סנכרון אימייל אייפון מול שרת הדואר
I recently picked up a first-generation iPhone from a friend and after playing around with it for a while I decided that I needed to have my email synchronized on it. For my business I run my BES, Exchange with RPC over HTTPS and ISA on a Server 2003 virtual machine, so my infrastructure was almost ready.
Almost, but not quite. A typical ActiveSync deployment consists of a front-end Exchange server, an ISA server and a second Exchange server. I've only got a single VM (more for convenience than anything else), so I had to make a few changes.
I'm assuming that you've got Exchange and ISA working, either on a single box or two individual servers. You also have a valid SSL certificate and port 443 is open.
Open the Exchange System Manager (ESM) and expand the Global Settings tree. Right click on Mobile Service, choose Properties and ensure that the ActiveSync options are all checked
These steps are identical to the ones in Microsoft KB 817379 - Exchange ActiveSync and Outlook Mobile Access errors occur when SSL or forms-based authentication is required for Exchange Server 2003.
1.Start Internet Information Services (IIS) Manager.
2.Locate the Exchange virtual directory. The default location is as follows:
3.Web SitesDefault Web SiteExchange
4.Right-click the Exchange virtual directory, click All Tasks, and then click Save Configuration to a File
5.In the File name box, type a name. For example, type ExchangeVDir. Click OK.
6.Right-click the root of this Web site. Typically, this is Default Web Site. Click New, and then click Virtual Directory (from file).
7.In the Import Configuration dialog box, click Browse, locate the file that you created in step 4, click Open, and then click Read File.
8.Under Select a configuration to import, click Exchange, and then click OK.
9.A dialog box will appear that states that the "virtual directory already exists."
10.In the Alias box, type a name for the new virtual directory that you want Exchange ActiveSync and Outlook Mobile Access to use. For example, type ExchDAV. Click OK.
11.Right-click the new virtual directory. In this example, click ExchDAV. Click Properties.
12.Click the Directory Security tab.
13.Under Authentication and access control, click Edit.
14.Make sure that only the following authentication methods are enabled, and then click OK:
◦Integrated Windows authentication
the Directory Security tab, under IP address and domain name restrictions, click Edit.
16.Click the option for Denied access, click Add, click Single computer and type the IP address of the server that you are configuring, and then click OK.
17.Under Secure communications, click Edit. Make sure that Require secure channel (SSL) is not enabled, and then click OK.
18.Click OK, and then close the IIS Manager.
19.Click Start, click Run, type regedit, and then click OK.
20.Locate the following registry subkey: HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesM asSyncParameters
21.Right-click Parameters, click to New, and then click String Value.
22.Type ExchangeVDir, and then press ENTER. Right-click ExchangeVDir, and then click Modify.
23.Note ExchangeVDir is case-sensitive. If you do not type ExchangeVDir exactly as it appears in this article, ActiveSync does not find the key when it locates the ExchDAV folder.
24.In the Value data box, type the name of the new virtual directory that you created in step 8. For example, type /ExchDAV. Click OK.
25.Quit Registry Editor.
26.Restart the IIS Admin service. To do this, follow these steps:
1.Click Start, click Run, type services.msc, and then click OK.
2.In the list of services, right-click IIS Admin service, and then click Restart.
You'll want to increase the heartbeat to 30 minutes per Microsoft KB 905013 - Enterprise firewall configuration for Exchange ActiveSync Direct Push Technology. If you don't do this you'll receive Event ID 3033 in your Application event log with the message
1.Open ISA Server Management and click Firewall Policy.
2.On the Toolbox tab, click Network Objects.
3.Expand the Web Listeners node, and then view the advanced properties of the applicable Web Listener.
4.Click the Preferences tab, and then click Advanced.
5.Modify the Connection Timeout from the default 120 seconds (2 minutes) to 1800 seconds (30 minutes).
6.Click OK two times to accept these changes.
That's really all there is to it. If you've got RPC over HTTPS working then your ISA server should be ready to handle traffic on port 443, and you're only a few steps away from ActiveSync glory