[anon(252294)]

I work for a company that uses MS Exchange 2007 and has BES. I used to be able to connect using OWA and get the email pushed to my BB. A few months ago it stopped and I can not reconnect, along with everyone else that has a BB and is on BIS. Iphone and WinMo can still connect and get mail. What have they changed and what can I do to get the connection back? Any help would be appreciated.

[AZBBFAN]

do you have a wondows logon you changed about the same time as your email stopped working?

[anon(252294)]

Are you talking about network logins? We have to change all of that reguarly. I have changed password several times and I could just update the password on the BIS site.

[AZBBFAN]

That is what I was wondering. My company is the same way. when windows prompts me to change my passowrd it changes all my passwords including email password, I wait until I get the error message from BIS then log in and change the password to re-validate. I had to get permission from corporate to allow this though. They have the ability to block it if they want to

[anon(252294)]

The "Local" IT doesn't seem to know what happened. It is really irritating to have iphone get there email and I can't. Just wish there was a way around it.

[anon(252294)]

When I try to set it up it says "Cannot connect to mail server-Invalid server name". I have tried every possible combo of settings.

[AZBBFAN]

are you on BES? That is what it sounds like

[anon(252294)]

No I am on BIS. They have a BES server for the phones they give out.

[anon(252294)]

One thing i noticed was the Tour does not have the Enterprise activation option in the options. I had that option on my Curve. Is this not a BES capable phone?

[GlenB]

1fast72 - the first question is can you logon via the OWA web interface from the internet, i.e. outside the office? Second, verify that when you are logged in, the URL does not include the text cookieauth.dll as this implies that MS ISA server is in use and this causes BIS an issue.

[anon(252294)]

I can log in outside the office. When logged in it is https://owa.company.net/owa. When on the login screen there is a lot more after the owa i think there is a cookie.dll in there somewhere.

[idoacctg]

Is the word "exchange" in the string when you sign-in? I was having seem issue after my IT group did an upgrade.

What I did was log into mail via web once I connected I copied and pasted that url into the server address box when setting up the BIS account. Somehow the prior url quit working after the upgrade.

[GlenB]

Exchange 2003 uses the convention servername\exchange\mailboxname
Exchange 2007 uses the convention servername\owa\mailboxname though \exchange is normally configured to redirect to \exchange.

It is worth doing as idoacctg suggests and copying/pasting the URL from an OWA page into BIS to make sure you have it correct. But, if the URL contains cookieauth.dll it isnt going to work on BIS, as this will indicate that they have deployed MS ISA.

[anon(252294)]

Well copy and paste the url didn't work. The word cookie does not appear in the url but "auth" does. I am guessing they set up a ISA. I have looked it up and WinMo can get passed it and Blackberry can't.

Does anyone know of a way around it? Our IT dept. won't give me access to the BES on my personal device( don't want an IT policy on it anyway)and I would really like to have my email back. Any suggestions?

[ifly4fun]

Well copy and paste the url didn't work. The word cookie does not appear in the url but "auth" does. I am guessing they set up a ISA. I have looked it up and WinMo can get passed it and Blackberry can't.

Does anyone know of a way around it? Our IT dept. won't give me access to the BES on my personal device( don't want an IT policy on it anyway)and I would really like to have my email back. Any suggestions?

Do they allow POP?

[silly_walk]

One thing i noticed was the Tour does not have the Enterprise activation option in the options. I had that option on my Curve. Is this not a BES capable phone?

You should only see the option if your device is provisioned for BES by your provider.

[jonw757]

Well copy and paste the url didn't work. The word cookie does not appear in the url but "auth" does. I am guessing they set up a ISA. I have looked it up and WinMo can get passed it and Blackberry can't.

Does anyone know of a way around it? Our IT dept. won't give me access to the BES on my personal device( don't want an IT policy on it anyway)and I would really like to have my email back. Any suggestions?

Do you know if they have Outlook Anywhere setup? Or you can use blackberry desktop redirector from work. I setup redirector at home using Outlook Anywhere and it works fine.

[dpvone]

The only other way to get into your email is via POP as ifly4fun asked or imap4, and both of those defeat the purpose of having a Blackberry in the first place. Most larger companies I've consulted at don't allow work email on personal devices.

[KINetics]

KB02189

Cause

The Microsoft Outlook Web Access source server is using a Microsoft Internet Security and Acceleration (ISA) Server. This feature is causing the failure to validate.

To confirm that the Microsoft Outlook Web Access source server is using a Microsoft ISA Server, complete the following steps:

1. Go to the web address of the Microsoft Outlook Web Access account (for example, https://webmail.<url_name>.com/exchange).
2. The web address will change after redirection to the Microsoft Outlook Web Access login screen. If /CookieAuth.dll has been added to the web address, a Microsoft ISA Server is present.



Resolution

This is a previously reported issue that has been escalated internally to our development team. No resolution time frame is currently available.




How much pull do you have with your company IT?

If you can, there is a workaround that IT will need to implement. This was taken from another website. I have no pull with my IT so no go for me.

� Disable both your rules for OWA and BB phones.

� Create a new “Exchange Web Client Publishing Rule”.

� In the wizard choose Exchange 2007 and OWA.

� When asked how to connect to the web server choose SSL.

� On the next screen choose your internal site name (in your case is Exchange.hosting.local).

� Leave “Use a computer name or IP address....” unticked. Click next.

� Put your public name in the next screen of owa.exchange.com then click next.

� On the web listener page select or create a new web listener...

� The web listener must be configured as follows:

1. Authentication should be HTML form authentication and the validation method should be “Windows AD”. If you don’t have the ISA in the same domain we will have to do something else (later).

2. The Certificate should be your pub cert.

3. Authentication should be HTML form authentication and the validation method should be “Windows AD”. If you don’t have the ISA in the same domain we have to do something else (later).

4. The rest of the settings however you please.

� After selecting the web listener choose next then select NTLM authentication for delegation.

� For users leave the default of “All Authenticated Users”

� Complete the wizard.

� Now edit the rule manually by double clicking it.

� Click on the “To” tab and make sure your internal website name is in the first box. To test and make sure this works I would suggest trying to connect on this address from the ISA over HTTPS with OWA at the end. If this fails you need to fix this first. (Also if you have any trouble at any of point tell me the error and I may be able to assist). But at this point if ISA can’t resolve the internal site name it won’t work at all.

� Untick the box that says “forward the original host header....”

� Select the “Request appears to come from ISA Server” option.

� Click the Paths tab and add a new path of /EWS/*

� Click in the “application settings” tab and it should have the tickbox selected and “Exchange” in the first box. These were set by the wizard, leave them as they are but confirm these are set.

� DO NOT click test rule as it will fail at the moment, just ok the rule and close it. Apply your settings to the ISA.

[anon(252294)]

Well I have confirmed that they are using ISA 2006 and have found the KB bulletin on BB website. Now I am trying to redirect the email to my @carrier.BB.com email. Does anyone have the settings on how to do this? I have looked it up on Google and it doesn't work that way. Is this something IT can disable on the server or am I just doing it wrong.

[CanuckBB]

IT can, and usually does, disable global forwarding.

[anon(252294)]

Yep. Found that today. My IT dept doesn't give in much.

Posted from my CrackBerry at wapforums.crackberry.com

[miiike]

If they have disabled Global forwarding from the client side you could ask them to setup a contact card and forward your mailbox from A/D. Of course, they would have to like you, I wouldn't do it for most of my users, but it's worth a try.