Hi all,
We have some HTC Hero's in my office and they have been connecting fine to the MS Exchange Servers for our e-mails fine through active sync.
But yesterday the IT Guys updated the Security Certificates and now we get an error message telling us that the site is not trusted anymore.
We have been sent some updated certificates for windows mobile phones, they are .p7c file, and some files called certificate.cer and intcertificate.cer.
My question is do these files work ok on the android O/S and they arent going to mess up the phone?
Thanks for any support you can offer,
I've not had a problem like this following our exchange certificates being updated. They've just worked
Only thing I could suggest is that you have SSL turned on in your exchange account settings on the Hero.
Hi,
In my organisation, the certificate for OWA is signed by a self signed CA. The first time I synched my Hero, it told me the certificate was invalid. I clicked on the Allow button, it never bothered me again.
I didn't find anyway to import external certificate (CA or server), but it doesn't seem to be needed.
Hi,I have the same question about sync to exchange2007.
At first ,you choice the allow button,it not bother you only at the live session.
If you restart you Hero, it told again, It's so unconfortable.
How to join the .cer file in the android? If the system believe the .cer,maybe it's working well.
Does anyone know the answer to this one?
Related
I have an O2 XDA mini S.
I have spent about 12 hours trying to configure it, and am having a complete nightmare. Am completly stuck and hoping someone can help me.
I have put in all the settings on the XDA and told it to sync with our exchange server. The device connects and you can see it syncronising eg Calander 6/6, emails 60/60.
So it all looks like it is working I then go into my outlook email folder on the device and all my folders are there but they're all empty. I have altered the syncronisation options so it syncronise all my folders for the last 3 days, but still nothing.
Strangely if I create a calander appointment on the XDA it does get syncronised back to the calendar on the exchange server. The same if I send an e-mail, the e-mail does get sent and ends up on my exchange servers sent items.
So basically anything created on the XDA gets synced back to the exchange server, but anything created on the exchange server does not get synced across to the XDA. Even though when you connect it looks like it does.
We are using Exchange 2003 SP2, and ActiveSync Version 4.1.
Any help would be very much appreciated as we have bought 5 of these XDA's for all the top brass at my company and they are breathing down my neck asking when they are going to be set up.
Hi,
I'm sure you have already checked, but are the folders set to synchronise within Outlook on the device.
Menu/Tools/Manage Folders and put a cross in the appropriate boxes.
Apologies if you had already done this.
Regards,
White.
Thanks for the reply and yes I have already done that.
To clarify some of my earlier statements I am trying to do this wirelessly using GPRS, but to rule out any firewall problems (we use ISA 2004), I have plugged the device into my PC using a USB connection I have then changed the server address to the local address and the same thing happens.
The only slightly odd thing I'm doing is using an HTTP connection as I can't get the certificates to be accepted on the device for an HTTPS connection.
Duplicate post deleted,
Sorry.
Regards,
White.
Try this link
http://www.msexchange.org/tutorials...ng-Part1-Microsoft-DirectPush-technology.html
for me it works fine so I will try to help... but lets try the link first.
Have checked through our configuration with regard to the above link and everything is fine.
I just don't understand as the XDA appears to connect okay, and seem to be uploading from the server, it can also send things back to the server. It just doesn't actually recive anything.
It's so frustrating eg it will say reciving 0/61 e-mails it will then go to 61/61, eg like it has dowloaded them, but when you look nothing is there. It must be talking to the server though as it knows how many e-mails there are.
Not much help here..............
..............but I gave up with our exchange server !! 8-(
I, too, couldn't get past the certificate error.
Really pi**es me off !! Yet I can lie in bed @ home and VPN onto the server desktop via my XDA and my home WiFi switch/router and read my emails via the server's IE via the company intranet.....<shrug>
I HATE MS sooooooooooooooooo much !!
Enough redundant posting already !!
I agree
I agree it's crazy about the certificates, it's just bizarre that it doesn't give you the option to accept the certificate anyway. As I'm stuck with using HTTP now which is obviously not very secure. Well I would be stuck using HTTP if I could get it to work, but as posted before it just doesn't.
So stuck with dowloading my e-mails using IMAP, and syncing my calandar using a usb cable, which is not ideal.
Anyway once again any insight or help would be great.
http://support.microsoft.com/kb/817379/en-us
Method 2 is what I've had to do to my exchange server to get anything working.
Thanks
Have already made the changes discussed in the article, as before I did that it was erroring out, now it appears to dowload the e-mails but nothing happens.
Thanks for the tip!
I needed this info!
Further info............
....................O2 have told me via dataservices support there is a problem with self-certification - This has come from Microsoft who have said there is an issue.
O2 and MS are working on a fix but no timeframe as yet - a number of users have reported the issue.
Third party certificates are OK apparently - I have tracked down a free source - www.cacert.org but whilst i have got a personal email certificate for my PC I can't get throught the documentation to obtain a certificate for the Exchange server at work. This is because, I think, we don't have a domain that's linked to it - we just VPN to an IP address......if anyone can help work out how to submit a valid certificate request, I'd be very grateful
Further info............
....................O2 have told me via dataservices support there is a problem with self-certification - This has come from Microsoft who have said there is an issue.
o2 and MS are working on a fix but no timeframe as yet - a number of users have reported the issue.
Third party certificates are OK apparently - I have tracked down a free source - www.cacert.org but whilst i have got a personal email certificate for my PC I can't get throught the documentation to obtain a certificate for the Exchange server at work. This is because, I think, we don't have a domain that's linked to it - we just VPN to an IP address......if anyone can help work out how to submit a valid certificate request, I'd be very grateful
so you are unable to set up the sync between your O2 and the exchange server? or you cant get the HTTPS to work at all?
my colleague is using a QTEK9100 and he managed to get the push mail to work. the sync with exchange server seems to be working. he couldnt get it work before this because exchange server need to have HTTPS enable, so we endup getting a digital cert from a vendor.
so now he is happily getting email push to his qtek. and sync works fine as well. i am yet to get my unit so i cant say much about the setting need to be done but there must be something missing here.
Hi.
I have Exchange 2k3 SP2 using my own certificates, an XDA Mini and XDA Exec with O2 GPRS all using push email fine. No issues with O2, Exchange, Microsoft or anything - it just works!
The only thing I did need to do on the XDA's was to import a copy of my Certificate Servers root certificate.
Have been using this with Exchange push for a couple of weeks and before then used the same setup with XDA IIi's using Exchange Activesync.
Merlin
Hi.
I have Exchange 2k3 SP2 using my own certificates, an XDA Mini and XDA Exec with O2 GPRS all using push email fine. No issues with O2, Exchange, Microsoft or anything - it just works!
The only thing I did need to do on the XDA's was to import a copy of my Certificate Servers root certificate.
Have been using this with Exchange push for a couple of weeks and before then used the same setup with XDA IIi's using Exchange Activesync.
Merlin
Lucky You, RB............
.............I, too have imported the server certificate but neither I nor O2 could get it to install on mine or their machines.....that's when they told me about the issue..................
It's a valid certificate cos our server works as it should !
The real crazy thing is, I can VPN to our server using my XDA via my home WiFi router, see the server desktop via mstsc and open my exchange mailbox using the company intranet in IE - all on my XDA in my bed !!!
Security ?!!? Pah!!!!
Hi
Which certificate have you imported, the certificate on the exchange server or the ROOT certificate from your Cert Server?
You need the ROOT CERTIFICATE not the Exchange Web Server certificate
Merlin
We're running...........
........SBS 2003 SP2 with Exchange Server
The certificate is the only one we have for the server as a whole.............
If you click on the certificate and look at the certification path tag, what does it say...(Can you post a screen shot of it?)
I am trying to configure Microsoft exchange server to get my work emails on my universal.however even though i have my setting all ok,and pda is connecting to internet,no emails are being downloading.
I am getting message that folders have been synchronized but email are neither being sent and received.
tried to speak to my works IT guys who are insisting all settings are OK.
funnily enough i configured my pals pda ,who happens to have a universal like me but using a different phone company ,and all worked beautifully.
when i contacted my phone company they said that all is ok from their side,but I still am not succeeding.
any idea guys?
I think they should enable a certain service. With me all worked fine untill a partly HD crash, now I can still get e-mail into Outlook, but not to my PDA any more. I believe it has to to with Public Directories. At least that's the part what's wrecked in my server.
Good luck!
Bas
OP, I'm assuming you are referring to DirectPush, I would double check with IT that you have your account enabled for User Initated Sync, and that you have all options configured identically to what IT gave you. Specifically, it could be that your company is using SSL and you have yet to export the certificates that are needed to your phone, rendering it unable to sync.
Urthwhyte is right about the ssl, installing it is a simple as accessing the certificate file though your file manager. You might also be experiencing the same problem I am, where your service provider doesn't accept your businesses certificates (doesn't apply to wifi connects).
If you really want it to work and you don't care if ppl pull the data off the air, you could disable ssl if it's not required.
Hi
I used to be able sync to my work Outlook email via ActiveSync / Outlook Mobile Access (OMA). However, yesterday my work IT department disabled OMA on my Exchange server as they do not support anything other than the blackberry. Despite my protestation they are refusing to re-enable OMA. This leaves me with a big issue!
Does anyone on here know of a third party application that can sync outlook emails and calander using Outlook Web Access (OWA)?
I have found an application called Chronobis which is able to sync from OWA but only one way i.e. deleted items on Chronobis will not delete from my Outlook inbox and calendar appointments added won't sync to my outlook calander (or so I believe). Whilst this is a good start it really doesn't get me to where I need to be.
I am desperate to sync my work outlook emails to my new HTC HD2 (its the main reason I got it)!
Anyone got any other ideas / know of any other applications?
Would really appreciate any suggestions.
Thanks in advance.
Yes, you can use a service called Seven.
Thanks for your response.
I've had a look and it seems this could do the job! Seems that the only way to get it was to join the beta programme which I've done but when I put my the vendor in it doesnt give me the HD2 as an option.
Any ideas what handset I should choose that will work with the HD2?!
I've also read compatibility issues with Manilla 2.5 in their forums. Has anyone managed to get this working successfully on an HD2? Also, are you able to move emails to your different folders using this app and have them sync with the exchange?
Is this the best / only app out there for my requirement?
Sorry for all the qus!
Thanks again.
ActiveSync uses OWA. Put in webmail server, username, password and works.
OWA still works, like afterburn said, i got my calendar, email and tsks to synch. lol now all my contacts are on my university email accounts, pretty cool tho.
no need for thirdparty, active sync does it.
dont know what OMA is. but what you want is exactly what OWA gives you.
dont set your owa using HCT SENSE/MANILA SETTINGS. do it through normal out look ad account way. HTC tick boxes for tasks, calendar and other stuff are greyed out and only email is available.
but on the standard outlook mobile all the settings are there.
need a run through of how to set it up?
Thanks for your responses guys.
OMA is office mobile outlook. It is a setting within the exchange server which either allows or disallows a mobile device to access emails through the mail app. Having OWA does not mean that you will be able to access your emails from a mobile device (except through the mobile browser).
Activesync uses OMA rather than OWA so at the moment I'm stuck!
As a result I need an app that syncs via OWA.
Seven seems to be able to do it but I could do with any answers to my qus above.
Happy to be proved wrong on this but one day it was all working fine and the next my exchage server settings had been changed and it stopped working.
Any exchange server admins on here who can confirm my thinking is correct?
Gooner4_1998 said:
I've also read compatibility issues with Manilla 2.5 in their forums. Has anyone managed to get this working successfully on an HD2?
Click to expand...
Click to collapse
I'm using Seven on HD2. There were compatibility problems with custom ROMs on other devices based on leaked Leo Manila.
Why don't you use Blackberry Connect on your Wm device? That way, you can sync the same way as Blackberry devices. Of course that requires you to have BB access rights, but since they are so BB happy, you may be able to get that.
You can get it here: http://www.htc.com/us/mobile/connect/8925/install/default.html
Of course it is not specific for the HD2, and I have no idea if it'll work, but it is worth a try.
BB connect sounds like a good idea, wasn't aware it was a possibility, thanks.
I actually have a BB from work so I know that I am set up for it. However, I work for a company that are very keen on security so there is no way they will give out the settings I would need (its set up by the IT department and then just given to you).
Is there any way to get the info / settings I need from my current blackberry? Ive had a look on it and can't see anything obvious.
Just checked through some documentation on BB connect and unfortunatley it requires that I install ActiveSync and BB Connect on a computer connected to my works network.
As I dont have admin rights on my work laptop I won't be able to do this (unless anyone knows how to install programs without being an administrator!).
Looks like Seven might be the bset solution!
Vangrieg, which handset did you choose to set up for the HD2?
Thanks
I admin an exchange server, the most common reason for OMA not working is if there isnt a valid ssl cert for the domain, but i can confirm that as you mentioned, it will deffo not work if mobile access is turned off on the user account (there are 2 seperate options for web and mobile access)
i dont see any decent reason why a server admin would disable it, he must be on a power trip or sommert!
Thanks lancemate.
Could the valid ssl cert be the reason even if others in my company are still able to access as before? Its only affecting me. I've set up one of my collegues mail accounts on my phone to see if it still worked and it did without any issues.
When I called IT they said they hadn't changed any of my settings so I had assumed that OMA was the issue. I asked them to check and to re-enable and they told me they were unwilling to even look at my settings!!! Our IT department has been moved to India which makes it even harder to get any help!
Could an ssl cert suddenly just expire?!
Is there anyway of me to get a valid ssl cert for the domain witout going through IT to see if this is the issue?!
Been doing some more research and want to see if getting an ssl certificate onto my phone will make it work. Absoloutely no idea if it will work but its the last thing I can think off!
Is it possible to download the SSL certificate from my OWA site?
If I double click on the padlock in the bottom left corner I can get the certificate details up on the "details" tab (although there are loads of files and I don't know what I'm looking at!). When I click "copy to file" the export wizard come up but I have no idea where to go from there!
Anyone able to offer any assistance please?
Also, I'm sure this is a stupid question but would I need to put this certificate on my phone or could I use a different one?!
Thanks
It cant be an SSL Cerificate issue if your Colleague's account works on your device.
It MUST be that OMA is disabled on your account or something else is horribly wrong. As mentioned above i cant see any reason why an Exchange administrator would disable OMA.
Can you connect to your account using activesync on a different device to check whether its the phone or settings on server side?
To help you with using Blackberry Connect as a possible solution here are some resources on how to run programs that require admin level on machines you havent been given admin rights to. Some methods cover your tracks completely and others simply let you create/amend and delete windows accounts and associated rights in whatever way you need.
i would suggest using the first link to create a bootable usb stick that loads a modified linux command prompt. You can then use this to give yourself local admin rights.
http://pogostick.net/~pnh/ntpasswd/
http://www.jms1.net/nt-unlock.shtml
http://internetbusinessdaily.net/how-to-hack-a-window-xp-admins-password/
I've tried to set up on 2 other phones, bith with no joy so I'm guessing its the server side rather than the phone.
Is there no way that its anything to do with the ssl certificate? Are they set up company rather than by user? Will my suggestion of putting a certificate on my phone definately not work (if I could even find out how to export it from OWA)?!
I also cant see why the OMA would have been diabled so thinking it must be something else!
Thanks
I share Gooner's concerns and look forward to finding a solution. 1) My company has not yet enabled mobile devices to sync via Outlook Web Access. 2) Blackberry Connect does not yet work on HD2. There is a thread for BBC on this very same forum.
I am confident that a solution will soon emerge for 1) and/or 2).
Audio Oblivion said:
It cant be an SSL Cerificate issue if your Colleague's account works on your device.
Click to expand...
Click to collapse
Well, sometimes you need to install the certificate manually on your device to make it work. That's the case where I work - we use a self-signed certificate.
I use zarafa as a direct replacement for exchange, it syncs my emails,calendars, contacts etc.
It allows push email as well.
Hi JMes
After looking around I have found it appears that there are 2 services that will allow you to sync a mobile device using OWA, even if it is not set up for OMA.
Seven - Currently in beta but others have had success with this service on an HD2. I believe that it will sync Calendar, Tasks and Email.
Emoze - Also allows you to check outlook via OWA and offers a free service or a paid for service. Paid for service allows you to remove the "sent from emoze" tag allows attachemnts to be sent up to 2mb (rather than 100kb). Think it costs 10 euros a year.
People
Since last week i had sleepless nights trying to get my direct push email , Global address book working with my exchange server. I tried everywhere but there was little to go on.
Few min back i got this going and the elation has quickly changed to sharing back to the forum.
And Yes , it has to do with installing certificate on the device. I checked with my Iphone and Android owning colleagues and they can do complete MS exchange server sync inspite of getting the certificate warning but not Microsoft. It seems they are crucifying their own lot only.
So this is how it starts -
- ask your admin for the certificate or else go to the web exchange address and on the address tab click on the lock sign which is displayed. This is the certificate you would need for your device. Click on the lock and copy the certificate thumbprint ( assuming you know how to make it into a .cer file). Install this .cer on device root and install. go to security tab - certificates on the deicce and make sure the certificate is shown as installed in there.
I guess this would do the job. Hope this dope might help some of you.
Cheers!
Shailen
I picked up the focus yesterday and have run into an issue syncing with Outlook/Exchange Server 2003. I receive the error code below after the email account setup runs for a bit, I get contacts and calendar entries, then a few emails before the error is returned (everytime I try to sync later as the msg suggests). I tried finding the error code referenced on MS Support/Forums, AT&T Samsung forums, and even xda developers with no luck.
I did try a hard reset (from settings) and then recreate the account and I tried removing the hub on the start screen and then deleted the account and recreate same error every time.
Samsung Tech Support suggested that I add the same Certificate on my Server to the phone, Did so - still, no luck.
Anyone see this error/issue?
Outlook Error
Not Updated
We're having a problem syncing your
information. Try again later.
Last tried about a minute ago
Erro code: 8500201C--------------------------------------------------------------------------------
Mine has worked flawlessly. Sounds like you did everything I would have suggested except return and get a replacement phone.
I had that problem. the cause of mine was to have the SSL turned on. After I created the account, I went to setting>email and choose the outlook account, clicked on advanced, then scrolled down and uncheck the SSL checkbox. All worked perfect after that. although I guess I am not super secure.. but anyone that wants to hack and read my email.. feel free pretty boring.
It is obviously a software issue. How can a replacement phone solve any problem.
If your exchange server does not use public certificates (the ones that your company has to pay for), or the certificate comes from some publisher that WP7 doesn't know about, it will be touch to set it up. For one, import the server certificates directly does not work. In the past with WM phones, MS suggests you need to import the root certificate instead. So, see if you can find the root certificate for it.
agreed - was able to get Corporate Store to allow me to try settings on another Focus, with same results.
can see the Folders on my Outlook (some are unique to my Exchange Server), so we know that we are nearly there. little more tweaking, and also, update to a new Server,
but, that might not be for week or so, so if anyone has solutions, would be much appreciated.
I had problems with mine and worked with our Exchange admin. We found it was the encryption part of our policies. Both Device and Storage card encryption parts of the policy have to be turned off. After some research this is correct and expected to be fixed in Early 2011 when Microsoft starts pushing this for business.
Oh it also does not support alphanumeric passwords at the moment:
http://social.answers.microsoft.com/Forums/en-US/windowsphone7/thread/ee2ecd48-89bf-4e8c-b48e-553967517a4d
Here is the one about encryption:
http://social.answers.microsoft.com/Forums/en-US/windowsphone7/thread/7c4329c9-9f51-4184-8f48-5d4bc5c6269e
cwiley2566 said:
Oh it also does not support alphanumeric passwords at the moment:
http://social.answers.microsoft.com/Forums/en-US/windowsphone7/thread/ee2ecd48-89bf-4e8c-b48e-553967517a4d
Click to expand...
Click to collapse
That is really strange because my HTC Surround took my alpha numeric password just fine for my exchange email. Haven't had any issues with it at all.
Do you mean a password for the domain or the screen lock password? They are talking about the policy that requires a alpha numeric password (or not allowing simple passwords) for unlocking your screen. Our company allows simple passwords (just numbers) so I didn't see the problem.
We don't have a certificate,and all I had to do was go to advanced and turn off encrypted SSL connection ( I also have alphanumeric and symbol password for exchange)
I am referring to the screen lock policy in Exchange. Of course alphanumeric and symbol passwords for exchange/domain authentication will work.
Installing SSL Cert (quick and dirty)
Email your server's SSL cert to a GMail account. Hotmail blocks the attachment as an unsafe filetype.
Open the attachment and Phone7 should ask you if you want to install. Go back and set up your Outlook account.
Got mine working on Exchange 2003 even after the error messages
This happened to me as well. We have an Exchange 2003 server and what I did was go to "email and accounts" on the phone and went through the proccess and setup everything correctly but still got the error messages.
Now this is what fixed my issue (strange). I got out of the "email and accounts" and went into all programs list and opened "Outlook" , from there I put the settings in again for my account and presto, it just started working and syncing.
I did 2 phones likes this already and it works. Dont ask me how, but it does.
Hope this helps OP and anyone else using Exchange 2003.