• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

iphone + SBS2003 R2

J

James Hurrell

#1
I have a user that has come to me today and said he needs to sync his
brand new iPhone with Exchange. I know that I could enable IMAP and get
him synching mail that way, but he would also like Contacts and
Calendar, hence the built in Exchange route.

I've read a lot about this on the web and it seems that the sticking
point is usually the self-signed cert that the iPhone doesn't like.

I have OMA enabled via CEICW and that works fine in a browser. The user
fills in the necessary details on the iPhone and the message he gets is
this when he attempts to complete the Exchange account setup:

Unable to verify certificate
The certificate from BLAH for account BLAH could not be verified.

I've read that some people have had success by manually installing the
cert on the iPhone, but I wondered if it wouldn't be a whole lot easier
just to get myself a third party trusted certificate and install that in
SBS and avoid the whole "certificate" issue on the iPhone? What do you
think?

I have found this, which is good:

http://blogs.technet.com/sbs/archiv...party-ssl-certificate-on-iis-on-sbs-2003.aspx

But can anyone tell me what is the preferred way to remove the existing
self-signed cert before I install the third party? Should i run the
CEICW and opt NOT to generate a cert?

And lastly, who should I get my cert from?
 
L

Leythos

#2
In article <uZ5$RcNpKHA.1892@newsgroup>, James Hurrell
says...

> Unable to verify certificate
> The certificate from BLAH for account BLAH could not be verified.
>
Use the web browser to connect, accept the certificate, that's all it
takes.

--
You can't trust your best friends, your five senses, only the little
voice inside you that most civilians don't even hear -- Listen to that.
Trust yourself.
spam999free@newsgroup (remove 999 for proper email address)
 
R

Robbin Meng [MSFT]

#3
Hello James,

Thanks for your post and Bill and Leythos's input.

I am not famillar with iPhone configuration, however AFAIK and based on others' feedback, the SBS 2003 self-assigned certificate should works for iPhone devices to connect
to SBS server. Here are some articles you may refer to:


iPhone and Microsoft Exchange Server
http://images.apple.com/iphone/enterprise/docs/iPhone_MS_Exchange.pdf

Regarding how to set Activesync settings in iphone, you can refer to the following article.
http://support.apple.com/manuals/en_US/Enterprise_Deployment_Guide.pdf

Walkthrough: Exchange ActiveSync On Your iPhone 2.0
http://www.theiphoneblog.com/2008/07/13/walkthrough-exchange-activesync-on-your-iphone-20


Hope this helps.


Best regards,
Robbin Meng(MSFT)
Microsoft Online Newsgroup Support
 
T

Teneo

#4
Hi

Done hundreds of them, no third party cerificate on server.

1. always ensure iphone coonected to itunes and fully updated OS
2. correct ports open on router.
3. server is handling dhcp NOT THE DAMN ROUTER !
4. CEICW settings used in server section on iphone i.e IP address or
company.no-ip.info
5 DONT PUT DOMAIN DETAILS IN iPHONE section

should then get message about accepting certificate and Voila




""Robbin Meng [MSFT]"" <v-robmen@newsgroup> wrote in message
news:ldZwI7XpKHA.2540@newsgroup

>
> Hello James,
>
> Thanks for your post and Bill and Leythos's input.
>
> I am not famillar with iPhone configuration, however AFAIK and based on
> others' feedback, the SBS 2003 self-assigned certificate should works for
> iPhone devices to connect
> to SBS server. Here are some articles you may refer to:
>
>
> iPhone and Microsoft Exchange Server
> http://images.apple.com/iphone/enterprise/docs/iPhone_MS_Exchange.pdf
>
> Regarding how to set Activesync settings in iphone, you can refer to the
> following article.
> http://support.apple.com/manuals/en_US/Enterprise_Deployment_Guide.pdf
>
> Walkthrough: Exchange ActiveSync On Your iPhone 2.0
> http://www.theiphoneblog.com/2008/07/13/walkthrough-exchange-activesync-on-your-iphone-20
>
>
> Hope this helps.
>
>
> Best regards,
> Robbin Meng(MSFT)
> Microsoft Online Newsgroup Support
>
>
 
A

Ace Fekay [MVP-DS, MCT]

#5
"James Hurrell" <"j_a_hurrell at hotmail com"> wrote in message
news:uZ5$RcNpKHA.1892@newsgroup

>I have a user that has come to me today and said he needs to sync his brand
>new iPhone with Exchange. I know that I could enable IMAP and get him
>synching mail that way, but he would also like Contacts and Calendar, hence
>the built in Exchange route.
>
> I've read a lot about this on the web and it seems that the sticking point
> is usually the self-signed cert that the iPhone doesn't like.
>
> I have OMA enabled via CEICW and that works fine in a browser. The user
> fills in the necessary details on the iPhone and the message he gets is
> this when he attempts to complete the Exchange account setup:
>
> Unable to verify certificate
> The certificate from BLAH for account BLAH could not be verified.
>
> I've read that some people have had success by manually installing the
> cert on the iPhone, but I wondered if it wouldn't be a whole lot easier
> just to get myself a third party trusted certificate and install that in
> SBS and avoid the whole "certificate" issue on the iPhone? What do you
> think?
>
> I have found this, which is good:
>
> http://blogs.technet.com/sbs/archiv...party-ssl-certificate-on-iis-on-sbs-2003.aspx
>
> But can anyone tell me what is the preferred way to remove the existing
> self-signed cert before I install the third party? Should i run the CEICW
> and opt NOT to generate a cert?
>
> And lastly, who should I get my cert from?

As others have mentioned, you can simply accept the certificate when setting
up an ActiveSync connection on the iPhone. I've done many, and they simply
work with the self signed certs on an SBS, or a self-created cert using a
private CA in an AD environment. Matter of fact, the beauty of the iPhone
(not talking about ATT's coverage, which is horrendous), they simply work
with ActiveSync without anything else to do other than accept the cert when
prompted during the ActiveSync setup.

Maybe there is something up wtih the phone, or someone had changed
something, added an app to it, etc, that can be causing it. Have you tried
resetting the phone to factory defaults and trying again?

Also with your Exchange installation, have you ran the SBSBPA and the EXBPA?

SBS BPA
www.sbsbpa.com

Download details: Exchange Best Practices Analyzer UpdateJan 15, 2008 ...
This download contains the latest XML and ExBPA.chm files. ... Fix-ups for
critical errors seen when running against SBS2003. ...
http://www.microsoft.com/downloads/details.aspx?familyid=4f2f1339-cbcd-4d26-9174-f30c10d7ec4c

Also, run the following to insure all ports and necessary sservices are
available for ActiveSync to work:

Microsoft Exchange Server Remote Connectivity AnalyzerSelect the test you
want to run: ... Microsoft Office Outlook Connectivity Tests ... Exchange
Remote Connectivity Analyzer has encountered an error. ...
https://www.testexchangeconnectivity.com/

--
Ace

This posting is provided "AS-IS" with no warranties or guarantees and
confers no rights.

Please reply back to the newsgroup or forum for collaboration benefit among
responding engineers, and to help others benefit from your resolution.

Ace Fekay, MVP, MCT, MCITP EA, MCTS Windows 2008 & Exchange 2007, MCSE &
MCSA 2003/2000, MCSA Messaging 2003
Microsoft Certified Trainer
Microsoft MVP - Directory Services

If you feel this is an urgent issue and require immediate assistance, please
contact Microsoft PSS directly. Please check http://support.microsoft.com
for regional support phone numbers.