Android 2.2 (FROYO) and Exchange connectivity issues.

At AIS, many of the development staff have become addicted to the Android based phone and their easy to configure and use MS Exchange active sync integration.  So when Verizon performed an OTA push of 2.2 (FROYO FRG01B) and all upgraded phones suddenly stopped synced with our Exchange server, moribund panic ensued.

The issue had to be fixed…. and fast! (lives were at stake here)

Overview
AIS is running

  • Microsoft Exchange 2007 (All patches current)
  • A client access server on the edge network (again, all patches current)
  • SSL certificate from a trusted authority

All in all, a plain vanilla Exchange setup.

Tools of the trade
If you have never used Microsoft’s Exchange Remote Connectivity Tool, you really need to spend some time and check it out!  This tool is a massive timesaver.

https://www.testexchangeconnectivity.com/Default.aspx

The Research
Firing up the Exchange Connectivity test website, we selected and performed the Exchange ActiveSync test.

image

And what do you know, an error appeared

Accept/Require client certificates were found. Set the IIS configuration to Ignore Client Certificates if you aren’t using this type of authentication.

A quick check of our autodiscover site showed the SSL setting are set to ignore

image

The Root Cause
After some research into the settings for all of the virtual directories installed as part of MS Exchange, we discovered the virtual directory Microsoft-Server-ActiveSync was set to “Accept”.  It appears Microsoft’s default install of the ActiveSync end point defaults to “Accept”.  With the new FRG01B build, the Android Exchange implementation does not play nicely with Client Certificates.  Nice!

The Fix
Set the Microsoft-Server-ActiveSync virtual directory’s SSL settings to “Ignore” client certificates via the following steps:

  1. Open Internet Information Services (IIS) Manager
  2. Open the website which contains the Microsoft-Server-ActiveSync virtual directory
    This is usually located in the Default Web Site
  3. Click on the Microsoft-Server-ActiveSync virtual directory
  4. In the center action panel, double click on SSL Setting icon
    image
  5. Click the “Ignore” Client Certificates radio button
    image
  6. Restart IIS
  7. Reset your Mail profile on your handset.

One thought on “Android 2.2 (FROYO) and Exchange connectivity issues.

  1. Android Application Development Gold Coast

    Great site, can anybody recommend a better IDE then Eclipse for programming against Android? Something like Visual Studio 2010 would be nice 🙂

Comments are closed.