My ISP blocks all ports below 1024 so I had to setup my SBS2003 Exchange server to run on port 8080 (HTTP) & 4443 (HTTPS), which works perfectly (tested locally & on remote locations).
When I add the correct secure portnumber to the server address (ActiveSync > Tools > Configure Server Source), ActiveSync cannot find our Exchange Server. When I remove the portnumber everything works fine as long as I'm on my local network.
I enter it like this: exchangeserverdomain.com:4443
I have OWA running perfectly by using the same external server address:<port>, and all needed certificates are on my WM6 device (it's the HTC Touch Dual).
Seems like ActiveSync doesn't like portnumbers.
Any tips?
Me 2
I'm having a similar problem.
Anyone can help?
Many thanks in advance.
Pozi.
If anyone has found a solution for this, I sure would appreciate knowing. As I'm sure you found, older stuff retrieved by Google makes it clear that MS just didn't provide support for ActiveSync on custom ports in previous WM versions, but couldn't they have remedied this oversight by now? Reg key?
Active sync - Exchange: SSL over a non-default port - Solved in WM65 ?
Any idea if there is a workaround for this problem in WM 6.5 ?
thanks,
Koen.
No, I don't know if WM6.5 finally added the ability to specify port number for Activesync server.
We solved this need by using "SSL host headers," which permit multiple IIS sites to use the default SSL port 443 with different host names. Although the IIS (6.0) GUI doesn't provide this capability, it can be done at the command line using adsutil.vbs found in Inetpub\adminscripts. It requires a wildcard SSL certificate, is a little tricky to get right, and results in a misleading error message in the event log every time IIS starts, but it does work reliably.
See:
http://www.microsoft.com/technet/pr...108-b1a7-494d-885d-f8941b07554c.mspx?mfr=true
ISP blocks all well-known ports - server activesync not working
thanks for the information, the configuration of Exchange is indeed not an issue.
Problem is that my ISP blocks all well-known (service) ports like 443,...
I would like to configure server activesync to use a different port (above 1024).
The Activesync interface on Windows mobile does not allow to enter a port number to specify the protocol.
eg. remote.company.com:4433 is automatically changed back to remote.company.com.
Any idea of a reg-key on WM to change the port to use for server activesync ?
If there is a way to do that in WM65, I don't know about it.
What kind of ISP "blocks all well-known ports"?
Good luck.
Not a solution per se but could you use SevenBeta to get your mail pushed? i think it works as long as you can get to the OWA server from the device. probably wouldn't give you contacts but at least you'd get mail while out of the office.
It's not Exchange, but the client...
I dislike it's come to this but it's true, the iPhone handles this over custom ssl ports just fine and I have not come across anything else that does. I do not know why. With the iPhone or iPod touch too I'd guess, you just enter your email address and password. It tries the regular ports and fails, and where you enter the server you enter your port like servername:customsslport and then you have full active synch abilities, synched email, all your subfolders, and the option to synch calendar and address book too.
I recently tried an android phone and looking for a solution, at this very site found out windows phones couldn't do this either... Developers have tried to give google this code correction but they won't accept it for whatever reason. I ended up using a tether to my old iPhone just to get decent ActiveSynch over custom SSL ports until I gave in and took back the Atrix for the newer iPhone, as my old phone was falling apart and was the older slower one. I've tried 2.1 & 2.2 Android phones and when you try to enter the port using serverort syntax you get invalid server format or the save button just gets grayed out until you remove the port. There's a few buggy market apps that sorta work in a limited way. It's possible the Blackberry may allow custom ssl ports on Exchange synch setup too, but I don't know, only that Windows and Android phones had issues with this but it works perfect on the iPhone, so it can't be a limitation of Exchange exactly. I haven't run into any good desktop clients for this, but to access full mobile email, synching even sent items and pushing select custom folders, calendar and contacts the iPhone truly synchs all these fine by entering the same port you use for custom OWA ssl in the Exchange email setup. I wish even desktop Outlook handled custom ssl port synching this well, and I'm not sure how the iPhone does it, as it seems very lightweight.
http://forum.xda-developers.com/showthread.php?t=602494
Lukasss said:
My ISP blocks all ports below 1024 so I had to setup my SBS2003 Exchange server to run on port 8080 (HTTP) & 4443 (HTTPS), which works perfectly (tested locally & on remote locations).
When I add the correct secure portnumber to the server address (ActiveSync > Tools > Configure Server Source), ActiveSync cannot find our Exchange Server. When I remove the portnumber everything works fine as long as I'm on my local network.
I enter it like this: exchangeserverdomain.com:4443
I have OWA running perfectly by using the same external server address:<port>, and all needed certificates are on my WM6 device (it's the HTC Touch Dual).
Seems like ActiveSync doesn't like portnumbers.
Any tips?
Click to expand...
Click to collapse
hmmm this is interesting
Related
I'm trying to synchronizise with the exchange server at my work.
But for some reason it doesn't work. I've filled in everything in the right way (address, domein etc.) the fault code is 80070002.
Can somebody help me with this?
same here at home (no firewalls)
Works fine for me. Exchange server needs just some configuration.
Priit said:
Works fine for me. Exchange server needs just some configuration.
Click to expand...
Click to collapse
What kind of configuration?
First, your Outlook Web Access (yes, OWA!) can not use forms based authentication nor SSL encryption. If you don want to use these (you most probably want to use SSL) then you need to create another virtual OWA directory without SSL and force ActiveSync (and Outlook Mobile Access) to use it.
More information at
http://support.microsoft.com/default.aspx?scid=kb;en-us;817379
Check if you can access OMA (Outlook Mobile Access) using http://yourserver/oma and check also Exchange server logs.
I thought this wasn't supported on WM5 until AKU 2.0 comes out (hopefully soon)
So ur saving I have to turn Forms authentication off and ssl off on OWA for my mobile device to work ?
sounds a bit of a poor show.
I need Forms based auth ideally as it goes through firewalls where as the other type does not.
Ours works here and we use SSL.
For the server name make sure you are using the fully qualified domain name that you use from the internet. IE: mail.domain.com. You don't have to put the /exchange on the end.
username, password and domain are all the same as what you use to log in.
OH, and the certificate you use on the server should be for mail.domain.com and not servername.
Hope this helps.
@spartanrob: DirectPush needs AKU2.0. You have always had possibility to sync manually. Or if your operator provides e-mail to SMS then you have the same functionality already today.
@Karzi:
No, I'm not saying you have to turn off SSL and/or forms-based auth., but you need to create another virtual OWA directory, which does not require SSL and forms-based authentication. You can limit access to this directory to localhost only so there will be no security concerns.
@MrHappy:
Your server is probably set up in that way.
Please go read this it helped me with the same error
http://hardware.mcse.ms/archive35-2005-11-248477.html
Basicly says that you have to download the cert from https://server.domain.com/certsrv then install the certificate on your desktop and your handheld then activesync will work....
I was hesitant but it worked for me.... it changed the path in the cert from my ip to my server.domain.com
Hi guys,
Right i have an XDA exec and an XDA mini , ones for work ones for personal use.
I've set up an exchange server at home for the mini however it has to listen on port 8080 (the web outlook frontend).
However I'm trying to connect the activesync client to this via
address:8080 in the server field on the device but it doesn't seem to work
I can obviously access the site via 8080 on http but not via activesync. I've tried this on both the XDA MINI and the XDA EXEC and neither can access the server and i can't move the ports .
does the client support ports?
can you override them?
help!!!!
Activesync works by default over port 80 (non-secure) and 443 (secure) only. There may be a reg hack but I am unaware of one. If your cable or phone company is blocking port 80 just install a certificate, which you REALLY should be using anyway) and connect over 443 using SSL.
this is the problem, both portss 80 and 443 are taken up already by an apache web server.
I have exchange running under a virtual machine on the linux server. The windows 2003 box intergates with the existing mail sub system giving me access to the pop3 and smtp service on the linux side of things so its transparrent.
So apache runs on both port 80 and 443 so I can't bind anything to them.
I was looking into a reg hack if there was one.
If i find anything i'll post it but until then i have the same problem...which is a real annoyance!
the other thing is that the server i'm working with is only allowing port 8080 to be directed to it. Does activesync use any other port for the sync via web? As that might be the other problem.
right i've found a partial solution.
What i've done is use mod_proxy as part of the apache2 stuff to do a reverse proxy to the server over a virtual host on the system...
soo all traffic for the virtual domain foo.com goes to 192.168.1.20 which is the server behind the firewall (which just happens to be a bridged virtual machine).
That means now I can access exchange web via http on port 80 so atcive syn now connect to it.
unforutnately the crap thing is now active sync constantly asks for a username and password all the time and doesn't sync. So I'm guess it can see the server but not get any further...
so does anyone know if active sync needs access to any other ports as I can forward them much easily through the firewall.
help and thoughts please .
HAHAHAHAH GOTCHA
right that did it...
two things..i'd made a mistake int he domain name on active sync and added an E into the domain name where I should have!
also because i'd promoted the VM to a Domain Controller after installing IIS etc I had to re-register the ASP.NET framework so OMA worked.
I now have push mail working on linux out of a VM whilst apache is running on the same box
nice
Can I challenge you to document your setup and post it on a new thread for others to learn from?
yeah i'll do that , currently however I've been having a bit of a war with the SSL setup as the first pass was "open communications"
I've hit a snag where access to to OWA works for everything bar for internet explorer. I think i know the problem and have a solution so once I've tried that I'll document it and get it up here.
I do have reversed proxy SSL working to exchange though so now everything is secure and I can access OWA via firefox so again thats cool.
The I.E thing im certain is an issue with the actually app and that when it detects I.E it trys to be all clever but unfortuantely the domains don't match atm so its https://foo.com/exchange to http://bar.com/exchange and because of the domain name difference its getting a little twitcy.
theres three solutions, re-install everything from scratch (fat chance).
try to convert the active dicrectory domain to the one that matches foo (have you READ the documentation!....80 odd pages or something). Or change the https domain name on apache and redo the certificate (nice and easy but i'll do it tuesday).
once I can get it working seamlessly i'll do the docus
I can connect my device to the in-house Wlan and I get assigned an IP address like it should. I am able to browse the net (IE) using the Wlan and I can even go to the HTTP webmail site but when I set up a POP3 e-mail account I get the error message that I cannot connect with the current settings. Suggestions?
The other strange thing is that I am able to login on a local server using Terminal Services, but I can only connect to the IP address, not the hostname.
Perhaps I should mention that I have an own domain so the mailbox I'm trying to connect is a completely seperate mailbox and should work 'native' with POP3 port 25 settings. This shouldn't be a problem as far as I can see, but it still doesn't work...
I did some more testing, the weird thing is that I can send e-mails using the WLAN connection, but cannot receive them. The connection towards the server seems to be good (I didn't use seperate settings for SMTP) so DNS seems to be correct as well.
Right, I'm not under the impression a terribly large population of users are dying just to solve my problem, but since I located the source of the problem I thought I'd post it here for other users to find.
The problem I was faced with had actually nothing to do with the WiFi at all, it was the POP3 server that was the problem. The connection was fine, sending the mails was fine it's just that the POP3 daemon of the Direct Admin hosting control panel (vmpop3d-e) is unable to work with Windows Mobile 5 due to some kind of problem I don't even begin to understand (nor would I want to).
If you have your own domain and your hoster is running the Direct Admin control panel you won't be able to use the e-mail POP3 function. Instead, use the IMAP4 function which does work.
DA Forum PDA topic
when you set up your mailbox (menu - tools - options) go to the 3rd screen and click options. There you tell it what connection you want. I'd be willing to bet thats where your problem is.
E-mail client doesnt work on my wizard eather. I can receive mail, but sending it is impossibl. I think I tried everything.
If anyone have any suggestions what can I do please tell me.
THX
@primossz, you're pretty active on this forum :wink:
You need to first install the client software provided by your're ISP. So if you use T-mobile you can let T-mobile send the parameters via SMS to yor're cellphone. Just login to your're ISP provider for that on the WWW.
Greetz ET
I am using mail2web free service to have my mail pushed to my WM5 device, but I don't like the idea of forwarding my private email to a company I don't know and I don't trust.
Normally I have my email at a home mail server running linux, and I was wondering if there's any open/free solution compatible with directpush technology to replace the need for an exchange 2003 server.
If it does not exist (i have been searching and couldn't find it), what is preventing someone of writing a free replacement? patent issues? authentication issues? I haven't sniffed the protocol yet, but I think it's impossible that no one has thought about it before... wouldn't you like to have your home imap server pushing your inbox to your PocketPC phone? If the protocol is not very obscure it should be easy to write a daemon that does it...
any thoughts or experiences?
Kerio Mail Server has the push compatibility.
Not free though, but it is an alternative to Exchange.
Their latest beta supports it. I reported a bug to them re: contacts getting corrupted but they say they fixed that in the latest build.
Can't retest now since that server is at another site I won't be visiting for a while.
Hmm the directpush "protocol" is pretty trivial it shouldn't be impossible to implement an open alternative.
I installed the latest Kerio MailServer yesterday. It works great!
Especially nice is that it runs on XP as well as Linux. Too bad about the price!
pof, have you had the chance to sniff the protocol?
not yet ivorh, been too busy with many other things, but this is still on the queue
sniffed
Heh, got bored so I setup an exchange account and sniffed the packets.
I'll go through them and post some details when I get a chance.
great ivorh!
Can you attach a capture in pcap format?
update and thoughts
Pof,
Hmm, ok a bit more thinking and digging and I'm not sure implementing an open alternative directly is that useful. Let me explain why:
The direct push only works with the outlook exchange active sync. When the device gets a "direct push" byte, it triggers a sync with exchange - the functionality is tightly bound together, and as far as I can tell you cant dip in and get it to do something else. So to get it working you would need a server providing the exchange http interface. This wouldn't be impossible but would need a lot of effort for little benefit.
I took a look at the open-exchange but that doesn't seem like an ideal solution since it would require a completely different server installed rather than IMAP or POP and as far as I can tell the Outlook connector isn't one of the open-source components anyway.
Now what I'm currently thinking would be a neat workaround would be to implement a custom "direct-push" to basically do exactly the same, have a client app on the device open an http connection to a server running, er, "OpenPush" if you like... use exactly the same technique of a keep-alive connection and occasional heartbeats, but on a message notification on the client get the client to trigger an IMAP pull.
Now this is where I need some advice.... I haven't done any Windows Mobile development yet, so can anyone tell me what sort of API is available to the messaging app? Can you/how do you trigger a mail pull? (oh someone please tell me it's not the same horrible old MAPI interface??).
PS I've just been capturing the data using a simple http proxy actually, I'll make some samples and upload them with descriptions.
Cheers,
Ivor.
http://www.ivor.it
Hi pof,
try funambol. It was formerly known as Sync4j. I once found it when I searched a complete sync solution that I could implement in the mailserver of my company. We are using kolab so I only tried the old Sync4j cause there is a kolab connector available for v2.3.
v3.0 implements (real) Push-Mail. Microsoft Active Push works with a http connection that is opened by the client. Funambol Push-Mail connects to a port the client opens. I didn't want to test any further cause I'm using a Wapflat and thus only get an internal IP and have to use a proxy.
http://www.funambol.com/opensource/
Perhaps this is what you are searching for
What I forgot to say: For funambol you install a java program on your phone wich will insert the received mails in your Pocket Outlook
Yay!
Pof,
Ha! Ok I've whipped up a version 0.0.0 of OpenPush. and it works rather nicely!
Basically it consists of two parts one is an app that runs on the mobile and operates in the same manner as DirectPush. It opens up a socket connection to the server and waits for a notification byte. If it recieves a byte it kicks off a mail retrieval.
The other is a daemon that runs on the server and watches for a change in the users mailbox if it changes (i.e. a mail has arrived) then it pops a byte down the socket.
It just needs finishing now...
Currently the daemon is just an app that listens on a dedicated socket. I plan on turning it into a mod_perl module and using http keep-alive in the same fashion as directpush.
Regards,
Ivor
ivorh, that sounds cool!!
I had a look at funambol but seems too 'bloated' for my needs, I think your OpenPush will be more tight to what I was looking for, so if you want a beta tester just send a link to it
Is there any specific server configuration? I am running a Gentoo server with courier-imap, sendmail and apache2.
Any chance you could extend the daemon so other programs can tie into your new-item notification? It would be cool to write a program that can keep files synchronized over-the-air with a desktop machine using push sychronization.
Pof,
Yeah it's just a prototype at the moment. So I need to write it properly next. At the moment the requirements are simply "perl". It's independent of mail system, it simply monitors a directory/file you give it for changes.
I'm going to write it to be a mod_perl module for various reasons, so the requirements will be just apache and mod_perl.
I'll hack some more tonight and try and get a 0.0.1 ready.
aatreya,
Well I'll keep it simple for now and just doing one job well.
Sound interesting to me.
I am new to this. Pardon me for some questions.
Do I need to buy a server at home?
This server can be any OS?
I am really happy to see some people trying to do just about the same I intended to. Today I started experimenting with Open-Xchange. I also have a Gentoo server that provides an ebuild for Open-Xchange, but after a bit of browsing it just seems like the thing MS Exchange and OX have in common is the similarity of their names. So installing OX and doing all the Exchange stuff with it does not seem to be an option.
So I looked into Funambol - sort of again. About a year ago I already tried to get Sync4J running to sync my SyncML phone. I did not succeed, but that just makes me eager to try it harder this time.
I also have to use a Proxy-Server for my GPRS connection but I want to have it working via WLAN, too, hence without proxy and the whole tunneling disco.
PS: Ivor, I am glad to meet You once again. When our roads crossed the last time, You just figured out how to get the CLE266 MPEG2 stuff working, respect!
A very rough pre-alpha version should be ready this weekend. I can only apologise in advance for the quality of my WM5 app!
But it's "working for me".
CWKJ,
At the moment the "server" is a simply perl app that watches for changes to a directory or file so its pretty portable. I run it on linux since that's what my mailserver is on.
As for needing a server at home... well its entirely up to you, really you want the server running wherever your mail is retrieved from.
If the app/system gets a bit more polished and advanced you might even find independent ISP's willing to add it as a service.
rabinath,
Heh! Small world.
I'd also like to be considered for Beta testing when available,
I run Ubuntu 5.10 Server at home, hosting 5 domains for myself, and would Love to not have to forward them through mail2web anymore as I don't like to reply because it will go through Mail2Web. I know I can create a separate "account" in Pocket Outlook but you can only have 5. I need more than that...
with direct push over the o2 wap proxy all https conections are closed after 2 min. this is becausse all 2 minutes a new sync is needed. This eats much battery. So why is it nnot possible to mak e a ppc client that just sends the current ip adsress to the client on the server. and the server just push the email to the known ip adress. The client on ppc just has to send a new ip in case it changes. this wouldt be much better for battery life.
Thats the reason Exchange-Activesync works the way that it does. The server sends out a text message that is handled at the system level on the PPC, and this is basically an instruction to sync with the server. No unneeded traffic just to check if there is anything new.
Most Celllar service providers are using NAT technology so reporting your IP address to a server and telling it to make a connection to that IP, would just be telling the server to connect to the "gateway" back into the Cellular network. A text message sent to what is called the "SMTP Gateway" for each service provider will get to the phone no matter if the phones IP changes.
Morning - looks like I am one of the few in the Uk to have got my Nexus - arrived yesterday morning complete with engraving on the back.
As an aside the DHL tracking on the web still shows as only "shipment details received"!
The reason for my post is getting email from my Exchange server - it all works fine with my iPhone and Hero, but when ever I try to connect with the Nexus I keep getting "Setup could not finish - Unable to open connection to the server"
I have tried Touchdown and it is also upable to get the activesync profile from my server! gets a Error 500:
Is there something simple I am missing? I am able to browse the wen and get my gmail on the device but no exchange!
Any help would be great
Thanks
John
I have been able to use both the Android mail connection & Touchdown to connect to my hosted Exchange server (2007) using SSL, I guess as you have connected from other devices you must know the settings of the server.
Are you connecting via Wifi or 3G ?
Shouldn't make a difference, but which carrier are you on & did you get the 3G correct ?
Can you connect to the server on OWA via the browser ?
Good luck
Working fine for me, have you tried playing around with the settings? E.g. mine doesn't work unless I've checked the SLL box (but not the accept SLL certificates box), and make sure you precede the username with domain\
tried on both 3g and wifi - both no joy
just been looking for roadsync on the market and I don't appear to have any paid apps either...
been using an O2 sim just putting my orange sim to see if it makes a difference but doubt it will as wifi doesn't work...
stumpted!
I originally had a problem connecting with the native activesync with a similar error, however touchdown worked fine. I would try touchdown quick config and see if it can figure it out. You also might need to look at the certificate options under touchdown. Forcing that might help.
I have tried again with Touchdown - and managed to capture these results from the log:
I have reset my hero and reconnected to my exchange server and it connects fine...
I have called HTC to arrange a hardware replacement but the guy on the phone didn't seem to know what he was doing.
Checking Certificate...
Checking ActiveSync with SSL...
ActiveSync location returned HTTP code 500 : ( The request was rejected by the HTTP filter. Contact the server administrator. )
ActiveSync Version :ActiveSync ERROR :500
Trying activesync protocol 121...
ActiveSync provisioning returns HTTP:400
Error provisioning ActiveSync: Policy status is 0
Trying activesync protocol 2.5...
ActiveSync provisioning returns HTTP:200
ActiveSync provisioning success
The following policies have been requested :
- Allow Simple password
Refreshing AS folders
Error refreshing folders
Socket is not connected:Exception performing request
ActiveSync version check returned negative, but still trying for 12.1
Checking 2007 with SSL...
attr value delimiter missing! (position:START_TAG <HTML dir='null'>@2:11 in [email protected]) for operation: Subscribe-> Error renewing a subscription
Socket is not connected for operation: Subscribe-> Error renewing a subscription
Checking 2003 with SSL...
Checking 2003 without SSL...
Socket is not connected:Exception performing request
Would welcome any help from someone wiser than me
Cheers
John
How did you capture the log from Touchdown?
I'm using Touchdown here as well and have no issues to speak of. From what it looks like it might be something server-side?
Quick connect in touchdown captures the log as it tries to connect.
I agree it all points towards a server issue, but what is different between the nexus and the hero? I have reset my hero and reconnected with the standard android active sync connnector and it works fine. I use a neuxs with the exact same settings on either touchdown or the android connector and it fails!
It is driving me mad - I have synced my outlook contacts with my gmail account so I at least have numbers etc. but without email this phone is going to end up on ebay real fast
John
Not sure, but have you set the simple password in Touchdown? It looks like that is a required policy and if touchdown doesn't report back that it is set you won't be able to configure.
because the hero doesn't support the simple pin I got my exchange admin to remove this requirement for me
An even bigger thing for me was the lack of Exchange Calendar Sync on the N1. Seems a terrible omission when the Droid/Milestone supports it without trouble.