A few weeks ago, a client asked me whether the Apple iPhone would work with Microsoft Exchange Server because the client wanted to purchase one when they were released. I suggested that he wait a few months until Apple worked out the bugs. As you know, the iPhone doesn't work with ActiveSync, however it does support IMAP. The client ended up purchasing an iPhone anyway and I was tasked with getting it to sync with Exchange. Ideally, you should use Secure IMAP/IMAP with SSL so your user name and password aren't sent in clear text across the Internet. Here are some guidelines for setting up Secure IMAP with Exchange Server 2003.
Verify that the IMAP service is started. If you have an Exchange front-end server, make sure the Microsoft Exchange IMAP4 service is started. If you don't have an Exchange front end server, make sure that the Microsoft Exchange IMAP4 service is started on the server that contains the mailbox that you want to sync up with the iPhone. Set this service to start automatically when the server is restarted.
Configure Secure IMAP. If you already have an SSL Certificate installed on your Exchange Server for Outlook Web Access (OWA), you’re in good shape. If you don't have an SSL certificate installed on your Exchange server you must either install Certificate Services on Windows Server 2003 and issue an SSL certificate or purchase a commercial certificate through an SSL provider such as Network Solutions or Thawte. The process of installing an SSL certificate has been well documented, so I’m not going to cover it here. To configure Secure IMAP, perform these steps.
a. Open Exchange System Manager (ESM) and select , Administrative Group, , Servers, , Protocols, IMAP4.
b. Right-click the Default IMAP4 Virtual Server and select Properties.
c. Select the Access Tab, and click the Certificate button.
d. Click Next.
e. Select Assign an existing Certificate and click Next.
f. Select the appropriate SSL Certificate and select Next.
g. Click Next, then click Finish.
Stop and restart the Default IMAP4 virtual server. Now you have enabled the use of the SSL certificate with IMAP4.
Get the Exchange Alias. Start Active Directory Users and Computers, and right-click the user account and select Properties for the user who wants to use an iPhone with Exchange. Click the Exchange General Tab and note the Alias name. You'll need it in the next step.
Verify that you have IMAP and SSL working properly. I suggest you configure an account to connect with IMAP4 using Outlook Express with a computer that's located on the internal network. This will verify that you have IMAP and SSL properly working before you configure the firewall. Start Outlook Express and set up an account. When you specify your Incoming and Outgoing servers, make sure to specify that your incoming mail server is an IMAP server and not a POP3 server. When you specify your login account, it must be in the format of
<netbios_domain_name> /<user_name> /<exchange_alias>
Enter the password for the user.
Enable SSL with IMAP in Outlook Express. After you have set up the account for the user, right-click the profile you just established, select Properties, and click the Advanced tab. Select the “This server requires a secure connection (SSL)” checkbox for both inbound and outbound mail and click OK. Click the Account you just created and then click the IMAP folders button to obtain a list of folders from the Exchange server. If you have difficulty connecting to your Exchange server with IMAP, double-check your settings specified in the previous steps and make certain that you have the correct for the account.
Configure the firewall. After you can connect with Outlook Express from within your network, make sure to configure your firewall to allow an inbound connection on TCP port 993 (SSL with IMAP4) to your Exchange server. After the firewall is configured, make sure you can connect to your Exchange server with IMAP4 using Outlook Express on a computer that's outside of your firewall. If you have difficulty connecting, double-check your firewall settings.
Configure your iPhone. Set up the IMAP profile on the iPhone. As I recall, you have to specify the user name and password on one line, as this example shows:
Make sure to leave a space between the account information and the password.
Happy iPhone syncing!
Tip: ESX Disk Space Allocation
Unlike VMware Server and Virtual Server 2005, VMware ESX Server requires that you pre-allocate the entire guest’s hard drive when you create it. The upside is less disk fragmentation and better performance for the guest, but the downside is this requires more disk space. This is especially true if you plan to create several base images to speed up the process of creating new guests on ESX. This may require more disk space on your ESX server. Plan accordingly.
End of Article
Excellent Article. It's reasons like this why I never let my subscription lapse!
oalexis@dar.org August 30, 2007 (Article Rating: )
Good instructions for inbound mail but, requiring SSL for outbound email results in an error that the server does not support a SSL connection. How should the server be configured?
donriddell March 31, 2008 (Article Rating: )
Yes, outbound can be prolbematic. Another option is to use a company like http://www.synchronica.com/ for your outbound mail. It's free. Of course, this is just a workaround until the iPhone natively supports Exchange 2003/2007.
asugano@adscon.com April 02, 2008 (Article Rating: )
Lousy ! I filled out all that infomation for that! Putting, "as I recall you have to specify the user name and password on one line" is terrible. How about actually trying it so we know. What about the certificate messages we get on the iphone that we can't get around. I don't think the author really tried this.
JPonitpro June 05, 2008 (Article Rating: )
We have this working at a client, and I did try it and it does work. You have to purchase a commercial SSL certificate, otherwise you will receive the certificate error and it will not work. SSL certificates can be purchased from Thawte, GoDaddy and other sources. Check out http://www.whichssl.com/ for more information on SSL Certificates. You have do install the SSL Certificate first before attempting to connect with IMAP and SSL. If you're still having problems, make sure you can connect with Outlook Express before trying to connect with the iPhone to try and narrow down the problem.
asugano@adscon.com June 06, 2008 (Article Rating: )
Make sure that when you order the SSL Certificate it exactly matches the external fully qualified domain name of your IMAP server, otherwise you will still receive an error. This name must match the FQDN of the IMAP server you enter in the phone. You may need to create an DNS A Record on your external DNS server as well.
asugano@adscon.com June 06, 2008 (Article Rating: )
I m not able to access the email. I tried ways for the username but its not working. if i Put the username in this format then <netbios_domain_name> /<user_name>/<exchange_alias> <password>
it says that the cannot get the email becuase username or password is in correct.
Please help
sikhan November 04, 2008 (Article Rating: )
If we put username just the username then it says cannot connect using SSL. Do you want to try setting up account without SSL
sikhan November 04, 2008 (Article Rating: )
The iPhone now supports native synching with Exchange. I suggest upgrading to the latest iPhone software update that supports Exchange 2003/2007. Here's a link to the software http://www.apple.com/iphone/softwareupdate/. We have a few clients running it and works pretty well. As long as your Exchange Server is configured for ActiveSync with Wndows Mobile Devices your iPhone should synch up fine.
asugano@adscon.com November 05, 2008 (Article Rating: )
Asugano where can I check in the server to make sure my exchange server is configured for activesync? :)
You must be a registered user or online subscriber to comment on this article. Please log on before posting a comment. Are you a new visitor?
Register now
An often irreverent look at some of the week's other news, including some more Windows 7 sales momentum, some Sophos stupidity, Microsoft's cloud computing self-loathing, more whining from the browser makers, Zoho's "Fake Office," and much, much more ...
Let Your Users Reset Their Own Passwords: Free Download Try a 30 day free trial of Desktop Authority Password Self-Service – it provides an easy-to-use, robust system for allowing users to reset their own forgotten passwords or locked accounts.
Get Windows IT Pro & Mark Minasi’s Favorite Power Tools Guide Order Windows IT Pro now and get "More of Mark Minasi's Favorite Power Tools"--a in-depth guide to the most useful Windows commands --FREE with your paid order! Subscribe today, and save 58% off the cover price!
Deep Dive into VMware vSphere, eLearning Series Join John Savill to explore the major functionality capabilities of the vSphere virtualization platform, including identification of the changes from ESX 3.5.
)
)
)
)
Register
oalexis@dar.org August 30, 2007 (Article Rating: