1 Reply Latest reply: Feb 4, 2011 11:09 PM by Seedomang
eloff Level 1 (0 points)
Hi I am having a huge amount of trouble getting an IPhone 4 to use active sync with Exchange 2003 SP2 backend exchange. I have trawled through loads of forums and I have tried many things like all of this article:
http://technicians-blog.kingcomputer.com.au/exchange-server-activesync-connectiv ity-testing-for-iphone-not-working/ with no avail. When I use the tools offered by Microsoft such as https://www.testexchangeconnectivity.com/ I this error:
Testing HTTP Authentication Methods for URL https://email.domainame.co.nz/Microsoft-Server-Activesync/.
The HTTP authentication test failed.

I have also tested using the ActiveSyncTester.exe by Accessmylan and this throws an error:

Checking for application ................. OK
Checking version ......................... FAIL

ActiveSync is NOT available on this server.

I have opened up port 80 and 443 on the firewall and I have taken the certificate out and tried and I have also tried a self signed certificate with the email.domainname.co.nz and installed the pub key on the device to no avail. I don't think the certificate is the issue.

I have deactivated forms based authentication.

In the exchange 2003 SP2 server, server logs it does not log anything.

We have reset the network settings on the device itself.

we have pretty much tried everything people have suggested on the web.

Not sure what else we can try so if anyone has any ideas please let us know????

There must be something basic we have missed....

The device just shows Exchange Account verification failed error message.

IPhone, iOS 4, Server 2003 and Exchange 2003
  • Seedomang Level 1 (0 points)
    Why are you attempting a sync with the backend?
    The exchange back end implies that you have a front end server.

    By design Microsoft does not suggest that your backend servers ever touch the public Internet through a nat firewall period.
    The front end is the exposed server through ssl and https: one in the same.
    To be exact ms suggests that the front end be in a dmz with an ISA server in front of it to protect you fully.

    The web server does all the work here. Through ssl and the network active directory users name and password is what is needed to connect the iPhone and iPad to your exchange front end server through owa.

    Also it is implied that you have and know your fqdn for your front end server to mask the actual server name.

    If your server roles are a true front end back end solution this is what you do. Exposing the backend is not a good idea.

    The front end server takes the info from the backend server as needed and puts that info in a streaming database for optimized web usage. This is why the front end is designed separate. If you are using owa through the backend only then it is just an exchange server.

    I have designed my company exchange solution and this is-what works.

    Exchange 2003 sp2 backend cluster
    Exchange 2003 front end web server owa to be exact
    Certificate installed
    Forms based authentication and ssl
    Exchange active sync enabled
    Outlook mobile access

    That's all