You might try turning off SSL long enough to test. We don't use SSL on our corporate Exchange server. I'm not sure why. Our IT Director is pretty strict on security, so I guess he's got it secure some other way.
I was not able to get any sync joy with my Pre.... after troubleshooting I have joy. Windows server 2003 (SBS).
(keep in mind there's a footnote about sbs version there too... read the whole thing first).
Not tough for a good admin to follow.
If you have your ssl certs configed and no joy: check out this...
try logging into OMA ( cant post links... so use your brain) https :// yourserver.domain.com / oma
Well known OMA problem.
The "sign in" button is gray (not active) unless I end the domain name with a .com for example .../oma is not possible (but for the record I believe mine is owa, which also doesn't work)
After working on the EAS SSL issue for hours today, I finally figured out that the self-signed certificate that SBS 2003 was creating had multiple Common Names (CN=). The first CN was the public hostname of the Exchange server and the last was the internal/private hostname. When I browsed to Outlook Web Access with the Pre and Trusted the certificate, I noticed that the Pre listed the certificate with the last CN - the private hostname (i.e. server.domain.local). Finally, I downloaded a utility and created a another self-signed certificate with only one CN - which pointed to the public FQDN. After adding that certificate to our server, I deleted the first certificate from the Pre and browsed back to OWA - and Trusted the new certificate. Then, I was able to successfully setup the Exchange account.
Finally got mine working. Everything is syncing now with no problems.
Started with the SSL Certificate/date and time problem. Put the certificate on board and still had no connection. It kept saying that my user name and password were not correct. I finally deleted the domain area and was able to log on with no problems. Strange and frustrating.
I couldn't figure this EAS stuff out so I broke down and bought an SSL cert from GoDaddy earlier today and got it up and running. Looking at everything I messed with, I think I could have gotten everything working fine the way bruceindfw did because my cert was only setup for my actual server name and not the full FQDN. When I created the cert request for GoDaddy I made sure to have the private hostname, FQDN, and after some reading I also added autodiscover.domainname.com. That last bit now allows me to use Outlook on my laptop anywhere to connect to my Exchange 2007 server Everything is now working great for me on the Pre... time to find other problems
Mike
---Abort, Retry, Fail???
Palm III > Palm V > Sony Clie PEG-NR70/U > Palm Treo 650 > Palm Treo 755p > Palm Treo 800w > Palm Pre
Geez... I just got mine working and I really am lacking on server knowledge. I was just browsing through our corporate folder and found a folder that had a PDA cert. I emailed it through my google account and loaded it onto the Pre's Cert Manager. I also left the domain entry area blank and Viola!
I am still bummed that i can search email though...
It does work without SSL. You just untick "require secure channel (ssl)" on the Microsoft-Server-ActiveSync virtual directory properties in IIS.
There is another major benefit to SSL though (other than privacy/security).. and that is that it ensures the mobile carrier (Sprint in your case) is not pissing about with the data, that they otherwise sometimes do for HTTP data, e.g. they re-compress JPEG pictures to very low quality, and perhaps other things that would cause EAS to break.
On the PIN issue.. I wonder if Palm are aware that the "require PIN" policy is default in Small Business Server 2008? Any SBS 2008 networks are going to have this policy in place unless the admins specifically decided to change it afterwards.
I have a few things I'd like to put out there and then ask a question.
We have Exchange Server 2007 and allow any mobile device gain access as long as it has the correct credentials. We use the address "https://....." in activesync but don't have SSL certs installed?
We don't have a PIN policy enforced either.
Question 1: How secure is a cert anyway (see below)?
What stops an employee exporting the mobile device cert and giving it to a colleague?
I know some would say that is like passing over your username and password but it isn't as the cert only allows you to be recognised as an approved device it doesn't give you access to tons of data. Anyway people are less likely to handout a password but a cert seems to be less of an issue.
Question 2: With our settings do you envisage having any issues as others have had here?
Question 3: When do we think the device lock and remote wipe feature may be available?
I have read every post...
The Palm Pro and the HTC Touch and iPhone just allowed me to enter the info and sync. My IT guys are not going to change the world for me-either it works or it doesn't. I don't have control of our server to make changes... how can it work on the Palm Pro and then not work seamlessly on this new "iPhone killer" ? This is a monumental "f up" by Palm. They said they have "escalated" me to a level 2 technician and to expect a call within 24 hours. I have no contacts, no calendar and no email... wow-what a great phone!?!?!
This might just be the straw that takes me back to the iPhone.
It's advertised to work with Outlook and push email... all over the internet.
I am a consumer techy-not a server techy... I want to be able to use this with the same ease I can use other devices. If it's not ready for release, than don't release it. This is like Porsche coming out with a cool new car that has a max speed limit of 30 mph...but, if you climb under the hood and call a mechanic, they can help you to get it up to 200 mph...
NO-I WANT IT TO WORK WHEN I BUY IT, STUPID!
EITHER IT WORKS WHEN TECH SUPPORT CALLS ME BACK, OR I LEAVE SPRINT AFTER 15 YEARS -
WITHOUT BEING ABLE TO SYNC MY OUTLOOK, I MIGHT AS WELL HAVE A STAR-TAC!
SMACK A PALM ENGINEER TODAY, PLEASE!
For many readers of this thread having issues with Pre's lack of basic EAS security features, such as device pin lock, please add your voice to the official thread on Palm's support site:
I have read every post...
The Palm Pro and the HTC Touch and iPhone just allowed me to enter the info and sync. My IT guys are not going to change the world for me-either it works or it doesn't. I don't have control of our server to make changes... how can it work on the Palm Pro and then not work seamlessly on this new "iPhone killer" ? This is a monumental "f up" by Palm. They said they have "escalated" me to a level 2 technician and to expect a call within 24 hours. I have no contacts, no calendar and no email... wow-what a great phone!?!?!
This might just be the straw that takes me back to the iPhone.
It's advertised to work with Outlook and push email... all over the internet.
I am a consumer techy-not a server techy... I want to be able to use this with the same ease I can use other devices. If it's not ready for release, than don't release it. This is like Porsche coming out with a cool new car that has a max speed limit of 30 mph...but, if you climb under the hood and call a mechanic, they can help you to get it up to 200 mph...
NO-I WANT IT TO WORK WHEN I BUY IT, STUPID!
EITHER IT WORKS WHEN TECH SUPPORT CALLS ME BACK, OR I LEAVE SPRINT AFTER 15 YEARS -
WITHOUT BEING ABLE TO SYNC MY OUTLOOK, I MIGHT AS WELL HAVE A STAR-TAC!
SMACK A PALM ENGINEER TODAY, PLEASE!
Welcome to our nightmare! . . . .
Until Palm fixes Exchange security - many of us are off Pre's bandwagon.
Pilot 1000=>Pilot 5000=>Palm IIIx=>Palm Vx=>Palm 505m=>Treo 600=>Treo 650=>Treo 700wx=>Treo 755p=>Palm Pre=>Palm Pre 2
Here's my question...I'm the secondary IT guy for our SoCal office and the main IT guy is at our HQ in NorCal. Anyway, we do not have SSL on our Exchange.
If we were to get a certificate, would people still be able to access EAS (through their iphones, OWA, WinMo devices, etc) using http:// instead of https:// or will everyone have to change their settings to https:// ?
It would be a royal pain to tell everyone they have to change their bookmarks for OWA, their settings on their devices so that I can get my Pre to work...all because there's not checkbox for SSL.
Okay, sorry for the little rant but the above question is a serious one. Thanks!