Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


gareth41

645 posts

Ultimate Geek


#41358 14-Sep-2009 17:15
Send private message

just migrated exchange over to a new server, ports 80, 25, 110, and 443 forwareded in the router to the new sbs exchange server (router also has static ip assigned from the isp with domain A and MX pointed to the static ip), all internal email using outlook 2007 is working no probs, outlook web access works no probs everyone can send the receieve mail without any problems on their pc's connected on the lan, however the iphones no longer work and have lost their contacts, i just cant work why the iphones dont work, im sure its something very simple. can anyone point me in the right direction? there is currently no security certificate installed on the sbs server will this make any difference? i must also add that i cant connect externally to the exchange server using outlook 2003 on my laptop connecting from another location, "exchange server not found" when trying to connect to static ip of router, would this be the reason why the iphones cant connect?

Create new topic
CYaBro
3345 posts

Uber Geek

Subscriber

  #255684 14-Sep-2009 18:24
Send private message

That will be the problem, not having a cert installed on the server.
Also, not sure if it will help but port 444 and 4125 are usually open for a sbs install.  Port 444 is more likely but 4125 is only for RWW I think.

gareth41

645 posts

Ultimate Geek


  #255726 14-Sep-2009 20:16
Send private message

CYaBro: That will be the problem, not having a cert installed on the server.
Also, not sure if it will help but port 444 and 4125 are usually open for a sbs install.  Port 444 is more likely but 4125 is only for RWW I think.


if i disable ssl would that fix it?

 
 
 
 


gareth41

645 posts

Ultimate Geek


  #256031 16-Sep-2009 09:58
Send private message

ok heres an update of where i am so far, im also sill have problems btw.

after googling tonnes of websites ive found out that the only ports that are needed are the ports i mentioned in my first post, no other ports are needed and imap is not needed, neither rpc over http. i successfully syncd a smartfone but get that dreaded error msg when trying the same with an iphone, "connection failed" ive heard its a common problem with the iphone and there is a way to fix it, how to fix it i wouldnt a clue, ive tried to many settings and following various tutorials, all which reference to imap and rpc over http which i know 100% certain these are not needed. can anyone help i need to get this all sorted

gareth41

645 posts

Ultimate Geek


  #256299 16-Sep-2009 22:07
Send private message

it would be much appreciated if someone could help me on this, im even willing to pay someone if thats what it takes to get help on these forums, i cant leave it any longer and am also looking for help elsewhere, please pm me thanks.

freitasm
BDFL - Memuneh
68841 posts

Uber Geek

Administrator
Trusted
Geekzone
Lifetime subscriber

  #256309 16-Sep-2009 22:19
Send private message

Here is how you configure ActiveSync on your iPhone. Note it says "iPhone or iPod touch will try to create a secure (SSL) connection to your Exchange server. If it cannot do this, it will try a non-SSL connection. To override the SSL setting, go into Settings, then Mail, Contacts, Calendars, select your Exchange account, tap Account Info, then toggle the Use SSL slider."

A SSL certificate shouldn't be needed then. But since you can't access the server when using Outlook from outside your network I'd say that either your port forward is incorrect or your server's firewall is blocking the incoming connections.





 

 

These links are referral codes

 

Geekzone broadband switch | Eletcricity comparison and switch | Hatch investment (NZ$ 10 bonus if NZ$100 deposited within 30 days) | Sharesies | Mighty Ape | Backblaze | Coinbase | TheMarket | My technology disclosure


bcourtney
652 posts

Ultimate Geek

Trusted

  #256312 16-Sep-2009 22:26
Send private message

Use SSL with the default self-signed certificate that SBS creates on your server. This certificate will need to be installed on the iPhones of course.

Where are you based?

DavSke
4 posts

Wannabe Geek


  #256317 16-Sep-2009 22:50
Send private message

 Could this be your problem have you upgraded to Exchange 2007

Opinion: Apple betrays the iPhone's business hopes
Apple security fix makes many iPhones suddenly incompatible with Exchange
By Galen Gruman, San Francisco | Wednesday, 16 September, 2009
Fixing a major but unacknowledged bug in the operating system, last week's iPhone OS 3.1 update has rendered most iPhones and all iPod Touches incompatible with Exchange 2007 servers that require on-device data be encrypted, a standard safeguard used by businesses.

In other words, Apple has fundamentally betrayed its iPhone users and the businesses that have either explicitly or implicitly supported the device.

If you're like me, you probably ran the iPhone OS 3.1 update late Friday along with all the other Mac OS X updates. And perhaps, like me, you found your device no longer syncing to your company's Exchange 2007 Server. I, for one, assumed something had changed on the back end. After all, a dot-one update is a bug fix, so there shouldn't have been anything major to watch out for. But I learned on Monday it was the update itself that was to blame.

My first reaction was, "Damn. Now I can't check email or schedules when not at my desk. I wonder how long it will take for Apple to fix the issue." Our IT department is not about to relax its encryption requirement to deal with a change in Apple's OS. Why should it?

Then it sunk in. The iPhone has been falsely reporting to Exchange servers since July 2008 that it supports on-device encryption.

The lie the iPhone has been telling

That's right. Thousands of users have been accessing email, calendars, and contacts over Exchange connections through their iPhones or iPod Touches, not knowing they were compromising their corporate security. During that entire time, Apple has extolled its support of Exchange and convinced many businesses that the iPhone was a corporate-class device they should embrace or, at least, tolerate.

How many businesses will revisit that support now that they know Apple shipped and promoted a product as fit for business only to later find that the device had a major security flaw? Apple clearly knew of the flaw at some point; otherwise, it would not have fixed it in the iPhone OS 3.1 update. Worse, how many users or businesses will trust Apple, now that they know it not only hid a major flaw from their attention but also slipstreamed a fix that broke compatibility with most of its devices?

Consider the implications on Mac OS X Snow Leopard, which now boasts the same Exchange support as the iPhone. As of the Mac OS X 10.6.1 update of last week, it still works with our encryption-requiring Exchange 2007 Server. But how does anyone know Snow Leopard won 't have a similar breakdown in the future, if not for encryption then for something else?

I suspect that Apple has set back its enterprise cause several years, if not permanently.

The fundamental damage that Apple has done to itself involves trust. IT may be glad that now unencrypted iPhones and iPod Touches — meaning every model except the iPhone 3G S released earlier this year — aren't violating their security policies. But IT won't be happy about learning those devices were unsecurely accessing their Exchange servers or about dealing with all those users whose iPhones and iPod Touches suddenly have lost access to Exchange.

No good options to fix the problem

And IT won't be happy to follow Apple's official suggestions: Either replace the devices with 3G S models or change the security policies to allow at least iPhone users to access Exchange without requiring on-device encryption. Neither option is realistic, and both show an amazing naïveté, or perhaps arrogance, about Apple's view of the business environment.

The third option — downgrading the iPhone OS to 3.0 — is unrealistic for many users. If you're lucky and the last backup of your iPhone has the previous OS, go to iTunes and click Restore. Otherwise, you need to have a copy of a 3.0-based backup (Mac OS X users who have Time Machine running likely will), or you need to download the 3.0 version from BitTorrent or other questionable sites, then restore your iPhone or iPod Touch using that older OS. Note that you have to Option-click in Mac OS X or Shift-click in Windows the Restore button in iTunes to be able to choose that backed-up or downloaded 3.0 OS. After the restore is complete, you'll likely have to reinstall some apps, update your music files, and so forth to reflect changes made since the last backup; if you have no backup, you're essentially starting over. Despite what I read on various blogs, I was able to restore an unsanctioned iPhone OS 3.0 onto my iPod Touch using the new iTunes 9.

I have my Exchange access back — but I had to become a hacker to do it. Few people will do that. And many organisations may decide to ban all iPhones and iPod Touches from Exchange rather than risk access by unencrypted devices that hack around their security policies by dowbngrading to the 3.0 OS or not upgrading to the 3.1 version.

There's a fourth possible option, which is the only one that would satisfy legitimate IT security concerns: Apple revs iPhone OS to include software encryption, so the pre-3G S devices can honestly tell Exchange 2007 they support on-device encryption. But Apple has avoided implementing such encryption since Day 1, except for the 3G S released in July. I'm betting there's a reason the on-device encryption is available only on the faster-chip model. Plus, Apple has been very clear in saying it won't support simultaneous processes in the iPhone OS, which any software encryption would likely need to be.

Does Apple have a plan to reenable the pre-3G S models' ability to work with Exchange when encryption is a requirement? I asked Apple that question yesterday, and a spokeswoman said she would let me know when she had an answer. So far, there is none.

The sick feeling of betrayal

I really like my iPod Touch, but at this point, I won't buy another one or an iPhone. Right now, I simply can't count on Apple to do the right thing. If I did get a 3G S or some future encryption-enabled iPod Touch model, what other nasty surprise will I find a year on?

While the apps are fun and being able to go to the Web when on the road is useful, the major benefit that I — and most business users — get is access to email and calendars. If the devices touted for more than a year as great at doing that really can't do it in the real-world business context, they're not worth the several hundred dollars they cost or the limited space in my pockets. I can get a Palm Pre instead; after all, it still works with Exchange, and for my on-the-road music, I can bring along a cheaper iPod.

I've been a champion of the iPhone as more than a fancy iPod for a couple years now, suggesting that businesses give it a serious look despite some of its more IT-desired omissions. Now, I feel embarrassed for having done so. I've tolerated Apple's half-baked iPhone management tools, given that the company has been careful not to claim professional-level management support. But Apple's made a lot of hay about its Exchange support. Yes, it technically supports Exchange, but not in the way that anyone would expect in the real world. Yet Apple let us all think it did. Then it revealed the truth in a damaging, surprising, inconsiderate way.

That's a double betrayal. And a sad, sick feeling.

Apple has to move quickly to fix the immediate problem and start giving business users with the information they need and the respect they deserve.

 
 
 
 


gareth41

645 posts

Ultimate Geek


  #256364 17-Sep-2009 08:17
Send private message

thanks everyone
i managed to get it all sorted, was as simple as installing exchange 2003 sp2, since i did the initial server install from sbs 2003 r2 media i assumed all the service packs were included, i didnt think to check the exchange service pack in exchange system manager, however when i did it was only sp1 so downloaded and installed exchange sp2 from microsoft, shortly after i installed sp2 all the iphones started syncing again.

just though i would reference this in case anyone else is having same prob, sp2 for exchange has to be installed for an iphone to sync otherwise you will just get a connection error.

Create new topic





News »

Vodafone enables 5G roaming - for when international travel comes
Posted 30-Oct-2020 15:03


Spark awards funding to Kiwi businesses in 5G funding initiative
Posted 30-Oct-2020 14:58


Huawei launches IdeaHub Pro in New Zealand
Posted 27-Oct-2020 16:41


Southland-based IT specialist providing virtual services worldwide
Posted 27-Oct-2020 15:55


NASA discovers water on sunlit surface of Moon
Posted 27-Oct-2020 08:30


Huawei introduces new features to Petal Search, Maps and Docs
Posted 26-Oct-2020 18:05


Nokia selected by NASA to build first ever cellular network on the Moon
Posted 21-Oct-2020 08:34


Nanoleaf enhances lighting line with launch of Triangles and Mini Triangles
Posted 17-Oct-2020 20:18


Synology unveils DS16211+
Posted 17-Oct-2020 20:12


Ingram Micro introduces FootfallCam to New Zealand channel
Posted 17-Oct-2020 20:06


Dropbox adopts Virtual First working policy
Posted 17-Oct-2020 19:47


OPPO announces Reno4 Series 5G line-up in NZ
Posted 16-Oct-2020 08:52


Microsoft Highway to a Hundred expands to Asia Pacific
Posted 14-Oct-2020 09:34


Spark turns on 5G in Auckland
Posted 14-Oct-2020 09:29


AMD Launches AMD Ryzen 5000 Series Desktop Processors
Posted 9-Oct-2020 10:13









Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Support Geekzone »

Our community of supporters help make Geekzone possible. Click the button below to join them.

Support Geezone on PressPatron



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.