Guest Mr.Clark Posted March 30, 2006 Report Posted March 30, 2006 I've just got my shiny new XDA-Exec. Hurrah! Now I'm trying to connect to the work Exchange server. I've done this scores of times on WM2003 devices. Install the certificate, run "certchk.exe off" and then go. And it works. 10 times out of 10. With me Exec, things become a little more unclear. Certchk doesn't work. After long googling, I find this go to HKEY_CURRENT_USER/Software/Microsoft/ActiveSync/Partners/ 3. press \"Values\" key (then you see calendarfolderit, clientnegotiated,......) 4. press Menu, new value,dword insert values (value name=secure value data=0) Value name= secure Valu data = 0 This does something, since without this, I get an invalid certificate error. With this, I get prompted for my Exchange password. I give it, tick the "remember" box, and hit Done. Then it asks for the password again. And again. And again. Ad infinitum. What's up with this? Anyone seen anything like it before?
Guest Mr.Clark Posted April 5, 2006 Report Posted April 5, 2006 A bit of playing around has confirmed that it's not a user account setting, it's either an Exchange setting (I can't see one... mobile devices are enabled, and the 2003 devices work fine) or a WM05 setting. The actual error is "please correct your exchange server password", but I'm certain it's correct. I've checked with another user, and they get the same message with their username/password. Someone else must have had something similar :?
Guest Confucious Posted April 7, 2006 Report Posted April 7, 2006 I've been told that it *should* work when MSFP is released on Monday and to wait until then before tearing my hair out....
Guest Mr.Clark Posted April 9, 2006 Report Posted April 9, 2006 (edited) This Monday? What is MSFP? *getting a little hopeful* EDIT: MSFP - Messaging & Security Feature Pack for Windows Mobile 5.0 Edited April 9, 2006 by Mr.Clark
Guest Confucious Posted April 9, 2006 Report Posted April 9, 2006 The release of the IQ has been put back to NEXT monday (the 17th) so I don't know if MSFP (Messaging and Security Feature Pack otherwise known as AKU2) will be released tomorrow as originally planned or if they will hold it back until next monday.
Guest Monolithix [MVP] Posted April 10, 2006 Report Posted April 10, 2006 Why do i remember seeing somewhere that certchk isnt used in WM5 any more...? *niggling feeling* Incedentally when i set up my jasjar with my exchange server i had a similar password problem, turned out i'd created the account, added a password, then later set up some password policies - which my account did not meet. Updated the password and all was well... As for installing the cert - i just exported it from my server and installed it on the jasjar, sorted...
Guest Mr.Clark Posted April 12, 2006 Report Posted April 12, 2006 The release of the IQ has been put back to NEXT monday (the 17th) so I don't know if MSFP (Messaging and Security Feature Pack otherwise known as AKU2) will be released tomorrow as originally planned or if they will hold it back until next monday. So did this arrive? I've been watching the MS site, but can't be 100% sure... :?:
Guest Confucious Posted April 12, 2006 Report Posted April 12, 2006 (edited) The update hasn't been released yet ;) It should appear on O2's site (not MS) but i've just looked for the link and can't find it as they seem to have changed there site... I should be informed as soon as it is available and will post a link when I get it. [Edit] Link is here but software not available yet. HTH Edited April 12, 2006 by Confucious
Guest Mr.Clark Posted April 18, 2006 Report Posted April 18, 2006 So they've released the Atom, but not the AKU2 update for the Exec? They're jsut as bad as Orange were with their C500 ROM updates ;)
Guest Confucious Posted April 19, 2006 Report Posted April 19, 2006 (edited) Just checked: Xda Exec ROM - the Xda Exec System Software The latest Xda Exec System Software is available for you to download. New and changed in this version of software, v1.30.162 are: * Microsoft AKU 2 (Adaptation Kit Update) featuring: Microsoft Messaging and Security Feature Pack (MSFP)* allowing Direct Push Email, Wireless Calendar, Contacts, Tasks, Global Address List (GAL) Lookup and Security Policies. * Requires organisations to be running Microsoft Exchange Server 2003 and SP2. Please contact your company IT Manager to confirm your infrastructure and for assistance with setting up your device for direct push email. * Updated Comm Manager, providing new buttons for controlling Direct Push Mail and active Data connections. * Updated Radio v1.09.00 * Updated CE image v1.30.107 [Edit] Although the example Phone number is +44 123456789 the number needs to be entered without any spaces eg +441234567890 [/Edit] Edited April 19, 2006 by Confucious
Guest Mr.Clark Posted April 21, 2006 Report Posted April 21, 2006 I've just upgraded to the new ROM and I'm getting the same error. Guess I'll have to stick SP2 on the Exchange server tonight...
Guest Confucious Posted May 17, 2006 Report Posted May 17, 2006 I had to get a free SSL cert and then install it on my exec and server. Or rather, a friend who knows what he's doing did it for me...
Guest Mr.Clark Posted September 12, 2006 Report Posted September 12, 2006 (edited) I still haven't got this fixed. :D However, we now have 5 corporate M5000s, 4 M3100s and 4 C600s, all of which need to connect to the Exchange server. Is the free SSL certificate from somewhere like http://cert.startcom.org/ ? Edited September 12, 2006 by Mr.Clark
Guest Paul (MVP) Posted September 12, 2006 Report Posted September 12, 2006 You can generate one yourself IIRC as long as you are able to install it on the device and the server. Do you have an SSL cert on the Exchange server already? P
Guest Mr.Clark Posted September 12, 2006 Report Posted September 12, 2006 Yes, we've generated our own, and they're installed on the devices. If I don't do the little reg hack at the beginning, it throws a message saying "The security certificate on the server is invalid" If you do the tweak, it repeatedly asks for the password, even through it's correct.
Guest Paul (MVP) Posted September 12, 2006 Report Posted September 12, 2006 The reg tweak is turning SSL off isn't it, so if the server is set to require it, it'll b0rk? Sounds like the cert isn't installed on the device correctly? If it is, you shouldn't need to reg tweak I think? P
Guest Mr.Clark Posted September 12, 2006 Report Posted September 12, 2006 The reg tweak is turning SSL off isn't it,I don't think so, I think it's disabling checking the server's certificate (which is why it gets further than a "No" response Sounds like the cert isn't installed on the device correctly? If it is, you shouldn't need to reg tweak I think? P I only know one way of installing a certificate... you click on it and it installs. It's in the Root list.
Guest Confucious Posted September 12, 2006 Report Posted September 12, 2006 I still haven't got this fixed. :D However, we now have 5 corporate M5000s, 4 M3100s and 4 C600s, all of which need to connect to the Exchange server. Is the free SSL certificate from somewhere like http://cert.startcom.org/ ? Yup mine came from Startcom but the cert then had to be made into a cab to install on the phone. The other thing that caused problems was he had to manually create root certs for FreeSSL primary and Startcom intermediate on my server HTH
Guest Mr.Clark Posted September 12, 2006 Report Posted September 12, 2006 That'll piss Orange off if we go that route... I just got them to generate signed cabs for the smartphones using our existing certificates. I don't get why we can't just use our certificate. I KNOW what the site is... it's ours! I don't care who doesn't trust it. We control the site, and the devices. ARG! *choking gestures*
Guest Confucious Posted September 12, 2006 Report Posted September 12, 2006 That'll piss Orange off if we go that route... I just got them to generate signed cabs for the smartphones using our existing certificates. I don't get why we can't just use our certificate. I KNOW what the site is... it's ours! I don't care who doesn't trust it. We control the site, and the devices. ARG! *choking gestures* Maybe you don't trust yourself? hehe
Guest Mr.Clark Posted September 13, 2006 Report Posted September 13, 2006 Actually, you're not far off. It turns out, as well as installing the certificate for the server, I also had to get a higher level certificate (Don't ask, I didn't know it was there) and take bits of that new one, turn it into a _setup.xml file and make it into a .cab file, then install it onto the PPCs. This has now enabled all of them to sync with our exchange server, even mine! The exceptions are the C600s, as I have to send the XML file off to Orange, so they can make it into a signed cab for the smartphones. Many thanks to all for your help! :D:D
Guest Confucious Posted September 13, 2006 Report Posted September 13, 2006 Great stuff! Well done and welcome to the world of push email! :D
Guest Mr.Clark Posted September 25, 2006 Report Posted September 25, 2006 Can I ask a stupid question? Push email... is that where you set the schedule in ActiveSync to sync "as items arrive"? If so, that's great, all done, and working :rolleyes:
Guest Confucious Posted September 25, 2006 Report Posted September 25, 2006 Can I ask a stupid question? Push email... is that where you set the schedule in ActiveSync to sync "as items arrive"? If so, that's great, all done, and working :( Yes And congratulations! :rolleyes:
Recommended Posts
Please sign in to comment
You will be able to leave a comment after signing in
Sign In Now