ISA 2006 and Published ActiveSync CAS role Exchange 2007

6 02 2008

Since ActiveSync role was published in ISA 2006 to my Exchange Server 2007 my Samsung i600 Windows Mobile 6 client start complaining with the warning message below.

"Your account in Microsoft Exchange Server does not have permission to synchronize with your current settings.  Contact your Exchange Server administrator.
Support code: 0×85010004"

Before it was published with NAT and I have never seen this warning. I was not able to sync the mobile device anymore.

To fix this problem locate the Microsoft-Server-ActiveSync virtual directory in IIS MMC and uncheck Require secure channel (SSL) checkbox. Restart IIS.

image

This fixed my problem. Make sure you configure the internal SSL bridge to encrypt the data behind your ISA firewall. The communication between ISA and Exchange 2007 is not encrypted which is fine for lab, but for production generate a computer certificate on both ends for encrypted communication.

« VMWare ESX3i Cisco CDP protocol L2 overview Windows Server 2008 RTM installation in ESX »


Actions

Informations

Leave a comment

You can use these tags : <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>