Question : Problem: IPhone and Server 2003 Mobile ActiveSync with SSL-- need some help

I have had a hell of a time getting the IPhone 3G working with our Exchange Server. After finally doing many searches I have gotten it to work but at a cost. It seems that SSL has to be disabled on the Exchange virtual directory and the ActiveSync virtual Directory (If you automatically redirect the default Websiter to Exchange that has to have the SSL removed too). You also have to uncheck Web Authentication form under HTTP in ESM.

It appears that the IPhone ActiveSync is more geared towards companies that have a front end / back end exchange servers. The front end has the SSL enabled while the backend has no SSL. This willl allow the activesync and OWA to always be secure when going to the user or vice versa-- ActivSync does not have a problem if the frontend is using SSL.

So with that, my company only has one Exchange server. Currently, i have removed the SSL function from the Exchange virtual directory and unchecked the Web Authentication form since my Executives needed their emails to come in on their new IPhones. I dont plan on having SSL down for too long-- most employees dont use OWA all that much so the securty issue isnt huge--yet.

I have read that microsoft has a fix that the user creates a new Exchange virtual directory. with a modification to the Registry Activesync will not look at the original and only the newly created one. This will allow OWA to be secured and not conflict with Activesync.


http://support.microsoft.com/kb/817379


Has anyone had a chance to verify this fix? Is SSL the only way to secure OWA email?

Answer : Problem: IPhone and Server 2003 Mobile ActiveSync with SSL-- need some help

Question PAQ'd, 125 points refunded, and stored in the solution database.