Ugh. After two solid days of trying to sync my phone with Exchange, I finally was successful. Most of the time, I continued to get the dreaded 0×85010014 error message from ActiveSync – meaning a server error had occured. I have found a lot of sites that gave a lot of information about resolving this issue, but most of them were threads trying to solve the problem. Here is what I learned about getting this to work.

Players:

• Small Business Server 2003 SP1
• Exchange Server 2003 SP2 (single instance, no front-end/back-end combination)
• ActiveSync 4.1
• Verizon XV6700, Windows Mobile 5.0

Error messages:

• On ActiveSync & XV6700: 0×85010014

Quicks of my configuration:

• Multiple e-mail addresses: rick@domain1.com, rick@domain2.com, rickw@domain3.com …
• My Default e-mail address policy does not match my domain name, but does match my default e-mail address.
• Exchange server is hidden behind Linux firewall and front-ended with sendmail.
• Using a VPN connection to communicate directly to the exchange server from remote.
• I’m not using ISA or other firewall software on the Exchange box.
• The exchange box is the same box as the domain controller.
• This is a single instance Exchange server; there is no front-end/back-end.

Things I’ve read but don’t need to do or worry about:

• Since this is a server-side problem, I don’t think it’s necessary to uninstall/reinstall Outlook and/or ActiveSync.
• I didn’t need to add the MasSync\Parameters SMTPProxy string key to the registry since my default email address policy matches my default email address (Refer to Microsoft Knowledge Base Article 886346).
• Hard-reset of the handheld wasn’t necessary and can’t imagine it would be, unless of course…

Helpful (and probably necessary):

• Delete the mobile device from both ActiveSync on the PC and ActiveSync on WM5 and then re-add it on the PC.
• Configure IIS to support both Kerberos and NTLM authentication. Refer to Microsoft Knowledge Base Article 215383 for details.
• Installed the root certificate on the handheld, although not necessary if not using SSL. Refer to this thread on HowardForums (search for “not trusting your home-brew cert”) for details.
• Don’t worry about certificates is not using SSL.
• Make sure both /Exchange and /Exchange-OMA have the following authentication methods are enabled: Integrated Windows authentication, Basic authentication.
• Create the /Exchange-OMA Virtual Directory. If it already exists, delete it and recreate it according to the instructions provided by Method 2 in the Microsoft Knowledge Base Article 817379. This is the step that ultimately made this work for me.

Issues:

• Getting it to sync over VPN is a bit tricky. To make sure that the VPN is connected on WM5, but the server name in ActiveSync matches the certificate (if using SSL), an exception needs to be added on the Connections control applet (Settings–>Connections–>Connections–>Advanced) to tell WM5 to initiate the VPN connection for hosts ending with your domain, for example: *.yourdomain.com. This allows it to sync using SSL, both OTA (over the air) and through the USB connection.

Extremely useful:

• This Microsoft download: Troubleshooting Microsoft Exchange 2003 ActiveSync. This MS Word document contains a lot of helpful steps to troubleshoot the ActiveSync installation.

Notes:

• I often saw an error in my Application Event viewer (on the exchange server) for Source: Server ActiveSync, Event ID: 3031 about the mailbox server does not allow “Negotiate” authentication to its [/exchange-oma] virtual directory. This led me to configure IIS to support both Kerberos and NTLM authentication (as described above), although after doing so, I continued to see the error message. It finally went away when I recreated the /Exchange-OMA directory.

Next, I’ll configure it to work with an apache front end to eliminate the need for a VPN tunnel.

I’ve often wondered why Moore’s Law for Software does not exist – the evolution of software has failed at keeping pace with the vast changes in hardware.

Could Open Source Software be the panacea for this dilemma?

Truly, even though OSS has been around for years (having participated in it myself in the late 80’s, early 90’s), it’s been only recently that it has been gaining traction.

Are applications the end-result for OSS? As the pool of OS applications have matured and have gained the attention of executives all over, certainly it’s cool, cost-effective and productive to bring OS applications in house.

But the same facts that make these applications serious alternatives at a business level seem to have a deeper meaning.

Software is getting better. And it is getting better faster.

Worldwide collaboration on software projects has necessitated better processes to produce applications that can compete with commercial offerings. And exposing the applications’ strengths and weakness in the form of releasing code to the developer community has served as a proven educational tool.

Through sharing of code and intellectual property, students of OSS now have access to a wealth of resources, and as contributions grow, revolutionary ideas will unfold.

The developers seem to be getting younger. And the code and processes more mature. And the surface area is growing exponentially. I believe we are about to see fundamental improvements in the kinds and quality of software – improvements that are no longer linear.

Here is an easy recipe that offers a wide range of latitude and still produces incredible results. What’s great about this is you know exactly what is in the cereal – none of those artificial colors and flavors nor any preservatives: all natural and all good.

Ingredients

• 3 cups oatmeal
• 1/3 cup honey
• 1/4 cup maple syrup
• 1/4 – 1/2 cup butter (melted)
• choice of add-ins: raisins, chopped nuts, …

Directions

• Preheat the oven to 350°F.
• Spray a thin coat of cooking spray onto a large, non-stick cookie sheet.
• In a large glass bowl, combine all ingredients with a spatula until well blended.
• Spread the mixture onto the cookie sheet, keeping the mixture uniform in height.
• Place the cookie sheet in the oven and bake at 350°F for about 20 minutes, or until the oats have developed a nice golden color. Be careful not to brown or burn.
• When finished cooking, remove the cookie sheet and let rest to cool. Upon removal, the mixture will be soft, but as it cools, it will dry out and become hard. Wait at least 1/2 hour for the mixture to cool completely.
• When completely cool, scrape under the cereal with a spatua, breaking up the cereal into bite-sized pieeces.

Enjoy your cereal. It’s wonderful plain and even better mixed in with some low-fat vanilla yogurt (in place of milk).

Don’t be afraid to be creative – substitue different types and quantities of sweeteners. I have enjoyed molasses in place of the maple syrup. I also enjoy mixing in golden raisins and chopped almonds; any crunchy mix-in should work well.

After booting, everything seems to be working well…well almost.

On my Verizon XV6600, the image is offset to the right (and maybe top) about 8 pixels, leaving a thick white line own the left hand side. I have yet to overcome that (help anyone?)

The other difficulty is in connecting via ssh using usbnet. The biggest tricks are to set a route to the device and, if using a firewall, make certain the appropriate rules are there to that the firewall does not get in the way. The other trick is getting the PDA to see the usb0 network.

Before connecting the device, do a tail -f /var/log/messages on the linux box to see if the PDA connects. When plugging in the USB cable to the linux box from the PDA, you should see something similar to the following in the messages log:

usb 2-2.1: new full speed USB device using uhci_hcd and address 40

(I actually see a few of these with error messages in between (device descriptor read/64, error -71).

If you don’t see anything when connecting, try one of the following:

- Restart the boot procedure with the USB cable plugged in.
- Unload the drivers, plug in the cable and then reload the drivers.

The following will unload the drivers; you must be in a root shell on the PDA.

When I do the rmmod/modprobe, I see the following in my messages log:

Also, lsusb on my linux box yields:

If the usb0 device disappears from the PDA, restart the network with the following command:

Now that the usbnet connection is there, I need to set up the network.
Again, the transcript I used to connect with ssh:

Unfortunately, this doesn’t always work the first time through. You may have to disconnect the USB cable and reconnect. Afterwards, you’ll need to do the ‘netstat -r’ command again. Then you may actually be able to do the ssh!

Finally, if you have a firewall installed, before you can ssh (or anything else), you’ll have to insert some rules. The ones I used are:

Not only does all this assume the IP address 192.168.0.205 on the Linux box and 192.168.0.206 on the PDA, it requires it. The distribution on the PDA downloaded from the link earlier (contained in gpe-ba.tar.bz) sets up the PDA with the 192.168.0.205 address.

Try the following from the ssh connection (assuming you used the -X flag):
root@blueangel:~# gpe-info

You’ll see the following…

Good luck and enjoy!

Here’s more on installing, to make it a bit easier:

First, download the files:

haret.exe
zImage-2.6.12
initrd-2.6.12-hh2.gz
startup.txt
autorun.exe
gpe-ba.tar.bz

Next, install according to the commands below. The autorun goes in the 2577 directory, most of the others go in the linux directory and the big gzipped gpe-ba gets untarred on the second partition.

That should be it. Plug it in to your Blueangel device and it should automatically load and boot into Linux. But make certain that you have backed up the contents of your PDA first! Running Linux on it completely wipes out the PDA. You’ll need to install from scratch after resetting.

And, I don’t believe this distribution allows the phone to be charged while using it, so be warned! You will have to reinstall. I’d recommend a full charge before doing this.