• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

ISA blocks activesync after renaming user

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA 2006 Publishing] >> Exchange Publishing >> ISA blocks activesync after renaming user Page: [1]
Login
Message << Older Topic   Newer Topic >>
ISA blocks activesync after renaming user - 21.Jun.2010 4:50:18 AM   
guyhorn

 

Posts: 3
Joined: 7.Oct.2009
Status: offline
Exchange 2007 activeSync & ISA 2006 problem.

After changing the UserPrincipalName and the SamAccountName the ISA server blocks activeSync communication to the Exchange Client Access Server.


I have Exchange 2007 and ISA 2006 Configuration. Both perform Outlook web access and activeSync. For active sync I use client certificate on the mobile device. The ISA server performs Kerberos constraints delegation. The IIS web site on the CAS server is configured to accept Widows integrated access. The activeSync policy is configured to accept blank password and to accept client certificates. (Odd, there is no option there to accept Windows integrated, but it works).

Log
1. I made a user named rename. In the ISA i made an ISA-item-group named ActiveSyncUsers and added ‘renamer’ to it. Then i allowed only this group to use / pass the activeSync rule. Everything Works OK.
2. I changed the SamacoountName and the UPN to g.renamer.h. I added a new domain suffix; noorderpoort.nl and assigned it to the user. The original one is noorderpoort.lan. Then i enrolled a new certificate for the user and imported it to the mobile device account. Now the ISA deny communication from ‘renamer’ to the CAS server. I looked at the group membership of ActiveSyncUsers and ‘renamer’ is displayed as g.renamer.h.
3. After renaming the user again ‘renamer’ he is able to communicate again.

< Message edited by guyhorn -- 22.Jun.2010 4:43:16 AM >
Post #: 1
RE: ISA blocks activesync after renaming user - 6.Sep.2010 4:54:24 AM   
gazy007

 

Posts: 43
Joined: 29.Aug.2008
Status: offline
Was your active sync working before as I have trying to make it work with my Iphone and it kept failed it was working on exchange 2003 SSL certificate but when I installed a new server for test purposes exchange 2007 since then it stopped working on my Iphone and I did import new certificate published owa and it works but not OMA.

(in reply to guyhorn)
Post #: 2
RE: ISA blocks activesync after renaming user - 6.Sep.2010 6:06:02 AM   
gazy007

 

Posts: 43
Joined: 29.Aug.2008
Status: offline
I have got mine working as UPN should not make difference as only publish oma rule that include listners and it should match with Exchange OMA external site.

(in reply to gazy007)
Post #: 3

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA 2006 Publishing] >> Exchange Publishing >> ISA blocks activesync after renaming user Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts