Jump to content

Exchange Server Authentication

Guest Mr.Clark

By Guest Mr.Clark
in Universal - Universal.MoDaCo.com

 Share

Recommended Posts

Guest Mr.Clark

Guest Mr.Clark

Posted
Posted

I've just got my shiny new XDA-Exec. Hurrah!

Now I'm trying to connect to the work Exchange server.

I've done this scores of times on WM2003 devices. Install the certificate, run "certchk.exe off" and then go. And it works. 10 times out of 10.

With me Exec, things become a little more unclear. Certchk doesn't work.

After long googling, I find this

go to

HKEY_CURRENT_USER/Software/Microsoft/ActiveSync/Partners/

3. press \"Values\" key (then you see calendarfolderit,

clientnegotiated,......)

4. press Menu, new value,dword insert values (value name=secure value

data=0)

Value name= secure

Valu data = 0

This does something, since without this, I get an invalid certificate error.

With this, I get prompted for my Exchange password. I give it, tick the "remember" box, and hit Done. Then it asks for the password again. And again. And again. Ad infinitum.

What's up with this? Anyone seen anything like it before?

Link to comment
Share on other sites
Guest Mr.Clark

Guest Mr.Clark

Posted
Posted

A bit of playing around has confirmed that it's not a user account setting, it's either an Exchange setting (I can't see one... mobile devices are enabled, and the 2003 devices work fine) or a WM05 setting.

The actual error is "please correct your exchange server password", but I'm certain it's correct. I've checked with another user, and they get the same message with their username/password.

Someone else must have had something similar :?

Link to comment
Share on other sites
Guest Confucious

Guest Confucious

Posted
Posted

I've been told that it *should* work when MSFP is released on Monday and to wait until then before tearing my hair out....

Link to comment
Share on other sites
Guest Mr.Clark

Guest Mr.Clark

Posted
Posted (edited)

This Monday?

What is MSFP?

*getting a little hopeful*

EDIT: MSFP - Messaging & Security Feature Pack for Windows Mobile 5.0

Edited by Mr.Clark
Link to comment
Share on other sites
Guest Confucious

Guest Confucious

Posted
Posted

The release of the IQ has been put back to NEXT monday (the 17th) so I don't know if MSFP (Messaging and Security Feature Pack otherwise known as AKU2) will be released tomorrow as originally planned or if they will hold it back until next monday.

Link to comment
Share on other sites
Guest Monolithix [MVP]

Guest Monolithix [MVP]

Posted
Posted

Why do i remember seeing somewhere that certchk isnt used in WM5 any more...? *niggling feeling*

Incedentally when i set up my jasjar with my exchange server i had a similar password problem, turned out i'd created the account, added a password, then later set up some password policies - which my account did not meet. Updated the password and all was well...

As for installing the cert - i just exported it from my server and installed it on the jasjar, sorted...

Link to comment
Share on other sites
Guest Mr.Clark

Guest Mr.Clark

Posted
Posted
The release of the IQ has been put back to NEXT monday (the 17th) so I don't know if MSFP (Messaging and Security Feature Pack otherwise known as AKU2) will be released tomorrow as originally planned or if they will hold it back until next monday.

So did this arrive?

I've been watching the MS site, but can't be 100% sure... :?:

Link to comment
Share on other sites
Guest Confucious

Guest Confucious

Posted
Posted (edited)

The update hasn't been released yet ;)

It should appear on O2's site (not MS) but i've just looked for the link and can't find it as they seem to have changed there site...

I should be informed as soon as it is available and will post a link when I get it.

[Edit] Link is here but software not available yet.

HTH

Edited by Confucious
Link to comment
Share on other sites
Guest Mr.Clark

Guest Mr.Clark

Posted
Posted

So they've released the Atom, but not the AKU2 update for the Exec?

They're jsut as bad as Orange were with their C500 ROM updates ;)

Link to comment
Share on other sites
Guest Confucious

Guest Confucious

Posted
Posted (edited)

Just checked:

Xda Exec ROM - the Xda Exec System Software

The latest Xda Exec System Software is available for you to download. New and changed in this version of software, v1.30.162 are:

*

Microsoft AKU 2 (Adaptation Kit Update) featuring:

Microsoft Messaging and Security Feature Pack (MSFP)* allowing Direct Push Email, Wireless Calendar, Contacts, Tasks, Global Address List (GAL) Lookup and Security Policies.

* Requires organisations to be running Microsoft Exchange Server 2003 and SP2. Please contact your company IT Manager to confirm your infrastructure and for assistance with setting up your device for direct push email.

* Updated Comm Manager, providing new buttons for controlling Direct Push Mail and active Data connections.

* Updated Radio v1.09.00

* Updated CE image v1.30.107

[Edit] Although the example Phone number is +44 123456789 the number needs to be entered without any spaces eg +441234567890 [/Edit]

Edited by Confucious
Link to comment
Share on other sites
  • 4 weeks later...
Guest Confucious

Guest Confucious

Posted
Posted

I had to get a free SSL cert and then install it on my exec and server. Or rather, a friend who knows what he's doing did it for me...

Link to comment
Share on other sites
  • 3 months later...
Guest Mr.Clark

Guest Mr.Clark

Posted
Posted

Yes, we've generated our own, and they're installed on the devices. If I don't do the little reg hack at the beginning, it throws a message saying "The security certificate on the server is invalid"

If you do the tweak, it repeatedly asks for the password, even through it's correct.

Link to comment
Share on other sites
Guest Paul (MVP)

Guest Paul (MVP)

Posted
Posted

The reg tweak is turning SSL off isn't it, so if the server is set to require it, it'll b0rk?

Sounds like the cert isn't installed on the device correctly?

If it is, you shouldn't need to reg tweak I think?

P

Link to comment
Share on other sites
Guest Mr.Clark

Guest Mr.Clark

Posted
Posted
The reg tweak is turning SSL off isn't it,
I don't think so, I think it's disabling checking the server's certificate (which is why it gets further than a "No" response

Sounds like the cert isn't installed on the device correctly?

If it is, you shouldn't need to reg tweak I think?

P

I only know one way of installing a certificate... you click on it and it installs. It's in the Root list.

Link to comment
Share on other sites
Guest Confucious

Guest Confucious

Posted
Posted
I still haven't got this fixed. :D

However, we now have 5 corporate M5000s, 4 M3100s and 4 C600s, all of which need to connect to the Exchange server.

Is the free SSL certificate from somewhere like http://cert.startcom.org/ ?

Yup mine came from Startcom but the cert then had to be made into a cab to install on the phone.

The other thing that caused problems was he had to manually create

root certs for FreeSSL primary and Startcom intermediate on my server

HTH

Link to comment
Share on other sites
Guest Mr.Clark

Guest Mr.Clark

Posted
Posted

That'll piss Orange off if we go that route... I just got them to generate signed cabs for the smartphones using our existing certificates.

I don't get why we can't just use our certificate. I KNOW what the site is... it's ours! I don't care who doesn't trust it. We control the site, and the devices.

ARG! *choking gestures*

Link to comment
Share on other sites
Guest Confucious

Guest Confucious

Posted
Posted
That'll piss Orange off if we go that route... I just got them to generate signed cabs for the smartphones using our existing certificates.

I don't get why we can't just use our certificate. I KNOW what the site is... it's ours! I don't care who doesn't trust it. We control the site, and the devices.

ARG! *choking gestures*

Maybe you don't trust yourself? hehe

Link to comment
Share on other sites
Guest Mr.Clark

Guest Mr.Clark

Posted
Posted

Actually, you're not far off.

It turns out, as well as installing the certificate for the server, I also had to get a higher level certificate (Don't ask, I didn't know it was there) and take bits of that new one, turn it into a _setup.xml file and make it into a .cab file, then install it onto the PPCs. This has now enabled all of them to sync with our exchange server, even mine! The exceptions are the C600s, as I have to send the XML file off to Orange, so they can make it into a signed cab for the smartphones.

Many thanks to all for your help! :D:D

Link to comment
Share on other sites
  • 2 weeks later...
Guest Mr.Clark

Guest Mr.Clark

Posted
Posted

Can I ask a stupid question?

Push email... is that where you set the schedule in ActiveSync to sync "as items arrive"?

If so, that's great, all done, and working :rolleyes:

Link to comment
Share on other sites
Guest Confucious

Guest Confucious

Posted
Posted
Can I ask a stupid question?

Push email... is that where you set the schedule in ActiveSync to sync "as items arrive"?

If so, that's great, all done, and working :(

Yes

And congratulations! :rolleyes:

Link to comment
Share on other sites

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
 Share
Go to topic listing
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.

  I accept