No announcement yet.

iPhone 2.0 - Exchange 2003 - can't sync

  • Filter
  • Time
  • Show
Clear All
new posts

  • iPhone 2.0 - Exchange 2003 - can't sync

    Hi All,

    I'm working on setting up mobile access and activesync for our iPhone users. Here is a brief view of our setup:

    Backend - Clustered - Server 2003 SP3
    Front End: Server 2003 SP2
    SSL Certificate - Self signed, working with OWA
    OWA - working -

    I'm pretty new to exchange and this is what i have done so far:

    I have configured (through IIS) on the front end server to use SSL 128bit Encryption. This has been tested with OWA and all appears to be working fine. Once the certificate is accepted, users can email without problem.

    If i browse to - i receive the HTTP/1.1 501 not implemented message on the screen which i believe (correct me if i'm wrong) is what i should see.

    If i browse to - i am able to see my mail in it's basic format.

    So, the problem comes when i try to sync the iPhones. They accept the certificate and verify the username and password but they will not sync any mail. The only error message i get anywhere is on the front end server which is the 3031 error message. I've tried to go through the KB817379 but i have an FE Exchange set up so thats method 1 out of the way! I've also been through KB215383 and my FE exchange does say

    "NTAuthenticationProviders : (STRING) "Negotiate,NTLM"

    when i run the cmd.

    So....i'm stuck as to where to look next! Like i say, i'm no idiot, but i've not got a great deal of experiance in Exchange so any help will be greatly appreciated!

    Thanks in advance

  • #2
    Re: iPhone 2.0 - Exchange 2003 - can't sync

    What do you mean by "accepting" the certificate? I never advise anyone to use a self generated certificate with Exchange, particularly with EAS as it just causes problems.
    Does it work with Windows Mobile devices? If you haven't got any, get the emulator from Microsoft.

    Simon Butler
    Exchange MVP

    More Exchange Content:
    Exchange Resources List:
    In the UK? Hire me:

    Sembee is a registered trademark, used here with permission.


    • #3
      Re: iPhone 2.0 - Exchange 2003 - can't sync

      Had this issue the other day. It appears to be a problem with ActiveSync and OWA using SSL.

      Here is the fix I used...

      1.Start the IIS Manager
      2.Locate the Exchange Virtual Directory
      a.The default location is Web Sites\Default Web Site\Exchange
      3.Right click the Exchange virtual directory, click All Tasks, and the click Save Configuration to a file.
      a.IMPORTANT NOTE: You must first disable Forms Based Authentication from the Exchange System Manager Before you export the virtual directory. Also, you must disable SSL on the virtual directory BEFORE you export it. After exporting you can return to FBA and SSL.
      4.In the file name box, type a name. For example, type ExchangeVDir. Click Ok
      5.Right click the root of this web site. Typically, this is Default Web Site. Click New, and then click Virtual Directory (from file).
      6.In the Import Configuration dialog box, click Browse, locate the file that you created in step 4, click Open, and the click Read File.
      7.Under Select a configuration to import, click Exchange, and the click OK. A dialog box will appear that states that the “virtual directory already exists.”
      8.In the Alias box, type a name for the new virtual directory that you want Exchange ActiveSync and Outlook Mobile Access to use. For example, type ExchDAV. Click OK
      9.Right click the new virtual directory. In this example, Click ExchDAV. Click Properties.
      10.Click the Directory Security tab.
      11.Under Authentication and access control, click Edit.
      12.Make sure that only the following authentication methods are enabled, and the click OK:
      a.Integrated Windows authentication
      b.Basic authentication
      13.Under IP address and domain name restrictions, click Edit.
      14.Click Denied access, click Add, click Single computer, type the IP address of the server that you are configuring, and then click OK.
      15.Under Secure communications, click Edit. Make sure that Require secure channel (SSL) is not enabled, and then click OK.
      16.Click OK and the close IIS manager
      17.Click Start, click Run, type regedit and then click OK
      18.Locate the following registry subkey:
      a.HKEY_LOCAL_MACHINE\SYSTEM|CurrentControlSet\Servic es\MasSync\Parameters
      19.Right click Parameters, click to New, and the click String Value.
      20.Type ExchangeVDir and then press enter.
      21.Right click ExchangeVDir and the click Modify
      22.In the Value data box, type the name of the new virtual directory that you created in step 8 preceded by a foreword slash (/). For example, type /ExchDAV. Click Ok
      23.Quite Registry Editor
      24.Restart the IIS Admin Service


      • #4
        Re: iPhone 2.0 - Exchange 2003 - can't sync

        I managed to get it working today after all. I did accept the self-signed certificate and it is working fine - and appears to be problem free.

        The actual fix was that the certificate i had created had the common name of the server internally (servername.domain.local) and not the external FQDN. Once i had recreated a new certificate with that name - syncing correctly