Re: can access oma via browser, but mobile device won't work
- From: jogdial <jogdial@xxxxxxxxx>
- Date: Fri, 21 Sep 2007 05:09:08 -0700
On 21 Sep, 02:08, "Claus" <cjo...@xxxxxxxxxxxxx> wrote:
I'm afraid it will be very difficult to figure out what is wrong. SBS is a
very special integrate system and if you change configurations to match your
work setup (front/back end) and didn't keep track of the changes I don't
even know where to start.
I have kept very clear track of changes and when something doesn't
work backed it out.
We have clients with larger networks and Exchange
clusters and the first thing I learned many years ago when getting into the
SBS world is:
Use the Wizards!
The system was originally set up using the wizards, thats why oma and
exchange-oma virtual directory is there. It didn't work... that's why
I attempting to make it work.
The "weird stuff" that you quoted in your first paragraph is part of the
integration and internal redirection of the different components. Do you
remember the address that was there?
There were two addresses allowed there. the localhost loopback,
127.0.0.1 and the ip address of the server, 192.168.10.5. So these
two addresses were the only addresses allowed to connect to the oma
virtual directories/applications. I have run the wizard and these
addresses are now back in there. Strangely, I can still connect to
the oma virtual dir with my browser, so apparently this is going thru
a loop back of some sort... whatever, my mobile device still can't get
the data.
The oma application is there and set up by the wizard. The exchange-
oma virtual directory is there and it has been set up by the wizard.
The registry key HKLM\SYSTEM\CurrentControlSet\Services\MasSync
\Parameters\ExchangeVDir points to /exchange-oma - (this was put
there by the wizard) links them as per KB articles say they should
be. Everything looks exactly like it should.... however, I am still
getting the error when I restart WWW services in the applicaition log
from Active sync
As per artical 215383, my negotiate security header was not set. I
issued the said commmands and it now returns the correct security
header.
I have now double checked that I can access https://myserver.mydomain/oma
from external source through the firewall, so I also know it is not a
firewall problem.
I find it hard to believe that this isn't a fix to this problem and
that I am supposed to rebuild the server to fix this... when it was a
clean build and I used the wizards in the first place... what
guarantee do I have it's going to work next time? I'm willing to try
just about anything, but I have followed every KB article, checked all
and I'm really getting squat for any information back in log files or
event viewers etc... surely there has to be a better answer than
cross your fingers and rebuild, not to mentioon that's like a full
days work and as it's my wife's company, that's a full WEEKEND day -
unpaid :-)
Thanks
Bill
I'm not quite sure what to suggest but if one of my people came to me with
this I probably would tell him to flatten the box and start from scratch.
I'm sure that's not what you would like to hear but as well as the SBS
works, once it's messed up, it's very difficult to get it back to smooth
sailing.
--
Claus"jogdial" <jogd...@xxxxxxxxx> wrote in message
news:1190318881.143077.172490@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Ok, I've been through ALL the KBs on this. I actually have this
working at my company using a frontend/backend exchange config and all
our users get their exchange accounts perfectly. Using Windows Mobile
and Mail For Exchange Nokia package.... so now trying to set it up for
my wife's company who use SBS with exchange 2003 all patches applied
and I can't get it to work. Found a bunch of weird stuff, like under
the oma properties and exchange-oma properties directory security, ip
address and domain name restrictions had deny to all but and an one ip
address on our internal network that nobody has (I set this up from
scratch, where the hell did that come from) but anyway, finally got
to the point where I could go to my browser, type in
https://exchange.mydomain.com/oma
and the little mini menu comes up and I can browse it (said my device
wasn't supported) and all is fine. But when I try to access it with
my mobile device, I get a server error, try again later. This is SBS,
in the application log I am getting
Event Type: Error
Event Source: Server ActiveSync
Event Category: None
Event ID: 3031
Date: 20/09/2007
Time: 16:59:47
User: mydomain\billd
Computer: META
Description:
The mailbox server [META.mydomain.local] does not allow "Negotiate"
authentication to its [/exchange-oma] virtual directory. Exchange
ActiveSync can only access the server using this authentication
scheme. For information about how to configure Exchange virtual
directory settings, see Microsoft Knowledge Base article 817379,
"Exchange ActiveSync and Outlook Mobile Access errors occur when SSL
or forms-based authentication is required for Exchange Server
2003" (http://go.microsoft.com/fwlink/?linkid=3052&kbid=817379). For
information about how to properly configure IIS to support Kerberos
and NTLM authentication, see Microsoft Knowledge Base article 215383,
"How To Configure IIS to Support Both Kerberos and NTLM
Authentication" (http://go.microsoft.com/fwlink/?
linkid=3052&kbid=215383). This issue may occur after installing
Windows SharePoint Services on a server running Exchange Server 2003.
For information about how to properly configure a server to run both
Windows SharePoint Services and Exchange Server 2003, see Microsoft
Knowledge Base article 823265, "You receive a "Page not found" error
message when you use Outlook Web Access (OWA) to browse the Exchange
Server 2003 client after you install Windows SharePoint
Services" (http://go.microsoft.com/fwlink/?linkid=3052&kbid=823265).
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
At the end of the KB, it says:
Note If the server is Microsoft Windows Small Business Server 2003
(SBS), the name of the Exchange OMA virtual directory must be exchange-
oma.
The integrated setup of Microsoft Windows Small Business Server 2003
creates the exchange-oma virtual directory in IIS. Additionally, it
points the ExchangeVDir registry key to /exchange-oma during the
initial installation. Other SBS wizards, such as the Configure E-mail
and Internet Connection Wizard (CEICW) also expect the virtual
directory name in IIS to be exchange-oma.
So I can't really do what the KB says without deleting what is alread
there... and I don't understand what recreating this would do. I will
delete the virtual and recrate as per KB if someone would tell me it
works and why... but geeesh, this is driving me crazy. Why can i
access it via the browser, but my device fails? I have tried two
mobile devices (both of which work on my work server... and the cert
is from the same root auth and the root thingy ... sorry, I'm getting
a bit brain dead now, but the two setups are so identical other than
one is frontend/backend and the other is sbs... )
I don't actually get an error message in the logs when I try to sync.
It does connect, no authentication problems on the mobile device...
but then just says server failed after a while. I only get the above
message about the authentication thing .. yes I have gone in and
enabled the ntlm authentication using the script as per another KB.
and it says it is good, when I restart the WWW service.
I have compared the two sites and everything is identical. I AM SO
FRUSTRATED... ready to throw the fone out the window.
I'm sorry if this is a bit garbled, but I have spent two whole days
following KBs and at this point can't seem to get any furhter. Port
443 and 80 are allowed thru the firewall, no restrictions... once
again, I can get at OMA with my browser thru the firewall and browse
the minimenu thingy fine.
Can anyone tell me what I should look for next?- Hide quoted text -
- Show quoted text -
.
- Follow-Ups:
- References:
- Prev by Date: Re: Domain Admin can not access c$ share from server to clients HELP!!!!
- Next by Date: Re: Access to only two internet websites
- Previous by thread: Re: can access oma via browser, but mobile device won't work
- Next by thread: Re: can access oma via browser, but mobile device won't work
- Index(es):
Relevant Pages
|
Loading
