Welcome!

Welcome to the official BlackBerry Support Community Forums.

This is your resource to discuss support topics with your peers, and learn from each other.

inside custom component

BlackBerry® Enterprise Service 10

Reply
Contributor
negativezero
Posts: 13
Registered: ‎03-27-2013
My Device: z10
My Carrier: Bell Mobility
Accepted Solution

ActiveSync Exchange 2003

I have seen people with alot of issues related to getting their z10's talking to exchange 2003. This is more of an exchange related question. 

 

We have 2 z10's to start for testing. I have a vanilla bes10 server configured with an email profile pointing to one of our back end exchange servers. Our servers are internal only. Not facing the internet. From what i can tell the z10's are trying to sync with exchange servers as i see errors coming from the 2 users on the server.

 

Error1:

The mailbox server [servername goes here] has its [exchange] virtual directory set to require SSL.  Exchange ActiveSync cannot access the server if SSL is set to be required. 

 

Error2:

The mailbox server [servername goes here] does not allow "Negotiate" authentication to its [exchange] virtual directory. Exchange ActiveSync can only access the server using this authentication scheme.  

 

My question is what needs to be enabled on exchange 2003 for active sync to work properly in an internal environment. There are plenty of tuts for setting up ssl certs and things like that however that is not our scenario here. 

Please use plain text.
Guru III
knottyrope
Posts: 29,753
Registered: ‎06-25-2008
My Device:

I'm rockin the BlackBerry Z30, Z10, Q10, BlackBerry Mini Stereo Speaker, 64 gig PlayBook, BlackBerry Wireless Headset HS-700

My Carrier: I am on AT&T. Please edit your Personal Profile with your DEVICE TYPE, DEVICE OS and Carrier

Re: ActiveSync Exchange 2003


negativezero wrote:

I have seen people with alot of issues related to getting their z10's talking to exchange 2003. This is more of an exchange related question. 

 

We have 2 z10's to start for testing. I have a vanilla bes10 server configured with an email profile pointing to one of our back end exchange servers. Our servers are internal only. Not facing the internet. From what i can tell the z10's are trying to sync with exchange servers as i see errors coming from the 2 users on the server.

 

Error1:

The mailbox server [servername goes here] has its [exchange] virtual directory set to require SSL.  Exchange ActiveSync cannot access the server if SSL is set to be required. Remove it if you want it to work. 

 

Error2:

The mailbox server [servername goes here] does not allow "Negotiate" authentication to its [exchange] virtual directory. Exchange ActiveSync can only access the server using this authentication scheme.  You have to change this if you want it to work.

 

My question is what needs to be enabled on exchange 2003 for active sync to work properly in an internal environment. There are plenty of tuts for setting up ssl certs and things like that however that is not our scenario here. 


this ia an EAS issue more than a BES issue.

 

Do you have EAS devices working?

 

SSL does not need to be enabled if you are using ISA or TMG in front of it to publish EAS or outlook anywhere

 

auth types need to be enabled if you want it to work.

 

What is it set to now?

 




Click here to Backup the data on your BlackBerry Device! It's important, and FREE!


Click "Accept as Solution" if your problem is solved. To give thanks, click thumbs up
Click to search the Knowledge Base at BTSC and click to Read The Fabulous Manuals

BESAdmin's, please make a signature with your BES environment info.


SIM Free BlackBerry Unlocking FAQ
Follow me on Twitter @knottyrope


Want to thank me? Buy my KnottyRope App here


BES 5.0.4 and BES 10.2.2 with Exchange 2010 and SQL 2008


Please use plain text.
Contributor
negativezero
Posts: 13
Registered: ‎03-27-2013
My Device: z10
My Carrier: Bell Mobility

Re: ActiveSync Exchange 2003

We had no EAS devices. No it was not enabled. Once we turned it on we also had to create a VDir for the phones just like here: http://www.youtube.com/watch?v=mXb4mcTX2-c

 

Needed to point AS to its own VDir with Integrated Auth on and require ssl off. 

 

 

Thanks for the help. Exec's wanted these fast so i was trying every avenue to look for help. 

Please use plain text.