It is like I put in the wrong Password, but I know I did not put in the wrong password.

Thank you in advance ...

Posted by: cortez

well... here's my story: i successfully setup my 750v to sync with our Exchange Server and it worekd without issue until Friday (11/10). my setup did not require me to use SSL so I had that option unchecked. now i'm getting the dreaded "security certificate on the server is invalid. Contact your Exchange Server admin to install a valid certificate on the server". i have a 3125 and a Q (both of which were setup exactly like my 750v) and i get the same message on those devices.

i suspect that something changed on our Exchange Server and it's affecting my ability to connect. i followed the suggestions to export the root security certificate from OWA and install onto my 750v. no luck, still doesn't work. fyi, the security certificate for our OWA access has two levels below the root.

here's are my questions:

1. do i need to copy all tiers of the security certificate or just the root level?
2. if Exchange ActiveSync has been disabled, would I get this message or a different message?
3. is it likely that my issue is due to a certificate change on the Exchange Server?

thanks to those who take time to answer my questions. (and thanks to all those who've contributed to this thread. although i'm a real newbie to this stuff, it's helped me better understand the WM5 security).

Posted by: telus_guy

It certainly sounds like something changed on your server, since you are getting the same message on each of your other devices. It sounds like your company has implemented an SSL certificate in which case you will have to find out from which Certificate Authority they purchased it from, some have certs you can actually download from their site right onto your device, its that simple, unfortunately in other cases its not so simple, but there is plenty of info out there on how to do it, google is your friend.

TG

Posted by: cortez

I downloaded a tool that creates/exports a cert from the mail server. I used the makcab.exe file from XP to create a cab and installed it on my phone but it didn't work... back to google (before I check with IT).

thanks for your response..

Posted by: cortez

Quote:

Originally Posted by telus_guy

It certainly sounds like something changed on your server, since you are getting the same message on each of your other devices. It sounds like your company has implemented an SSL certificate in which case you will have to find out from which Certificate Authority they purchased it from, some have certs you can actually download from their site right onto your device, its that simple, unfortunately in other cases its not so simple, but there is plenty of info out there on how to do it, google is your friend.

TG

yep, our IT group enabled SSL which rendered my original setup invalid. in addition, i copied and installed (to my devices) the root and second tier certificate using the exact certificate names as presented in OWA. after insalling on my 3125 and 750v and modifying my settings to use SSL, i am back in business. now i have to get around the friggin' security on my Q to install the certificates so it will work...

Posted by: RandyP1234

While this is my first post here I wanted to say thank you to everyone on this thread and especially whtrbt7 for the wealth of knowledge on getting the push technology to work. I was having certificate problems and after reading the entire thread (*that* took a while) I was able to solve the problem.

So thank you all!!!

One thing I want to mention. In several places I saw where it was said that if you’re going to use a self signed certificate that it *must* use a fully qualified name. Maybe I just got lucky, but since we have no public pointers to our network I generated a certificate that just uses our outside IP address and it appears to works fine. Maybe there’s a reason that this will crash and burn later but I just wanted to throw it out there for others to know.

Thanks again,

Randy

Posted by: slvrdrgn33

Does anyone have experience with the HTC 8125?

I'm new to the technology industry, fresh out of school, I've been in the business for just over a year. Working as an IT technician.

I'm trying to setup this HTC 8125 to sync with our exchange server. It had been working for a few weeks and all of a sudden it stopped syncing.

I get the following error message:

"Your account in Microsoft Exchange Server does not have permission to synchronize with your current settings. Contact your Exchange Server administrator. Support code: 0x8501004. Last synchronized: Today 7:38 AM. Last attempt: Today 12:56 PM."

We have an Exchange server running exchange 2003 SP 2 the phone will only sync wirelessly with the server. When it is connected to a PC it will not sync with the server.

I am willing to start from scratch if need be. Any help would be greatly appreciated.

Thanx

Posted by: whtrbt7

@slvrdrgn33
Someone toggled SSL all of the sudden on your server apparently. It's either that or your SSL is just not working correctly.

Start, ActiveSync, Menu, configure server

check to see if SSL is enabled. If yes, remove and if no, replace it. If your SSL is working on the server and you see this when you log into OWA, then you need to install a certificate on your device.

Posted by: ld555

Quote:

Originally Posted by ld555

While installing the Certificate an get the error "ALERT: Security permission was insufficient to update your device." Is there a fix?

I am using a decert i930 on Nextel.

2nd question: SERVER is server.companyname.com ** what is domain ... is it the same.

Without the CA installed ... whenever I Activesync ... it returns me back to the password field. It is like I put in the wrong Password, but I know I did not put in the wrong password.

Thank you in advance ...

Should there be a problem regarding Security Permission while I am installing a Certificate? I did do a MASTER reset on my phone. Is it still Decert after a MASTER reset? Do I have a certificate that is only for the PC?

Thank you for your assistance.

Posted by: stoal76

In the past I have successfully setup quite a few PPC2003 and PPC2005 iMates and have some good experience with the server and the device setup.

But recently purchased KJam's seem to have something enabled that is caching the IP address of my server after being plugged into a PC running the latest activesync.

The error reads 0x80072EE2 which is a network time out error, and only occurs after plugging into a desktop and synchronizing.

A soft reset of the KJam fixes the problem until next time the user plugs the KJam into their PC, also the synchronization when plugged into the PC works fine.

If a user never plugs the KJam into their PC it works flawlessly, I now have most users only synchronizing over GPRS at the moment.

Our setup:
-Exchange 2003 SP2 running on Windows server 2003 sp1
-internally created certificate for mail.company.co.nz
-very new KJam's running PPC2005 with the new ROM pac for AUTD over HTTP and the comms manager.
-the certificates successfully installed on the KJam's
-internal DNS entry for mail.company.co.nz pointing to 192.168.x.x
-external DNS entry for mail.company.co.nz pointing to 202.1.x.x
-No internal proxy server
-basic snapgear firewall with HTTPS enabled to the exchange server
-no VPN setup

I have seen mention on the below forum about a registry entry on the device for DNS caching but the new PPC2005 doesn't have this registry entry:
http://forums.pocketpcfaq.com/viewt...8c731f0f3e11af5

There is a registry entry regarding disablehttpsDNScache and this is enabled.

This is very frustrating as it is now affecting over 10 new KJam's at two different client sites, and I am certain it did not exist in older KJam's

Any help would be appreciated.

Posted by: slvrdrgn33

whtrbt7,

I am the server administrator, and SSL is not running on our server.

This is the first time I've had to deal with one of these phones, I usually deal with blackberries.

I've read a few of these posts, and saw a lot of people talking about installing certificates. I've never had to do this for any other phone. How do I install a certificate on the server and associate it with the phone?

Any help would be great.

Thanks

Posted by: stoal76

slvrdrgn33,

I assume you are not running SBS2003? If you were a certificate would have already been installed.

There are a few options for obtaining a server certificate, you can buy a certificate from Verisign that will just work with the Pocket PC with out having to install the certificate on the device, these certificates a very expensive but are automatically trusted by the pocket PC.

You can buy a cheap untrusted certificate from the likes www.rapidssl.com and install it on your server as well as the device.

Or finally you can install and use an internal Microsoft certificate authority here is some information about setting up an internal CA http://www.petri.co.il/install_wind...ver_2003_ca.htm
Again you will have to install it on the server and the device because it is untrusted by the Pocket PC.

The server certificate needs to be for the exact external domain name of your Exchange server, usually something like mail.companyname.com

I would suggest for the $69 a cheap certificate like rapidssl would be the easiest and quickest method but it is up to you.

Once you have the certificate you need to install it on your Exchange server within the IIS server.
Here are some instructions on installing the rapidssl certificate into IIS http://www.rapidssl.com/ssl-certifi...osoft_IIS_5.htm
Other certificates that you buy should also have similar instructions on their website.

Now you should be able to browse to https://mail.mycompany.com/exchange to test the certificate.

Finally you need to install the certificate onto the Pocket PC, someone else on this forum had some info on this so will just copy that:

1.Using Internet Explorer, go to your company's Outlook Web Access site. e.g. https://mail.mycompany.com/exchange (don't forget the "s" after http).

2.If your company's certificate is self-signed, you will be presented with a Security Alert, if the security alert doesn’t appear click on the pad lock icon in Internet explorer.

3.Click View Certificate button.

4.Click on the Details tab.

5.On the Details tab, click the Copy to File button on the lower right.

6.This will start the Welcome to the Certificate Export Wizard - click Next.

7.Choose the default format: DER encoded binary X.509 (.CER) - click Next.

8.Click Browse and navigate to your desktop. Give the file a name (e.g.MyCompanyCert) - click Next.

9.Click Finish, You should now have the certificate on your desktop.

10.The next step is to get the certificate onto your Pocket PC.

11.With ActiveSync installed on the workstation plug in the Pocket PC device.

12.Use the Explore button (in ActiveSync on your computer) to browse your device. Now, copy the certificate we created earlier into the My Documents folder on your device.

13.Once it's copied over, unplug your device from the workstation, and on the device find File Explorer in the Programs (on the device's Start Menu -> Programs).

14.Find the certificate in the My Documents folder, and click on it.

15.You will then be asked if you want to install/trust the certificate, answer Yes.

16.Your device should now be ready to sync with your Exchange Server.

17.Go into ActiveSync on the device (on the device's Start Menu -> Programs) and select Menu then Configure Server.

18.Enter in the domain name of your internally and externally resolvable Exchange server e.g. mail.companyname.com (leaving out the HTTPS) and tick the box for This server requires an encrypted (SSL) connection – click Next.

I hope this helps..

Posted by: ld555

I installed the certificate as detailed in the previous post. I receive an Error Code HTTP_401.

Why does activesync puts me back on my password, which is correct. And their are more * signs than their are letters in my password.

Tahnk you in advance.

Posted by: blackdoc

Has anyone managed to get the email certificate to work on the Treo 750 running WM5?

I have an exchange server synching OTA and had a TyTn working without a lot of problems, I am able to install the Personal, Intermediate and Root Certificates but when I create an email, if I try to sign or encrypt, I get error msg "The Message Cannot Be Signed/ or Encrypted"

What am I doing wrong? I can see all the certificates that I have installed in the respective stores on the Treo, just like on the TyTn, but the email client does not want to use them to sign, encrypt or decrypt

Posted by: MobileGonzo

Quote:

Originally Posted by blackdoc

Has anyone managed to get the email certificate to work on the Treo 750 running WM5?

I have an exchange server synching OTA and had a TyTn working without a lot of problems, I am able to install the Personal, Intermediate and Root Certificates but when I create an email, if I try to sign or encrypt, I get error msg "The Message Cannot Be Signed/ or Encrypted"

What am I doing wrong? I can see all the certificates that I have installed in the respective stores on the Treo, just like on the TyTn, but the email client does not want to use them to sign, encrypt or decrypt

The Microsoft Marketing Hype is misleading. Secure e-mail is supported, but only with a hardware based card reader. Soft certs are not supported. At TechEd last year, they showed a picture of the device. Basically a PDA with a Smart-card reader rubber-banded to the unit and interfaced through the SD slot.

Posted by: blackdoc

Quote:

Originally Posted by MobileGonzo

I copied an email certificate from the desktop onto my TyTn, it has been working flawlessly, IT IS possible, to my knowledge, the Treo 750v's certificate store is not locked, I was able to use the same method to install a Root, Intermediate and personal free email certificate from www.comodo.com
and can see all the certificates in the right place, however, when I try to encrypt or sign email, I get the error

Posted by: Islanti

Has anyone actually used S/MIME signing for email on their Windows Mobile 5 device and Exchange 2K3 SP2? I recently upgraded to a WM5 AKU3 Smartphone and one of the features I was looking forward to using was the S/MIME signatures and encryption. When I try to send a signed email the device says "The message cannot be signed because you do not have a certificate for sending signed email. Insert a smart card with the certificate."

I have selected the appropriate certificate via Activesync -> Configure Server -> Next -> Next -> (highlight E-mail) -> Settings (from menu) -> Advanced (from menu) -> Choose Certificate (from menu).

I have seen the Jacco de Leeuw page, which offers tools for importing a pfx certificate into Windows Mobile. This seems to work although WM5 doesn't provide much detail on the status of a particular certificate (such as thumbprint data or whether the private key is assocated with the certificate).

I also tried the PFX -> OpenSSL PEM method suggested on Jacco's page (under the crtimprt section). This also seems to work fine but no change.

I have a Thawte freemail certificate, which requires an intermediate certificate to be installed. I created the necessary cab file to import this. There's no way I know of to verify this, but importing the root CA the same way seemed to work fine.

I have my Thawte certificate working fine from the desktop. I have published it to the Exchange GAL via Outlook.

I'm stumped as to what else I could possibly do to enable this feature!

Posted by: blackdoc

Quote:

Originally Posted by Islanti

Has anyone actually used S/MIME signing for email on their Windows Mobile 5 device and Exchange 2K3 SP2? I recently upgraded to a WM5 AKU3 Smartphone and one of the features I was looking forward to using was the S/MIME signatures and encryption. When I try to send a signed email the device says "The message cannot be signed because you do not have a certificate for sending signed email. Insert a smart card with the certificate."

I have selected the appropriate certificate via Activesync -> Configure Server -> Next -> Next -> (highlight E-mail) -> Settings (from menu) -> Advanced (from menu) -> Choose Certificate (from menu).

I have seen the Jacco de Leeuw page, which offers tools for importing a pfx certificate into Windows Mobile. This seems to work although WM5 doesn't provide much detail on the status of a particular certificate (such as thumbprint data or whether the private key is assocated with the certificate).

I also tried the PFX -> OpenSSL PEM method suggested on Jacco's page (under the crtimprt section). This also seems to work fine but no change.

I have a Thawte freemail certificate, which requires an intermediate certificate to be installed. I created the necessary cab file to import this. There's no way I know of to verify this, but importing the root CA the same way seemed to work fine.

I have my Thawte certificate working fine from the desktop. I have published it to the Exchange GAL via Outlook.

I'm stumped as to what else I could possibly do to enable this feature!

I have used signed and encrypted emails on a QTEK 9100, HTC TyTn but struggling w the Treo 750v, I used Jacco's tool to install, I am no expert, but got it to work on the other devices, I know Smartphones are usually locked by the phone companies, you cannot add certificates yourself without more advanced tools, but many PPCs are easier, don't know why I am not gettign anywhere with the 750v so far, part of the problem is there isn't that much interest in the topic, in my line of work, due to govt regulations, I don't have a choice but to use encrypted email for some uses, if anyone suceeds, please share. I am willing to buy a new email certificate from the Verisign type CAs if needed.

Posted by: ggarrett

Just wanted to put my EAS Direct Push two-cents in and also ask a few questions. I have browsed through most of this thread and while some of the earlier posts sort of relate to my issue, they are from 2005 and so I would prefer to get some up to date information.

I have the Cingular Treo 750 and I set it up to receive email, calendar, and tasks "as items arrive" from my company's single Exchange server behind third party firewall configuration. Initially I was able to intermittently receive email, calendar, and tasks with "connection requires SSL" not checked on the device. I am an end user and do not have administrative access to our servers. I complained to IT department about the emails coming in anywhere between 2 - 30 minutes after my computer receives them and that my calendar and tasks rarely successfully sync (ill explain this later). However, the find online GAL feature worked perfect. My IT is experienced supporting Blackberries and so once they began troubleshooting my Microsoft Issues of course I was unable to receive anything at all on the device with the error that my account did not have authorization with the current configuration. After a few days without progress from IT, I decided to troubleshoot the best I can on my end and determined that they had implemented the "require SSL" policy in Exchange. I accessed Outlook Web Access from my laptop, viewed the security report and then copied all three chained certificates to .cer files using the default format (DER if I recall). I then copied these three .cer's to my device over USB and installed to root store by clicking each one in the order of top level to bottom level. I then enabled the "connection requires SSL" check box in Mobile ActiveSync and voila I was connected over-the-air again. This SSL CA solution may not work for everyone depending on how their company has setup their Exchange but considering its simplicity I think it is worth a try. Just remember that every cert in the "chain" has to be on the device.

As excited that I was to have this working again I decided to specify Mobile ActiveSync to download "all" calendar appointments, 1 month of email history for all subfolders to inbox (about 65 folders total), and to save all attachments to storage card and to do this "as items arrive". After clicking OK ActiveSync began syncing and concluded that I needed about 293 emails, 55 calendar, and 2 tasks. It zipped through all of this in a couple of minutes and when I checked to see if it worked I realized that I still have the same problem that I originally reported to IT.

The device only downloaded less that a week of history of emails, it didn’t download any calendar, or tasks. If I send a self test to my exchange account the device does not sync as the item arrives but rather some random time later. I can create an appointment on my calendar or a task on the computer (through Outlook) and it will never sync to the device. However, I have realized that if I go to OWA and view every email in the reading pane then the next random time that the device syncs it will download every email that I viewed in OWA unless they were older than 1 month. If I open a calendar event or task in OWA and click "save and close" the device will add those as soon as the next random sync occurs.

Sync has never been initiated as items arrive. If I do not use the OWA trick described above and then force a manual sync, ActiveSync on the first cycle seems to accurately determine the number of items that need to be synced but then skips through them very fast and does not download all of them. It then repeat syncs immediately following the first sync but this time always reports something like 0 of 22 emails, 0 of 2 calendars, and 0 of 1 tasks and just simply skips through them quickly. This process repeats two more times with the exact same numbers of detected changes and then activesync becomes stable until the next sync (some random number of minutes later). Every sync consists of 4 cycles of calendar, email, task synchronization.

I am determined to solve this problem since I know that Exchange ActiveSync Direct Push works well for many people. I am certain that there is probably an issue with the way our network architecture is configured. I have verified that we are running Exchange 2003 with SP2. My Exchange account is enabled for Direct Push and all Direct Push settings are enabled correctly. My guess is that it is related to one or more of the following issues:
- firewall http timeout set too low
- enterprise antivirus scan program
- method of authentication and/or port (443 vs 80)
- other unknown issues???

Has anyone here experienced similar conditions or have any tips that I may relay to my IT department?

Posted by: blackdoc

Quote:

Originally Posted by Islanti

got it to work w the help of Jacco, use PFXimport, NOT p12 for WM5 it works!!!

Posted by: Islanti

I've been talking to Jacco a bit but have been unable to get this working (still). No idea why.

Posted by: nv00021

Hey guys....great thread!!!

I just came over to a company that recently sitched to Excahnge SP2. There is a great IT guy that has been trying to help me out but has no experience with Windows Mobile devices as our company uses Blackberries and has a BES server.

He gave me the credentials and we inputed them together and evertyhing is fine when I am connected to Activesync via USB but when I try to connect via my Moto Q....I get an error message 0x80072EFD. SSL was NOT checked off (as opposed to my connection with 4smartphone that required it)

I brought this to our IT guys attention and he seemed to think that it was a carrier issue.....which I know it's not.

Is there any web page or definative guide that I can point him to so he can get a handle on this??

I appreciate any help....I HATE that f**cking Blackbery

and would love to get my 750v on the corporate excahnge server instead of using 4smartphone.

Thanks so much!!

NJV

Posted by: whtrbt7

Try turning off advanced network functionality in Start --> settings --> connections --> usb to pc.

If you are getting the error when you are connecting via EVDO, you need to perform a hard reset to the Q.

Posted by: nv00021

Quote:

Originally Posted by whtrbt7

Try turning off advanced network functionality in Start --> settings --> connections --> usb to pc.

If you are getting the error when you are connecting via EVDO, you need to perform a hard reset to the Q.

Thanks for the tip whtrbt7....but no luck....I tried it both on the 750v and on the Moto Q and still get the same error....

Waiting for Network Support Code 0x80072EFD

Any thing else I might try?

Thanks
NJV

Posted by: Islanti

Quote:

Originally Posted by blackdoc

got it to work w the help of Jacco, use PFXimport, NOT p12 for WM5 it works!!!

I was never able to get S/MIME working using the Thawte certificate, only a Comodo cert. It does work for signing, although encrypting is only using a 40-bit key.

Posted by: Kyle44

I was a nextel guy and have just switched to Verizon. I am new to the smartphone/pda (I have the 6700) and have a issue already.

I tried to sign in to hotmail or msn messenger through the msn program on the phone. When I try to sign in it says I do not have a valid server certificate. It says this is usually if the phones date does not match todays date. It is the correct date. Any ideas??

Thank you

Posted by: stoal76

nv00021, have you tried rebooting your device after unplugging it from the USB cable?

I have a strange problem with our devices not synchronising correctly after plugging into a PC's USB cable and synchronising, but a reboot after removing from the PC makes it work.

I suspect a name resolution problem, because our internal server IP address is different to our external server IP address.

I have contacted iMate about this problem but they were not much help.

Good luck

Posted by: kxgard3

Can someone point me in the direction of a good guide to setting up a Exchange Server, and then configuring it for Direct Push?

Posted by: signs

Quote:

Originally Posted by kxgard3

Can someone point me in the direction of a good guide to setting up a Exchange Server, and then configuring it for Direct Push?

There is a lot of reading, but here ya go:
http://www.microsoft.com/technet/it...le/default.mspx

Posted by: kxgard3

Quote:

Originally Posted by signs

There is a lot of reading, but here ya go:
http://www.microsoft.com/technet/it...le/default.mspx

Thanks

Right now I just have Server 2003 installed, so I guess I need to get exchange on the machine.

Posted by: signs

Quote:

Originally Posted by kxgard3

Thanks

Right now I just have Server 2003 installed, so I guess I need to get exchange on the machine.

where I used to work they had a SBS 2003 (small business server), and Exchange came bundled with it, in one of the CDs.

Posted by: nv00021

Hey guys....I have written on this forum before and I am a little (OK a LOT) confused with the certificate issue.

Here is the error message I am receiving in Activesync:

Error code 0x80072F0D
The security certuificate on the server is invalid. Contact your Exchange Server Admin or ISP to install a valid certificate on the server.

How do I look up or find what certificate is needed?

Any help would be appreciated....I am a total noob when it comes to any server type issues.

Thanks
NJV

Posted by: dwill79

Quote:

Originally Posted by seaneraz

I previously had activesync setup correctly without Push Email, using activesync over GPRS and WiFi.
I recently upgraded the ROM and Exchange SP2 and I am attempting to get them to activesync, but no dice. I have created and installed the nself signed cert with out issue. Whenever I attempt to activesync i get an error about obtaining the network certificate w/ the support code 0x85030027.
I have verified the FQDN on the cert, I have verified the access to the OWA and OMA websites, I have verified that those site are using the specified cert. Can anyone bring clarity to this error?

Thanks a ton!

Not sure if this help, but I have just had the same problem.

The way I fixed it, which seems really bizarre was:

Go into active sync remove one letter from the server name > click next to go onto the next screen.
Click back to go back to the previous screen > put the letter back in > click next > put your password back in > click next again and then finish.

I think this must reset the active sync settings to the server, removing any records ofthe connection to the server and re-instating them.

This may not work for you but it did for us.

I couldn't find anything else on the web to fix the problem we had. Hope this works for you.

Posted by: wbierman

Greetings.

I am using ActiveSync 4.1 to connect my Palm Treo (on Verizon) to my Exchange server running on Windows 2003 Small Business Server.

When I start a synchronization, the phone tells me "Synchronizing folders", and I have confirmed using Ethereal that there is traffic being sent between the phone and Windows Server in both directions, so it does not seem like a firewall issue. The problem is that it never gets passed "Synchronizing folders" and eventually gives up saying "Waiting for network" and an error status code of 0x80072EE4.

There are two other phones synchronizing with this sever, and all three are the same model (I believe it is a 700w or 700wx). All three started having this problem around the same time. All three can successfully synchronize with other Exchange servers. Because of this, I am convinced it is a problem with my Exchange server settings... but I have no idea what to look for.

I am using SSL, and I assume the only traffic I should be seeing is on port 443 on the Exchange Server.

Any assistance would be greatly appreciated. I can provide whatever additional information is necessary.

Posted by: mckmas8808

I just got the Sprint 6800 and I'm having problems with ActiveSync to my Exchange account at my job.

The error code that I keep getting is Support code: 0x85010001

Does anybody know what the problem could be. I'm not checking the SSL box and I can access my email from OWA.

Help!!

Posted by: Himmatwala

I recently got a wing, I configured my outlook to sync with the exchange server 2003.

When I am connected to laptop using the USB, everything works fine, all my contacts, meetings and emails are synced properly.

Problem:
Close outlook on my laptop. Then when I try to sync to the exchange server using Wifi or GPRS, it looks as if everything is syncing ok, like it counts the contacts, emails, meetings but it does not download anything, but when I logon to Outlook on my laptop , I do get my email on my wing though the Wing IS NOT connected to my laptop using USB.

Any Idea why is it happening or any solution.

Any help will highly appreciated.

Thanks

Posted by: whtrbt7

@mckmas8808
You have the wrong FQDN address. The error that you got means that you reached an invalid server address.

@himmatwala
You don't have Activesync set up to pull directly down from the Exchange server. You need to kill the Activesync connection via USB first and then disconnect the Wing from the USB. Then set up Activesync on the phone directly with the correct FQDN and credentials to log into the Exchange server. After that is set up, you just need to synchronize and everything should be fine.

Posted by: cleatus356

I have an HTC P4300 with Activesync 4.2. I have WM set up for DirectPush. When I attach the GPRS, I seem to receive emails ok for a while (seems to vary from 15 minutes to an hour) and then for some reason I start getting the 0x85010004 support code. My GPRS is still attached at this point, but will eventually disconnect.

The only way I can get the activesync to start pushing emails again is to disconnect and reconnect the GPRS.

Does anyone have any suggestions on what I can do to improve the performance? Thanks!!

Posted by: JDog001

I have the same error code as Cleatus (0x85010004)with an HTC6800 although mine will not sync at all. Error "Your account in Microsoft Exchange Server does not have permission to synchronize with your current setttings. Contact your Exchange Server administrator."

While I wait endlessly for my helpdesk to provide assistance, can anyone here provide some help?

Thanks

Posted by: cleatus356

I have another question regarding the COMM Manager in WM5. I always have an x thru the ActiveSync button...should this be yellow like the other icons that are working (Direct Push, Bluetooth, etc.)

Also, there appears to be a possible solution to this at the following website:

http://forums.microsoft.com/TechNet...75005&SiteID=17

It appears to be server related when there are multiple ip addresses. If someone has any other information, please let me know.

Posted by: pierluigicdc

Hi To everybody,

I'm triyng to decode TCP data of an http response generated by a HTTP request, but the http response is like this:

HTTP/1.1 200 OK
Last-Modified: Fri, 01 Dec 2006 01:30:03 GMT
Cache-control: max-age=86400
Expires: Sat, 15 Dec 2007 10:32:59 GMT
Content-Type: image/gif
Content-Length: 697
Date: Fri, 14 Dec 2007 10:32:59 GMT
Server: GFE/1.3
Content-Encoding: deflate
Warning: 214 MSP-PROXY TransformationApplied

the TCP payload of the response is a gif image, also i know that the content-encoding is "DEFLATE", but i see that the image is not compressed with deflate alghoritm.

Does anybody knows wich compression is applied to the TCP payload?

What does "Warning: 214 MSP-PROXY TransformationApplied" means?

Please help me.

Posted by: DuoFromHell

Hi whtrbt7. As my name implies I am have trouble connecting my Pantec Duo to exchange. It is exchange 2003 sp2. The recommended settings are on and "checked" using the following as a template. http://msexchangeteam.com/videos/9/...ntry426996.aspx I have verified account settings, passwords and the basics. DNS, IP, Etc. I have other windows mobile 5 users connected. However this Duo attempts to sync. I get an error on the duo. Support code 0x85010006. So I exported a cert and imported it to WM6. No go. No change, still the error code. Anthing I may have missed. Any additional insite? Gas and a match perhaps?

Thanks

Posted by: DuoFromHell

Found this. No sure if it helps anyone else.
http://www.shijaz.com/exchange/activesync_errors.htm

Posted by: morimoto

I don't know what Status code 80830003 is either but I may have a workaround that I wanted to share. I noticed this problem on an AT&T 8525 (WM5) running wireless mobile activesync to an exchange server. I simply went into the activesync options and reduced the number of days email synchronization for 3 days to 1 day and it seems to sync.

Restoring it to 3 days seems to cause the error to come back so I'm suspecting either a local phone capacity issue or the inability to process an email/attachment in the synchronization batch. I don't know why and its an uneducated guess but I thought I'd pass it along.

Just my personal opinion/frustration but... I wish Microsoft would get serious about enterprise applicability and a) document its codes, b) reduce the price/complexity/hardware requirements of its products to make them feasible for small and medium sized customers so that c) things just work.

Posted by: euphoria47

Hello,

I have been fighting an issue for several weeks now and I am at the end of my tether.

I use gmail on wm6.1. I have it set up for automatic schedule every 30 mins, but it does not reliably do so. Sometimes my phone will chirp within 30 mins of an email being sent. Some days though, if I don't manually sync, the phone will not connect and fetch new messages while in standby.

Sometimes when I am using the phone (lets say I am playing a game), it will connect and download a several hour old message, so the issue I think is standby related. I have already set my "battery resuming from suspend timeout" reg setting to 90 seconds. My autodisconnect for idle GPRS is 2 minutes. Still no luck.

I have tried changing within gmail to only sync messages "from now on" to avoid lengthy header alignment issues, still no fix. It just seems that if I want to know if there is a new email for me I will have to manually sync, because I cannot trust the phone to do it (maybe 30% of the time it works)

I have been tackling this issue with people from xda-devs (I am not the only one with this), and no decent fix has been found there. Now I try here.

Any ideas?