none
Exchange2007 PUSHMAIL問題詢問! RRS feed

  • 問題

  • Dear MVP高手:

    跟您請教Exchange2007 push mail設定問題.

    問題:手機無法同步

    1.憑證部分我有設定錯誤嗎?

    2.我有哪些資訊還需要提供好讓各位MVP高手們給我個建議.

    系統:WIN2008SBS+EXCHANGE2007(CAS,HT,MBX)

    內部主機名稱:pushmail
    內部網域:walter.local

    主機外部網域名稱:pushmail.walter.dyndns.dk IP:220.133.82.168

    外部網域:walter.dyndns.dk

    憑證資訊設定步驟:

    1.New-ExchangeCertificate -GenerateRequest -SubjectName "DC=dk,DC=dyndns,DC=walter,O=walter corp,CN=pushmail.walter.dyndns.dk" -DomainName pushmail,pushmail.walter.dyndns.dk,mail.walter.dyndns.dk,autodiscover.walter.dyndns.dk -FriendlyName "PUSHMAIL" -PrivateKeyExportable:$true -Path c:\pushmail.txt
    依照網頁步驟匯出pushmail.cer

    2.Import-ExchangeCertificate -Path c:\pushmail.cer

    3.Enable-ExchangeCertificate –Thumbprint 70ee071035ff65fa8d80ec0514e3ac3b2556f8d4 –Services “IIS,POP,IMAP”

    2010年10月27日 上午 05:25

解答

  • 我沒試過用 -subjectname 參數,

    我建議你新建一個憑證,使用如下參數

    new-exchangecertificate -generaterequest -domainname pushmail.walter.dyndns.dk,autodiscover.walter.dyndns.dk,mail.walter.dyndns.dk,pushmail -friendlyname pushmail -privatekeyexportable:$true -path c:\ca.txt

    再試試。


    Lusheng
    • 已標示為解答 Vic6010 2010年11月5日 上午 06:04
    2010年10月28日 上午 05:26
    版主

所有回覆

  • 你的手機有匯入根憑證嗎?
    Lusheng
    2010年10月27日 上午 06:03
    版主
  • Dear sir:

    有的手機有匯入.

    不好意思想跟您在詢問個問題

    我在做ping查詢我的exchange外部名稱解析

    解析為walter.dyndns.dk

    但我Microsoft-Server-ActiveSync URL為https://pushmail.walter.dyndns.dk/Microsoft-Server-ActiveSync

    另外微軟文件有提到

    外部 DNS 必須建立兩筆記錄,一是 pushmail.walter.dyndns.dk, 一是 autodiscover.walter.dyndns.dk

    請問這是建(A)紀錄主機名稱對嗎?

    很感謝您的幫忙.

    2010年10月27日 上午 06:13
  • 一般是建立 A record 。

    再另外提醒,測試用的帳號 不要加入 domain admins & enterprise admins 群組中。


    Lusheng
    2010年10月27日 上午 06:44
    版主
  • ExRCA is testing Exchange ActiveSync.
      The Exchange ActiveSync test failed.
     
    Test Steps
     
    ExRCA is attempting the Autodiscover and Exchange ActiveSync test (if requested).
      Testing of Autodiscover for Exchange ActiveSync failed.
     
    Test Steps
     
    ExRCA is attempting each method of contacting the Autodiscover service.
      The Autodiscover service couldn't be contacted successfully by any method.
     
    Test Steps
     
    Attempting to test potential AutoDiscover URL https://walter.dyndns.dk/AutoDiscover/AutoDiscover.xml
      Testing of this potential Autodiscover URL failed.
     
    Test Steps
     
    Attempting to resolve the host name walter.dyndns.dk in DNS.
      Host successfully resolved
     
    Additional Details
      IP(s) returned: 220.133.82.168
    Testing TCP Port 443 on host walter.dyndns.dk to ensure it is listening and open.
      The port was opened successfully.
    ExRCA is testing the SSL certificate to make sure it's valid.
      The SSL certificate failed one or more certificate validation checks.
     
    Test Steps
     
    The certificate name is being validated.
      Certificate name validation failed.
       <label for="testSelectWizard_ctl12_ctl06_ctl00_ctl00_ctl00_ctl02_ctl00_tmmArrow">Tell me more about this issue and how to resolve it</label>
     
    Additional Details
      Host name walter.dyndns.dk does not match any name found on the server certificate CN=pushmail.walter.dyndns.dk, O=walter corp, DC=walter, DC=dyndns, DC=dk
    Attempting to test potential AutoDiscover URL https://autodiscover.walter.dyndns.dk/AutoDiscover/AutoDiscover.xml
      Testing of this potential Autodiscover URL failed.
     
    Test Steps
     
    Attempting to resolve the host name autodiscover.walter.dyndns.dk in DNS.
      Host successfully resolved
     
    Additional Details
      IP(s) returned: 220.133.82.168
    Testing TCP Port 443 on host autodiscover.walter.dyndns.dk to ensure it is listening and open.
      The port was opened successfully.
    ExRCA is testing the SSL certificate to make sure it's valid.
      The SSL certificate failed one or more certificate validation checks.
     
    Test Steps
     
    The certificate name is being validated.
      Successfully validated the certificate name
     
    Additional Details
      Found hostname autodiscover.walter.dyndns.dk in Certificate Subject Alternative Name entry
    Certificate trust is being validated.
      Certificate trust validation failed.
     
    Additional Details
      The certificate chain couldn't be built. You may be missing required intermediate certificates.
    ExRCA is attempting to contact the Autodiscover service using the HTTP redirect method.
      The attempt to contact Autodiscover using the HTTP Redirect method failed.
     
    Test Steps
     
    Attempting to resolve the host name autodiscover.walter.dyndns.dk in DNS.
      Host successfully resolved
     
    Additional Details
      IP(s) returned: 220.133.82.168
    Testing TCP Port 80 on host autodiscover.walter.dyndns.dk to ensure it is listening and open.
      The port was opened successfully.
    Checking Host autodiscover.walter.dyndns.dk for an HTTP redirect to AutoDiscover
      ExRCA failed to get an HTTP redirect response for Autodiscover.
     
    Additional Details
      An HTTP 403 forbidden response was received. The response appears to have come from Unknown. Body is: 您沒有檢視此目錄或網頁的權限。
    ExRCA is attempting to contact the Autodiscover service using the DNS SRV redirect method.
      Failed to contact AutoDiscover using the DNS SRV redirect method.
     
    Test Steps
     
    Attempting to locate SRV record _autodiscover._tcp.walter.dyndns.dk in DNS.
      The Autodiscover SRV record wasn't found in DNS.
       <label for="testSelectWizard_ctl12_ctl06_ctl00_ctl00_ctl03_ctl00_tmmArrow">Tell me more about this issue and how to resolve it</label>

    Dear Sir:

    我在微軟Exchange測試網站

    https://www.testexchangeconnectivity.com/

    發現了一些問題.這是我SSL設定有問題嗎?

    我使用一般Domain user測試
    有出現SSL 憑證名稱不符合
    ExRCA is testing the SSL certificate to make sure it's valid.
      The SSL certificate failed one or more certificate validation checks.
       Test Steps
       The certificate name is being validated.
      Successfully validated the certificate name
       Additional Details
      Found hostname autodiscover.walter.dyndns.dk in Certificate Subject Alternative Name entry
     
     Certificate trust is being validated.
      Certificate trust validation failed.
       Additional Details
      The certificate chain couldn't be built. You may be missing required intermediate certificates.
    Testing TCP Port 80 on host autodiscover.walter.dyndns.dk to ensure it is listening and open.
      The port was opened successfully.
     Checking Host autodiscover.walter.dyndns.dk for an HTTP redirect to AutoDiscover
      ExRCA failed to get an HTTP redirect response for Autodiscover.
       Additional Details
      An HTTP 403 forbidden response was received. The response appears to have come from Unknown. Body is: 您沒有檢視此目錄或網頁的權限。 

    2010年10月27日 上午 07:21
  • 我沒試過用 -subjectname 參數,

    我建議你新建一個憑證,使用如下參數

    new-exchangecertificate -generaterequest -domainname pushmail.walter.dyndns.dk,autodiscover.walter.dyndns.dk,mail.walter.dyndns.dk,pushmail -friendlyname pushmail -privatekeyexportable:$true -path c:\ca.txt

    再試試。


    Lusheng
    • 已標示為解答 Vic6010 2010年11月5日 上午 06:04
    2010年10月28日 上午 05:26
    版主