I have got OWA and RPC over HTTP working with much thanks to Tom's articles, and now I am tackling ActiveSync. I believe I can use the same listener, so that is how I have it setup. I used the Exchange Publishing Wizard and checked the box for ActiveSync. After the rule was created, I setup the HTTP filter according to Microsoft's info here: http://www.microsoft.com/technet/prodtechnol/isa/2004/plan/firewall-exchange2003.mspx When I connect with my Motorola Q, I get the same error message reported around the internet that users syncing via USB got when using ActiveSync 4.1. ActiveSync 4.2 solved that problem for them, but I'm not going via USB so that's not the issue. ActiveSync on the Q reports an error code of 0x85010014. ISA logs show a denied connection to my ActiveSync rule with an Error Information 0x800 and Client Agent MSFT-SPhone/5.1.2400. I did get ActiveSync to work accidentally when trying to make OWA work without having to enter the /exchange at the end of the URL by changing my OWA policy's Path tab to have one line item set as Internal Path = /* and External Path <same as internal>. This way I could manually perform a sync via the OWA rule and it would work. However, Direct Push was not working and I believe this is because it wasn't going through the Microsoft-Server-ActiveSync folder. Any ideas to resolve this would be appreciated. Thanks in advance!
I've found some interesting and confusing things today.
1. I get the same error message trying to sync with the Exchange server (not through Outlook) via ActiveSync 4.2 with the USB cable and I get the same error, so it doesn't seem like a problem with my smartphone or with the version of ActiveSync on my PC.
2. I installed ActiveSync 4.5 Beta 2 to see what would happen. When I configure my server source in the program on the PC, I first get an error message box saying an Exchange server could not be detected via the hostname I entered. The hostname is the same internal as external with my split DNS and which is accessible via RPC over HTTP and OWA, pointing to my ISA server, so I'm not sure why it cannot detect the presence of Exchange at that location.
3. I can Retry or Contine from the message above, so when I Continue and have it try to sync, my Q gives me the error message "Your Internet connection is not configured properly. Please verify your settings in Data Connections." From the ActiveSync app on my PC I now get error message 85002003. This site tells me that this error code means "The device timed out while waiting to establish a connection with the server. Try again later. Ensure device is able to browse Internet sites." http://www.pocketpcfaq.com/faqs/activesync/exchange_errors.php?sort=WM2002_2003_Error%20desc Not very helpful. However, it does talk about many things in relation to the original message, 85010014. It hints that SSL is not supported with Exchange ActiveSync in parts, but talks about making SSL work in others, so I must assume it used to not work but now it does with with either Exchange SP2 or as of a version of ActiveSync on the PC or maybe with Windows Mobile 5.0???
4. This Microsoft KB article 817379 dates October 27, 2006 states also that Exchange ActiveSync doesn't support SSL. That seems quite strange to me. When I try to configure my Q for a non-SSL connection, it gives me a nasty warning about clear text password sent over the internet, and rightly so. http://support.microsoft.com/default.aspx/kb/817379/en-us
So does anyone know if Exchange ActiveSync or OMA supports SSL connections? If so, I must be misunderstanding the KB article.
< Message edited by Ben Davis -- 13.Nov.2006 4:39:57 PM >
=-=- [14/11/2006 8:35:58.0] -=-= =-=-=-= Server Response =-=-=- HTTP/1.1 500 ( The request was rejected by the HTTP filter. Contact the server administrator. )
In checking over my HTTP filter for my ActiveSync rule, I found that on the Signatures tab that I had entered a forward slash for one of my signatures instead of a backslash, thereby blocking all web requests. Changed it to a backslash and voila! Works like a charm.
Now my problem with this is why didn't the ISA server log show this error message? I've seen messages in the logs about requests being blocked because of the HTTP filter before when I've messed up the Signatures tab. Why didn't it tell me this time?