Archive for the 'Mobile' Category

« Previous Entries

Make a Call through a Bluetooth Connection

Tuesday, February 19th, 2008

Unfortunately, I am tiring of my iPhone; mostly due to the slow network speed. Now that the iTouch has all the cool apps as the iPhone (Goole Maps being the most useful for me) I’d like to give up the phone capabilities but still want to make phone calls through Google Maps. It would be great to have an iTouch application (or any platform in general) that could place a call through a bluetooth-connected cell phone. This would give me most of the same functionality of the iPhone without the headaches of the AT&T network.

Posted in Mobile, OSI, iPhone | 1 Comment »

ActiveSync error 80072f0d - Invalid security certificate

Tuesday, September 12th, 2006

I had to replace my XV6700 and of course, it was a new version of WM5 and I did not want to use my backup from Sprite Backup to restore so I had to install from scratch. Unfortunately, I forgot to save my certificates and had issues syncing with ActiveSync.

My configuration is an Exchange 2003 server behind a Linux firewall and an Apache 2.2 front end to Exchange. I’m connecting using https on my XV6700 but when trying to sync with the server, I kept encountering “The security certificate on the server is invalid. Contact your Exchange Server administrator or ISP to install a valid certificate on the server. Support Code: 80072f0d”.

I know my certificate was valid because I generated it myself! It turns out that was the problem - I was not a trusted root authority. Sigh. But that is easily remedied!

To resolve this problem all I needed to do was install my self-created CA signing certificate on the Pocket PC / XV6700. Since I created it on my Linux server, I had to convert it into a form the WM5 understands, in this case a DER encoded binary X.509 certificate. This could be done by importing it into Internet Explorer and then exporting in that format or in a simpler one-step process from the command line:

openssl x509 -in ca.crt -out ca.cer -outform DER

Now, just copy the ca.cer file to the PPC and open it in File Explorer. It will ask you if I want to install the certificate issued by . Clicking yes will import the certificate (that can be view in the Certificates control panel under the Root tab).

Once installed, ActiveSync no longer complains about the certificate and merrily performs it job.

Whew. Easy solution but it certainly took a while to recall!

Posted in Mobile, WILT | 1 Comment »

SMS, YouTube and Zero Cost Advertising

Friday, September 1st, 2006

I’m not a marketing person, but while watching this video on YouTube about a girl toting her addiction to Starbucks really made me think about an interesting marketing medium.

Why not utilize a coupon system over SMS in addition to product placement or promotion to sell products on Internet distributed videos? There are some very bright and creative people out there creating free content for video. Why not entice them to advertise a product and make some money at the same time?

Here’s how it works, using this Starbucks Addict video as an example. Ann (the video’s author) publishes some incredibly witty and clever video that somehow draws thousands or hundreds of thousands of people to watch it. Part of the video advertises Starbucks and there is a coupon offer associated with the video for 10% (or whatever) off.

So far, pretty simple; now to mix in SMS. I saw an article about using your phone as your wallet recently and I put these two ideas together.

Extending the example: to entice both parties to deliver, a single-use coupon code is created that uniquely identifies the offer. A hash is generated that identifies the author of the video, transaction number and expiration date. Of course, the author needs to get a registration key from Starbucks that authorizes the coupon. If the viewer decides they want the coupon, it can be SMS’ed to their phone and stored there. When time comes to use it, the viewer enters the Starbucks and text messages the coupon code to the store which automatically registers the coupon code and credits the video author’s account and also issues the discount for the item. The credit could be a flat fee or a percentange of the item. Everybody wins. The author gets credit for their creative talents, the viewer gets a discount and the product company gets some free advertising. And as a freebie, this method also allows for establishing some excellent metrics by tracking the coupon codes.

This can all be done with existing technology and it would be quite simple to do.

Posted in Mobile, OSI | 1 Comment »

OWA & ActiveSync Woes

Friday, August 4th, 2006

Since switching to Fedora Core 5, and more precisely, Apache 2.2, I’ve been getting intermittent issues when trying to sync my WM5 device and also using OWA. For me, the solution was not to reinstall Outlook or to upgrade to ActiveSync 4.2; the problem is with the proxy server that front-ends the Exchange/IIS server. I’ve blogged about this issue before and even though the ActiveSync error codes are the same, the causes are different.

My environment is still the same as the previous posting with the exception of an Apache 2.2 front-end instead of the VPN tunnel. Here’s a link to setting up the Apache server. (NOTE: I’m not experiencing the same problems with a percent in the subject so I have not applied the workaround.)

The problem surfaced as errors during ActiveSync-ing. I would see an error code of 85010014. I discovered the real problems were with Apache returning 502 errors. The error logs were filled with lines of the following form:

[Wed Aug 02 14:58:38 2006] [error] [client 192.168.86.111] proxy: error reading status line from remote server
[Wed Aug 02 14:58:38 2006] [error] [client 192.168.86.111] proxy: Error reading from remote server returned by /Microsoft-Server-ActiveSync

I believe the error has to do with timeouts from HTTP KeepAlives and mod_proxy reading from a closed pipe/handle. I have adjusted the timeouts on both ends and still received the same errors. I even disabled HTTP KeepAlives on the IIS error: that resulted in a whole new problem: error code 85010016. As soon as I re-enabled the HTTP KeepAlives on the IIS error, the 85010016 error went away (no need to restart the IIS server). I've also tried the SetEnv proxy-nokeepalive 1 workaround and that did not solve my problem.

I realized I had a configuration problem when checking netstat results and looking at the packets from Ethereal (now Wireshark). Turns out I had an SSL connection to the apache server but a plain old HTTP (port 80) connection to the IIS server! By adjusting my ProxyPass parameters in httpd.conf to point to https, my 85010014 error has gone away and I no longer see the error messages in my httpd logs.

For reference, my entry in httpd.conf:

ServerName owa.backend.server
ServerAdmin hostmaster@backend.server

ErrorLog logs/owa_error_log
CustomLog logs/owa_access_log combined
LogLevel warn

SSLEngine on
SSLProxyEngine on
SSLProtocol +all
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP
SSLProxyProtocol SSLv3

SSLCertificateFile /etc/httpd/conf/server.crt
SSLCertificateKeyFile /etc/httpd/conf/server.key

RequestHeader set Front-End-Https “On”
#ProxyPreserveHost On

ProxyPass / https://owa.backend.server/
ProxyPassReverse / https://owa.backend.server/
ProxyPass /rpc https://owa.backend.server/rpc/
ProxyPassReverse /rpc https://owa.backend.server/rpc/
ProxyPass /exchange https://owa.backend.server/exchange/
ProxyPassReverse /exchange https://owa.backend.server/exchange/
ProxyPass /exchweb https://owa.backend.server/exchweb/
ProxyPassReverse /exchweb https://owa.backend.server/exchweb/
ProxyPass /public https://owa.backend.server/public/
ProxyPassReverse /public https://owa.backend.server/public/
ProxyPass /iisadmpwd https://owa.backend.server/iisadmpwd/
ProxyPassReverse /iisadmpwd https://owa.backend.server/iisadmpwd/
ProxyPass /exchange-oma https://owa.backend.server/exchange-oma/
ProxyPassReverse /exchange-oma https://owa.backend.server/exchange-oma/
ProxyPass /Microsoft-Server-ActiveSync https://owa.backend.server/Microsoft-Server-ActiveSync/
ProxyPassReverse /Microsoft-Server-ActiveSync https://owa.backend.server/Microsoft-Server-ActiveSync/

CacheDisable *


Order allow,deny
allow from all
RedirectMatch ^/$ /exchange


Posted in Mobile, WILT | No Comments »

Exchange, ActiveSync and my new Verizon XV6700

Monday, March 20th, 2006

Ugh. After two solid days of trying to sync my phone with Exchange, I finally was successful. Most of the time, I continued to get the dreaded 0×85010014 error message from ActiveSync - meaning a server error had occured. I have found a lot of sites that gave a lot of information about resolving this issue, but most of them were threads trying to solve the problem. Here is what I learned about getting this to work.

Players:

  • Small Business Server 2003 SP1
  • Exchange Server 2003 SP2 (single instance, no front-end/back-end combination)
  • ActiveSync 4.1
  • Verizon XV6700, Windows Mobile 5.0

Error messages:

  • On ActiveSync & XV6700: 0×85010014

Quicks of my configuration:

  • Multiple e-mail addresses: rick@domain1.com, rick@domain2.com, rickw@domain3.com …
  • My Default e-mail address policy does not match my domain name, but does match my default e-mail address.
  • Exchange server is hidden behind Linux firewall and front-ended with sendmail.
  • Using a VPN connection to communicate directly to the exchange server from remote.
  • I’m not using ISA or other firewall software on the Exchange box.
  • The exchange box is the same box as the domain controller.
  • This is a single instance Exchange server; there is no front-end/back-end.

Things I’ve read but don’t need to do or worry about:

  • Since this is a server-side problem, I don’t think it’s necessary to uninstall/reinstall Outlook and/or ActiveSync.
  • I didn’t need to add the MasSync\Parameters SMTPProxy string key to the registry since my default email address policy matches my default email address (Refer to Microsoft Knowledge Base Article 886346).
  • Hard-reset of the handheld wasn’t necessary and can’t imagine it would be, unless of course…

Helpful (and probably necessary):

  • Delete the mobile device from both ActiveSync on the PC and ActiveSync on WM5 and then re-add it on the PC.
  • Configure IIS to support both Kerberos and NTLM authentication. Refer to Microsoft Knowledge Base Article 215383 for details.
  • Installed the root certificate on the handheld, although not necessary if not using SSL. Refer to this thread on HowardForums (search for “not trusting your home-brew cert”) for details.
  • Don’t worry about certificates is not using SSL.
  • Make sure both /Exchange and /Exchange-OMA have the following authentication methods are enabled: Integrated Windows authentication, Basic authentication.
  • Create the /Exchange-OMA Virtual Directory. If it already exists, delete it and recreate it according to the instructions provided by Method 2 in the Microsoft Knowledge Base Article 817379. This is the step that ultimately made this work for me.

Issues:

  • Getting it to sync over VPN is a bit tricky. To make sure that the VPN is connected on WM5, but the server name in ActiveSync matches the certificate (if using SSL), an exception needs to be added on the Connections control applet (Settings–>Connections–>Connections–>Advanced) to tell WM5 to initiate the VPN connection for hosts ending with your domain, for example: *.yourdomain.com. This allows it to sync using SSL, both OTA (over the air) and through the USB connection.

Extremely useful:

Notes:

  • I often saw an error in my Application Event viewer (on the exchange server) for Source: Server ActiveSync, Event ID: 3031 about the mailbox server does not allow “Negotiate” authentication to its [/exchange-oma] virtual directory. This led me to configure IIS to support both Kerberos and NTLM authentication (as described above), although after doing so, I continued to see the error message. It finally went away when I recreated the /Exchange-OMA directory.

Next, I’ll configure it to work with an apache front end to eliminate the need for a VPN tunnel.

Posted in Mobile, WILT | 5 Comments »

« Previous Entries
stop spam with honeypot!