Mobile devices stopped working
I have two people with mobile devices that were successfully using Active Sync for push email from a SBS 2003 server. They are at a branch office and I setup Exchange 2003 Standard on a Windows Server 2003 R2 (SP2) server at the branch office (all one AD domain and one Exch Org) so that they could have local email boxes. Exchange on the SBS 2003 server and the branch office server have SP2 for Exch 03 installed. I was able to move one mailbox over the WAN (a VPN), but the 2 users with push had mailboxes that were too big. So I backed up the 2 mailboxes to PST, deleted the mailboxes, created new mailboxes at the branch office, and restored the PST's.Internal and external email is flowing fine, but their push email (Active Sync) to their mobile devices is not working. One device is a Blackberry and the other I think is a Palm. What do I need to do to get them working again?
November 14th, 2009 1:25am
They'll have to delete their existing ActiveSync partnerships on their respective Mobile devices and recreate them with your OWA server since they have new mailboxes.
Free Windows Admin Tool Kit Click here and download it now
November 14th, 2009 1:48am
Thanks! I'll try it on Monday and report back.
November 14th, 2009 2:11am
You may need to reload the blackberry user on the BES server. Mark Morowczynski|MCT| MCSE 2003:Messaging, Security|MCITP:ES, SA,EA|MCTS:Windows Mobile Admin|Security+|http://almostdailytech.com
Free Windows Admin Tool Kit Click here and download it now
November 14th, 2009 6:25am
There is no BES server at the location...are you talking about something else? It is my understanding that they both were setup with Exchange Active Sync to their devices.
November 14th, 2009 6:02pm
You said you had a blackberry, that doesn't use ActiveSync at all.Mark Morowczynski|MCT| MCSE 2003:Messaging, Security|MCITP:ES, SA,EA|MCTS:Windows Mobile Admin|Security+|http://almostdailytech.com
Free Windows Admin Tool Kit Click here and download it now
November 14th, 2009 10:56pm
Might be thinking BIS. Either way, reset the profile on the device!
November 15th, 2009 12:30am
Hi,Please note blackberry has its own push technology. For Palm, some of the devices that are not compatible with Exchange. PalmPalm offers two smartphones that have the WindowsMobile 5.0 operating system. These devices support Direct Push. Palm also supportsExchangeActiveSync on the Treo 650 and 680 series smartphones. These devices do not support Direct Push. http://technet.microsoft.com/en-us/library/bb232162.aspxThanks,Elvis
Free Windows Admin Tool Kit Click here and download it now
November 16th, 2009 12:20pm
Thanks for the feedback. We are going to try deleting/removing their Exchange profile on their devices, then setting them up again. I'll everyone know.BTW, Direct Push is currently working on my Palm Pre.
November 17th, 2009 10:46pm
Any update on this? Mark Morowczynski|MCT| MCSE 2003:Messaging, Security|MCITP:ES, SA,EA|MCTS:Windows Mobile Admin|Security+|http://almostdailytech.com
Free Windows Admin Tool Kit Click here and download it now
November 18th, 2009 4:01pm
Still working on it...working on (possibly) separate mail flow issue...I think I'll post another question.I did find an event log error on the main office server (SBS03):Event Type:ErrorEvent Source:Server ActiveSyncEvent Category:NoneEvent ID:3005Which from "http://eventid.net/display.asp?eventid=3005&eventno=2656&source=Server ActiveSync&phase=1" (you may need an account to see that page), I went to Exchange System Manager - Servers - <server> - Protocols - HTTP - Exchange Virtual Server, deleted "Microsoft-Server-ActiveSync" and then recreated it. Now I am not getting that error.I have not tried resetting the mobile devices since doing the above.
November 18th, 2009 11:38pm
I just found out that one of the devices is a Blackberry 9530 v4.7.0.148 (Platform 4.0.0.181). I can't find any info on the web about if is supports Exchange Active Sync (EAS). Anyone know if it supports EAS?
Free Windows Admin Tool Kit Click here and download it now
November 19th, 2009 8:48pm
It was probably was using BIS instead.
November 19th, 2009 9:05pm
There is no BIS on the network. I am not real familiar with the BlackBerry world...in order to use BIS, does BIS have to be on the corporate network?
Free Windows Admin Tool Kit Click here and download it now
November 19th, 2009 9:10pm
BIS is simply an app on the Blackberry device itself. It connects to the owa server and access the mail that way.http://na.blackberry.com/eng/support/software/internet.jsp
November 19th, 2009 9:19pm
Thanks for the info and link...it was very helpful! I am looking at that site and see how you can set up the Blackberry to utilize OWA. Is this the best way to setup a Blackberry to access an Exchange server?
The user said that she was trying to set it up...but I don't know exactly what she is doing. She said she could setup a user who has a mailbox on the Exchange server at the main office (her original Exchange server), but she cannot setup her user on her mailbox on the branch server (the server I moved her to). I installed Exchange at the branch office with default settings; is there something more that I need to configure on either server to enable mobile devices to access email on the branch office Exchange server?
Free Windows Admin Tool Kit Click here and download it now
November 20th, 2009 12:40am
If she is using BIS, no, it simply connects to the OWA server like a client.Are you sure they arent using BES? THose are really the only 2 choices with Blackberry devices.
November 20th, 2009 12:42am
I thought I knew what BES was, but I looked it up on wikipedia to be sure. No, they have never had a BES server or BES software on their server.They do not have a public certificate loaded for OWA. OWA works, but you get the certificate error. Can I follow:http://www.blackberry.com/btsc/search.do?cmd=displayKC&docType=kc&externalId=KB03133and get it to work without a public cert?Does BIS to OWA work well?
Free Windows Admin Tool Kit Click here and download it now
November 20th, 2009 1:05am
OWA is not working like I think it should. The internal domain is domainname.local. So the FQDN of the server are mainserver.domainname.local and branchserver.domainname.local. Users have always been able to use OWA from outside the network by going to https://mail.domainname.com/exchange.When I try to access a mailbox located on the original Exchange server at the main office by going to https://mail.domainname.com/exchange, I can get on just fine. But when I go to the same web site to try and access a mailbox on the branch office Exchange server, it does not work. I installed the branch office server with default settings last week; is there something more that I need to do to enable access to mailboxes on the branch office Exchange server via OWA? I specifically want to keep the same URL, https://mail.domainname.com/exchange.
November 20th, 2009 3:21am
On Thu, 19-Nov-09 21:42:38 GMT, Andy David wrote:>>>If she is using BIS, no, it simply connects to the OWA server like a client.Are you sure they arent using BES? THose are really the only 2 choices with Blackberry devices. Blackberries also connect using IMAP and POP.---Rich MatheisenMCSE+I, Exchange MVP---
Rich Matheisen
MCSE+I, Exchange MVP
Free Windows Admin Tool Kit Click here and download it now
November 20th, 2009 7:47am
On Thu, 19-Nov-09 21:42:38 GMT, Andy David wrote:>>>If she is using BIS, no, it simply connects to the OWA server like a client.Are you sure they arent using BES? THose are really the only 2 choices with Blackberry devices. Blackberries also connect using IMAP and POP.---Rich MatheisenMCSE+I, Exchange MVP
--- Rich Matheisen MCSE+I, Exchange MVP
<shudders>
November 20th, 2009 4:59pm
If you want to keep the same FDQN for the branch office, then you'll need to add a cert with that FQDN. Does the main office still use that FQDN? If not, then you can't use it on another machine for external access unless everyone is going through the main office's server and being proxied.
Free Windows Admin Tool Kit Click here and download it now
November 20th, 2009 5:01pm
All: the OWA issue, while possibly related, seems like a separate issue so I am going to create a separate thread for it.Andy:Let me make sure I understand what you are saying. Are you saying that I will not be able to use BIS with OWA without a public cert? The answer may not be obvious because I have gotten 3 other phones to work without a cert (at a different company) all with EAS: an iPhone prompted but allowed me to go forward without a public cert...a Windows Mobile 6.1 phone and a Palm Pre worked after importing the self-signed (non-public) cert into the cert store on the phones.From what I have seen so far, I can setup the following on the Blackberry: BIS with OWA, IMAP, and POP; I can't use EAS and I can't use BES since I don't have it. Is there anything else? Recommendations?
November 20th, 2009 7:23pm
I got this from someone else: "When remote user try to access the mailbox on the additional Exchange server, the HTTP request is actually redirected to the internal URL of the additional Exchange server, then a second authentication is required. However, since remote user cannot access the internal URL for the additional Exchange server and they cannot receive the authentication request, this redirection is failed for the remote users. As a result, remove users cannot access the mailboxes which are on the additional Exchange server."So basically, before the mobile devices will work, I have to get OWA working. Since the two offices are connected over the internet via a VPN, the branch office has an external IP address. So I created a DNS entry of 'branchofficeservername.externaldomainname.com' to the external IP address, and opened port 443 on the firewall. To setup OWA on SSL, I followed this:http://www.msexchange.org/tutorials/SSL_Enabling_OWA_2003.html
Now when I go to 'https://branchofficeservername.externaldomainname.com/exchange', it comes up with the certificate error (expected), but does not go further (not expected). The main office server continues to work ('https://mainofficeservername.externaldomainname.com/exchange'), and logging onto the main office server and going to 'https//mainofficeservername/exchange' also works. On the branch office server, going to 'https://branchofficeservername/exchange' does NOT work, so I am pretty sure I configured something wrong on the branch office server.
Free Windows Admin Tool Kit Click here and download it now
November 23rd, 2009 9:41pm
I thought that I must have done something wrong and I needed another set of eyes to take a look at it I decided to call Microsoft PSS about this issue.It was my mistake. It was incorrect directory security settings on the Default Web Site and an incorrect self-signed certificate. After fixing OWA, I got off the phone with the Microsoft engineer. I went over to the client to setup their devices. The person with the BlackBerry had gone for the day, but I am sending her a link to web site she can try.I tried to setup the other persons device. I tried to export the certificate (see attached document in the email that I BCC you) and import it on his device which seemed to work. However, the Exchange sync did not work, erroring out on the certificate. EAS was working on this device when this persons mailbox was on the main office server (SBS 2003). The main office server also has a self-signed certificate. At sometime in the past, someone else (not me) exported the certificate for the main office server (SBS 2003) and imported onto his device. It is in the root certificate store on his device. When I imported the certificate for the branch office into his device, it automatically imported to the intermediate certificate store. Does it need to be in the root store? If so, how do I get it in the root store and not the intermediate store?He has the following device:Palm Treo 800w (Sprint)Windows Mobile 6.1 professionalCE OS 5.2.19216 (Build 19216.1.0.5)
November 25th, 2009 7:47am