Hope someone can help. I recently setup Activesync so that mail is available on an iPhone through our SA2000. However I have now noticed that this setup seems to have broken the Outlook Web Access. When someone tries to use OWA they get a page cannot be displayed and in the User Access log I get the following:
Access blocked due to invalid ActiveSync request. Host: hostname.domain.co.uk, Request: /exchange
I setup a new signing in policy for Activesync to allow only activesync traffic. I then created a resource profile which auto created a resource policy. Something with this is abviously causing a conflict, is there a way round this?
This is because the ACL for ActiveSync and OWA are conflicting.
The simplist way around this is to create a host entry on the IVE for something like "mobilemail" and point it to the private IP address of your exchange server. Then edit the sign-in URL for your Activesync to point to the hosts entry. This allows you to have one ACL for Activesync, one for OWA and never the twain shall meet.
Thanks for the advice. Sorry to sound a bit dumb but I just wanted to confirm something.
I have setup a host of mobilemail pointing to the IP address of the Exchange server (10.1.1.2 for example).
In my signing in policy which section do I have to change? I have a virtual hostname of name.domain.co.uk and and backend URL of http://mailserver.domain.co.uk:80/*
Which bit on the signing in policy do I need to change?
It's the back-end URL you need to change as that the bit the ACL applies to..
Hmmm, I can't seem to get this working. I have done the following:
Under Network, Hosts, I have added an entry called mobilemail and pointed it to the internal address of the mail server
In the Signin policy I have changed the backend URL to various different things.
None of the changes I have made to the backend URL seem to work, if I check the User Access log then I can see lots of DNS lookup failures.
Apologies if I am bieng a bit dim
I don't suppose anyone knows how to fix this? I can't get the two systems to work at the same time and it is driving me mad
I came accross this issue, OWA cannot be published in the two ways at the time due to the fact that the IVE is acting a proxy to the same resource twice - only one of them will work for you - most likely is that the activesync will overcome,
i have found a solution for this issue - I use IVS = virtual system :
1.On the IVS the OWA is published to the users on the portal
2.On the IVE ROOT the activesync feature is applied
all is working great,
please note that an IVS is not that cheap license and is supported from the SA4000 model and up.
Kodu me if you like this solution :-)
Hmmm, so this issue cannot be fixed without splashing some cash?
Authentication -> Signing in -> Sign-in policies
Click New URL button
Select Authorization Only AccessÓ
Virtual Hostname must match the certificate in step 4.
Changed URL from mail.co.com to autodiscover.co.com (default exchange) OWA uses mail.co.com See set 3 for explanation.
Ahead of time create URL with bad reference, example mobility999.co.com. After it is created select by checking box and click disable. Double click URL and adjust to the correct URL. When you click save changes the Virtual hostname is still disabled. Verify the check is not there.
The Certificate should be created and installed ahead of time. However want to purchase near the conversion date since the certificate has a finite date. Import the Certificate into new Active Sync VPN. System -> Configuration -> Certificates -> Device Certificates Import Cert and KeyÓ
I just created a CNAME record in DNS for my internal activesync server and used that CNAME in the Virtual Hostname Sign-in Policy. No cash required...