Mail for Exchange
(→Turning the logging ON) |
(→Sync with Google Mail / Google Calendar is broken. "Error in communication with Exchange Server" is displayed) |
||
(40 intermediate revisions not shown) | |||
Line 1: | Line 1: | ||
- | + | ''For general information on synchronizing your N900 with a mail or calendar server, please see the [[sync]] page'' | |
- | + | ||
- | ''For general | + | |
This page answers questions which are commonly asked by new N900 MfE users. | This page answers questions which are commonly asked by new N900 MfE users. | ||
It is mostly based on the analysis of the [http://talk.maemo.org/showthread.php?t=35136 MfE support thread.] | It is mostly based on the analysis of the [http://talk.maemo.org/showthread.php?t=35136 MfE support thread.] | ||
- | The current version of the page addresses | + | The current version of the page addresses three versions of MfE: |
- | * PR1.0, also known as "Sales release" (1.2009.42-11) | + | * [[Maemo 5/PR1.0|PR1.0]], also known as "Sales release" (1.2009.42-11) |
- | * PR1.1 (2.2009.51-1). [http://conversations.nokia.com/2010/01/14/nokia-n900-software-update-part-2/ | + | * [[Maemo 5/PR1.1|PR1.1]] (2.2009.51-1). [http://conversations.nokia.com/2010/01/14/nokia-n900-software-update-part-2/ PR1.1 firmware update] |
+ | * [[Maemo_5/PR1.1.1|PR1.1.1]] (3.2010.02-8) | ||
See [[#How can I check what version of the software is installed in my N900?|How can I check what version of the software is installed in my N900?]] for steps to check what version of the software is installed in your device. | See [[#How can I check what version of the software is installed in my N900?|How can I check what version of the software is installed in my N900?]] for steps to check what version of the software is installed in your device. | ||
- | If you use PR1.0 (sales release) it is strongly advised to update to PR1.1. | + | If you use PR1.0 (sales release) it is strongly advised to update to PR1.1.1 |
- | See [ | + | See [[Maemo_5/PR1.1.1|PR1.1.1 summary]] for additional details and update instructions. |
== Compatibility == | == Compatibility == | ||
- | === | + | === Which server versions are supported by N900 MfE client? === |
==== PR 1.0 ==== | ==== PR 1.0 ==== | ||
Line 24: | Line 23: | ||
Microsoft Exchange 2007 with service packs on top. MS Exchange 2010 also works fine according to [http://talk.maemo.org/showthread.php?t=34981 users reports.] | Microsoft Exchange 2007 with service packs on top. MS Exchange 2010 also works fine according to [http://talk.maemo.org/showthread.php?t=34981 users reports.] | ||
- | In more technical terms, only EAS protocol 12.1 is supported and implementation is tested against MS Exchange 2007 servers. See [[#How can I check what versions of EAS protocol are supported by my server? |How can I check what versions of EAS protocol are supported by my server? ]] to check what EAS protocols are supported by your server. | + | In more technical terms, only EAS protocol 12.1 is supported and implementation is tested against MS Exchange 2007 servers. See [[#How can I check what versions of EAS protocol are supported by my server?|How can I check what versions of EAS protocol are supported by my server?]] to check what EAS protocols are supported by your server. |
- | ==== PR 1.1 ==== | + | ==== PR 1.1 and PR 1.1.1 ==== |
* Microsoft Exchange 2007 with and without service packs on top. MS Exchange 2010 also works fine according to [http://talk.maemo.org/showthread.php?t=34981 users reports.] | * Microsoft Exchange 2007 with and without service packs on top. MS Exchange 2010 also works fine according to [http://talk.maemo.org/showthread.php?t=34981 users reports.] | ||
* Microsoft Exchange 2003. | * Microsoft Exchange 2003. | ||
- | In more technical terms, EAS protocols 2.5, 12.0 and 12.1 are supported and implementation is tested against MS Exchange 2003 and 2007 servers. See [[#How can I check what versions of EAS protocol are supported by my server? |How can I check what versions of EAS protocol are supported by my server? ]] to check what EAS protocols are supported by your server. | + | In more technical terms, EAS protocols 2.5, 12.0 and 12.1 are supported and implementation is tested against MS Exchange 2003 and 2007 servers. See [[#How can I check what versions of EAS protocol are supported by my server?|How can I check what versions of EAS protocol are supported by my server?]] to check what EAS protocols are supported by your server. |
- | === | + | === Which server versions are NOT supported by N900 MfE client? === |
==== PR 1.0 ==== | ==== PR 1.0 ==== | ||
+ | |||
* Microsoft Exchange 2003 is not supported. | * Microsoft Exchange 2003 is not supported. | ||
* Microsoft Exchange 2007 without service packs is not supported. | * Microsoft Exchange 2007 without service packs is not supported. | ||
Line 41: | Line 41: | ||
The only way to get MfE working with these servers is to install PR.1.1 update which is [[#How can I check what version of the software is installed in my N900?|highly recommended.]] | The only way to get MfE working with these servers is to install PR.1.1 update which is [[#How can I check what version of the software is installed in my N900?|highly recommended.]] | ||
- | ==== PR 1.1 ==== | + | ==== PR 1.1 and PR 1.1.1 ==== |
- | * All non-MS services, although there has been [[Sync#Synchronising with Google | reported success]] synchronizing with Google and other non-MS services. | + | |
+ | * All non-MS services, although there has been [[Sync#Synchronising with Google|reported success]] synchronizing with Google and other non-MS services. | ||
=== Why is feature XXX present in MfE for S60 but not for the N900? === | === Why is feature XXX present in MfE for S60 but not for the N900? === | ||
Line 50: | Line 51: | ||
The table below tries to summarize the most important differences between S60 and Maemo MfE implementations. | The table below tries to summarize the most important differences between S60 and Maemo MfE implementations. | ||
- | {| class="wikitable" | + | {| class="wikitable" |
+ | |+ Maemo and S60 MfE feature summary | ||
|- | |- | ||
- | ! | + | ! Feature |
- | ! | + | ! S60 status |
- | ! | + | ! Maemo status |
|- | |- | ||
- | | | + | | ''E-Mail'' |
- | | | + | | YES, subfolders are not synced |
- | | | + | | YES, subfolders are synced |
|- | |- | ||
- | | | + | | ''Calendar'' |
- | | | + | | YES |
- | | | + | | YES |
|- | |- | ||
| ''Tasks'' | | ''Tasks'' | ||
- | | | + | | YES |
- | | | + | | YES |
|- | |- | ||
| ''Notes'' | | ''Notes'' | ||
- | | | + | | ? |
- | | | + | | NO |
|- | |- | ||
| ''Meeting invitations replying'' | | ''Meeting invitations replying'' | ||
- | | | + | | YES |
- | | | + | | NO |
|- | |- | ||
| ''Private appointments'' | | ''Private appointments'' | ||
- | | | + | | YES |
- | | | + | | NO |
|- | |- | ||
| ''Corporate address book (GAL)'' | | ''Corporate address book (GAL)'' | ||
- | | | + | | YES |
- | | | + | | YES (*) |
|- | |- | ||
| ''Exchange servers support'' | | ''Exchange servers support'' | ||
- | | | + | | 2003, 2007 |
- | | | + | | 2003, 2007 |
|- | |- | ||
| ''Autodiscover'' | | ''Autodiscover'' | ||
- | | | + | | YES |
- | | | + | | YES |
|- | |- | ||
| ''Provisioning support'' | | ''Provisioning support'' | ||
| Partly YES | | Partly YES | ||
| NO | | NO | ||
- | |||
|} | |} | ||
- | (*) This feature is supported in PR1.1 | + | (*) This feature is supported in PR1.1 and PR1.1.1 releases but not in PR1.0 (sales release). |
- | Lack of provisioning support in MfE for the N900 is the most common cause of problems with corporate Exchange servers in North America. | + | Lack of provisioning support in MfE for the N900 is the most common cause of problems with corporate Exchange servers in North America. See [[#Provisioning|Provisioning]] for additional details. |
== Known issues == | == Known issues == | ||
Line 108: | Line 109: | ||
N900 is considered to be "non provisioning device" from Exchange server point of view. It basically means that it can not be managed from Exchange server - administrator can not wipe your device, request you to use autolock and so on. Basically, all the provisioning data received from the server is ignored and the server is informed that N900 MfE does not support this feature. | N900 is considered to be "non provisioning device" from Exchange server point of view. It basically means that it can not be managed from Exchange server - administrator can not wipe your device, request you to use autolock and so on. Basically, all the provisioning data received from the server is ignored and the server is informed that N900 MfE does not support this feature. | ||
- | Exchange administrator can configure the server in | + | Exchange administrator can configure the server in two ways - he/she can allow to use non-provisioning devices or disallow. In the second case N900 MfE will not work as server will reject the connection. |
[http://talk.maemo.org/showpost.php?p=350081&postcount=33 Post with Exchange server 2003 management console] | [http://talk.maemo.org/showpost.php?p=350081&postcount=33 Post with Exchange server 2003 management console] | ||
- | === GAL support for Exchange 2003 === | + | === GAL support for Exchange 2003 in PR1.1 release === |
==== PR 1.1 ==== | ==== PR 1.1 ==== | ||
- | Corporate phone book support is broken for PR 1.1 release. | + | |
+ | Corporate phone book support is broken for PR 1.1 release. Update to PR1.1.1 or later releases of the software. It is broken only in PR1.1 release and only for Exchange 2003 servers (in more technical terms, for the EAS protocol 2.5). | ||
=== SSL-related errors === | === SSL-related errors === | ||
Line 121: | Line 123: | ||
The error message is displayed "Exchange server requires secure connection or account is disabled". | The error message is displayed "Exchange server requires secure connection or account is disabled". | ||
- | This infamous error message is caused by the fact that server certificate is untrusted from Maemo MfE client | + | This infamous error message is caused by the fact that server certificate is untrusted from Maemo MfE client point of view. |
Possible root causes and workarounds: | Possible root causes and workarounds: | ||
Line 131: | Line 133: | ||
Keep in mind - self-signed certificate shall have "CA" field. Otherwise, N900 certificate manager will not allow to install it. [http://talk.maemo.org/showpost.php?p=474320&postcount=871 This message] tells how to check does certificate has "CA" field or not. | Keep in mind - self-signed certificate shall have "CA" field. Otherwise, N900 certificate manager will not allow to install it. [http://talk.maemo.org/showpost.php?p=474320&postcount=871 This message] tells how to check does certificate has "CA" field or not. | ||
- | Unfortunately, there is no way to disable certificates check at the client side in the current MfE releases (both PR1.0 and PR1.1). | + | Unfortunately, there is no way to disable certificates check at the client side in the current MfE releases (both PR1.0 and PR1.1/PR1.1.1). |
==== PR1.0 ==== | ==== PR1.0 ==== | ||
Line 137: | Line 139: | ||
Disclaimer: | Disclaimer: | ||
- | ''The content of this section is applicable only for sales release (PR1.0). If you use this release, it is [[#How can I check what version of the software is installed in my N900?|highly recommended]] to upgrade the software to PR1.1 instead of following the advices below.'' | + | ''The content of this section is applicable only for sales release (PR1.0). If you use this release, it is [[#How can I check what version of the software is installed in my N900?|highly recommended]] to upgrade the software to PR1.1 or later releases instead of following the advices below.'' |
* [http://talk.maemo.org/showpost.php?p=422732&postcount=312 Another important hint about importing certificates.] | * [http://talk.maemo.org/showpost.php?p=422732&postcount=312 Another important hint about importing certificates.] | ||
* Server certificate is valid and trusted but MfE fails to sync. Check [https://bugs.maemo.org/show_bug.cgi?id=7357 this bug.] | * Server certificate is valid and trusted but MfE fails to sync. Check [https://bugs.maemo.org/show_bug.cgi?id=7357 this bug.] | ||
+ | |||
+ | === HTML Messages === | ||
+ | |||
+ | If you are using Exchange 2003 HTML messages will show as plain text. This is due to limitations of the ActiveSync protocol in this version of Exchange. The only way to get HTML support is to upgrade your server to Exchange 2007. | ||
+ | |||
+ | === Sync with Exchange 2003 is broken. "Error in communication with Exchange Server" is displayed=== | ||
+ | |||
+ | [http://talk.maemo.org/showpost.php?p=520334&postcount=1152 Problem statement.] Occurs only in PR1.1 and PR1.1.1 releases of the software. | ||
+ | |||
+ | This bug is fixed in the releases of the software later than PR.1.1.1. | ||
+ | |||
+ | The workaround is [[#How can I disable the synchronization of specific folders ?|to use mfefolders application]] and disable synchronization of "Deleted Items" folder. | ||
+ | |||
+ | === Sync with Google Mail / Google Calendar is broken. "Error in communication with Exchange Server" is displayed=== | ||
+ | <s>There is a work-around which works for some people, but not all: [http://talk.maemo.org/showpost.php?p=1219009&postcount=1554]</s> | ||
+ | |||
+ | The solution is to upgrade libcurl3 to the version in extras-devel, see: [http://talk.maemo.org/showpost.php?p=1219479&postcount=1558] | ||
== Troubleshooting == | == Troubleshooting == | ||
Line 153: | Line 172: | ||
Versions strings versus releases: | Versions strings versus releases: | ||
- | {| class="wikitable" | + | {| class="wikitable" |
+ | |+ N900 firmware versions and releases | ||
|- | |- | ||
- | ! | + | ! Version |
- | ! | + | ! Release |
|- | |- | ||
- | | | + | | 1.2009.42-11 |
- | | | + | | PR 1.0 (sales) |
|- | |- | ||
- | | | + | | 2.2009.51-1 |
- | | | + | | PR 1.1 |
|- | |- | ||
+ | | 3.2010.02-8 | ||
+ | | PR 1.1.1 | ||
+ | |- | ||
+ | | 10.2010.19-1 | ||
+ | | PR 1.2 | ||
|} | |} | ||
- | + | If you do not use the latest version it is strongly advised to update to PR1.2. | |
- | If you use | + | See [[Maemo 5/PR1.2|PR1.2 summary]] for additional details and update instructions. |
- | See [ | + | |
=== How can I check what versions of EAS protocol are supported by my server? === | === How can I check what versions of EAS protocol are supported by my server? === | ||
- | # | + | # Take the logs following the steps described in the section [[#How can I turn the logging ON or OFF?|How can I turn the logging ON or OFF?]] |
- | # | + | # Grep (search) for "MS-ASProtocolVersions:" in the logs. It will contain the EAS protocol versions supported by your server. |
=== How can I turn the logging ON or OFF? === | === How can I turn the logging ON or OFF? === | ||
+ | |||
Warning: | Warning: | ||
''Before sending the logs to somebody (including Nokia) or publishing them, check that the log files do not contain any data which you treat as private or confidentional!'' | ''Before sending the logs to somebody (including Nokia) or publishing them, check that the log files do not contain any data which you treat as private or confidentional!'' | ||
- | |||
==== Turning the logging ON ==== | ==== Turning the logging ON ==== | ||
- | + | <ol> | |
- | + | <li> | |
- | + | [[Documentation/devtools/maemo5/syslog|Install syslog]] and reboot the device | |
- | + | </li> | |
- | + | <li> | |
- | + | open terminal | |
- | + | </li> | |
- | + | <li> | |
- | + | Execute the command:<pre>sudo gainroot</pre> | |
- | + | </li> | |
- | + | <li> | |
- | + | Execute the command:<pre>cat /dev/null > /var/log/syslog</pre> | |
- | + | Why? This will just clear your current syslog file. This step should be considered optional and not recommended. | |
+ | </li> | ||
+ | <li> | ||
+ | Execute the following commands: | ||
+ | <pre> | ||
+ | gconftool-2 -s --type=int /apps/activesync/AsDaemon/Syslog/MinLogLevel 0 | ||
+ | gconftool-2 -s --type=int /apps/activesync/modest/Syslog/MinLogLevel 0 | ||
+ | gconftool-2 -s --type=int /apps/activesync/AsProvider/Syslog/MinLogLevel 0 | ||
+ | gconftool-2 -s --type=int /apps/activesync/AsBackup/Syslog/MinLogLevel 0 | ||
+ | gconftool-2 -s --type=int /apps/activesync/asapplet/Syslog/MinLogLevel 0 | ||
+ | gconftool-2 -s --type=int /apps/activesync/AsStatusApplet/Syslog/MinLogLevel 0 | ||
+ | </pre> | ||
+ | </li> | ||
+ | <li> | ||
+ | Reboot the device | ||
+ | </li> | ||
+ | <li> | ||
+ | Initiate the synchronization session | ||
+ | </li> | ||
+ | </ol> | ||
- | + | <code>/var/log/syslog</code> will contain the logs. In order to filter only activesync-specific logs the following command can be used: | |
- | + | grep activesync /var/log/syslog | |
In order to copy the activesync log to your computer follow the steps below: | In order to copy the activesync log to your computer follow the steps below: | ||
Line 205: | Line 248: | ||
# Make sure your N900 is not connected to any other device (including your desktop computer) through USB | # Make sure your N900 is not connected to any other device (including your desktop computer) through USB | ||
# Open xterm (if it is not opened yet) | # Open xterm (if it is not opened yet) | ||
- | # Issue the command | + | # Issue the command:<pre>sudo gainroot</pre>(if it was not issued yet) |
- | # Issue the command: | + | # Issue the command:<pre>grep activesync /var/log/syslog > /home/user/MyDocs/activesync.log</pre> |
# Close xterm | # Close xterm | ||
# Connect your N900 to the computer through USB | # Connect your N900 to the computer through USB | ||
Line 219: | Line 262: | ||
In order to turn the logs OFF, execute the following commands from xterm: | In order to turn the logs OFF, execute the following commands from xterm: | ||
- | + | <pre> | |
- | + | gconftool-2 -u /apps/activesync/AsDaemon/Syslog/MinLogLevel | |
- | + | gconftool-2 -u /apps/activesync/modest/Syslog/MinLogLevel | |
- | + | gconftool-2 -u /apps/activesync/AsProvider/Syslog/MinLogLevel | |
- | + | gconftool-2 -u /apps/activesync/AsBackup/Syslog/MinLogLevel | |
- | + | gconftool-2 -u /apps/activesync/asapplet/Syslog/MinLogLevel | |
+ | gconftool-2 -u /apps/activesync/AsStatusApplet/Syslog/MinLogLevel | ||
+ | </pre> | ||
After device reboot the logs will not be collected. | After device reboot the logs will not be collected. | ||
Line 232: | Line 277: | ||
There is the extended logging option for getting logged all data which are transmitted and received by ActiveSync protocol. This option requires as-daemon logging to be turned on as described above. Then, as-daemon process needs to receive USR2 signal. This also can be done from a device console: | There is the extended logging option for getting logged all data which are transmitted and received by ActiveSync protocol. This option requires as-daemon logging to be turned on as described above. Then, as-daemon process needs to receive USR2 signal. This also can be done from a device console: | ||
- | + | $ ps ax | grep as-daemon | |
This command will produce output like this: | This command will produce output like this: | ||
- | + | 1503 user 25756 S /usr/sbin/as-daemon -D --pidfile=/var/lock/as-daemon | |
where 1503 is the <pid> value needed for the next command. The next command is kill -USR2 <pid>, so for this case, it is: | where 1503 is the <pid> value needed for the next command. The next command is kill -USR2 <pid>, so for this case, it is: | ||
- | + | $ kill -USR2 1503 | |
After that, extended logging is turned on and ready to be used. This option does not survive over reboots. It can be turned off by sending the same kill -USR2 <pid> command again. | After that, extended logging is turned on and ready to be used. This option does not survive over reboots. It can be turned off by sending the same kill -USR2 <pid> command again. | ||
Line 250: | Line 295: | ||
=== Pre-setting EAS protocol to be used on sync/ disable auto-negotiation === | === Pre-setting EAS protocol to be used on sync/ disable auto-negotiation === | ||
- | In certain scenarios it might be useful to disable MfE's built in auto-negotiation function on what sync protocol (EAS 2.5, 12.0 or 12.1) to be used during syncs and use a pre-defined default one instead. Some users report error messages/ fails in sync when trying to establish a connection with e.g. a Scalix Groupware server. For the time being (until solved on either side) a workaround has been established by presetting the sync protocol to EAS 2.5 manually. Scalix Groupware Server with Scalix-AS-1.0.2-addon has been reported working with EAS 2.5 on basic sync (calendar, contacts and email). | + | In certain scenarios it might be useful to disable MfE's built in auto-negotiation function on what sync protocol (EAS 2.5, 12.0 or 12.1) to be used during syncs and use a pre-defined default one instead. Some users report error messages/ fails in sync when trying to establish a connection with e.g. a Scalix Groupware server. For the time being (until solved on either side) a workaround has been established by presetting the sync protocol to EAS 2.5 manually. Scalix Groupware Server with Scalix-AS-1.0.2-addon has been reported working with EAS 2.5 on basic sync (calendar, contacts and email). Before forcing MfE to use a specific protocol version make sure it is supported on the server-side. |
- | Before forcing MfE to use a specific protocol version make sure it is supported on the server-side. | + | |
To force MfE to use a particular protocol follow these steps: | To force MfE to use a particular protocol follow these steps: | ||
- | + | <ol> | |
- | + | <li> | |
- | + | Start MfE configuration wizard entering the credentials on the first page and press "next". Do not enter the server address on page 2 yet! | |
- | + | </li> | |
- | + | <li> | |
- | + | Open xterm and execute:<pre>sudo gainroot</pre> | |
+ | </li> | ||
+ | <li> | ||
+ | Execute the following commands: | ||
+ | <pre> | ||
+ | gconftool-2 -s --type=string /apps/activesync/ActiveSyncAccount1/use_version 2.5 | ||
+ | gconftool-2 -s --type=string /apps/activesync/ActiveSyncAccount1Temp/use_version 2.5 | ||
+ | </pre> | ||
+ | </li> | ||
+ | <li> | ||
+ | Now continue MfE setup wizard and enter server address. Click next and follow the procedure to finish the wizard. | ||
+ | </li> | ||
+ | </ol> | ||
+ | To check whether your changes have succesfully been submitted make sure you have [[Documentation/devtools/maemo5/syslog|syslog]] installed and type in xterm: | ||
- | + | sudo gainroot tail -f /var/log/syslog | grep "Created factory" | |
- | + | ||
- | + | ||
There won't be a output right away but when | There won't be a output right away but when | ||
Line 273: | Line 328: | ||
* Wizard setup completed | * Wizard setup completed | ||
- | you should be able to see *Created factory for version 2.5* on the terminal. | + | you should be able to see *Created factory for version 2.5* on the terminal. Pressing Ctrl+C will bring you back to the shell. |
- | Pressing Ctrl+C will bring you back to the shell. | + | |
- | + | ||
To disable the preset/ return to auto-negotiation it is recommended to delete the MfE-account and create a new one with the wizard from scratch. | To disable the preset/ return to auto-negotiation it is recommended to delete the MfE-account and create a new one with the wizard from scratch. | ||
- | + | Of course the above described way will also let you set EAS 12.0 or 12.1 as default protocols. Simply change the values of <code>use_version</code> in the respective gconftool commands. | |
- | Of course the above described way will also let you set EAS 12.0 or 12.1 as default protocols. Simply change the values | + | |
=== Debugging possible certificate errors on self-signed certificates === | === Debugging possible certificate errors on self-signed certificates === | ||
Line 292: | Line 344: | ||
Please open terminal and type: | Please open terminal and type: | ||
- | + | cmcli -T common-ca -v <your-server-dns-name-or-ip-address>:<port-number> | |
- | to check with one of the 118 pre-installed certificate authorities | + | |
- | or | + | to check with one of the 118 pre-installed certificate authorities or: |
- | + | ||
+ | cmcli -t ssl-ca -v <your-server-dns-name-or-ip-address>:<port-number> | ||
+ | |||
when the chain of trust ends with a user-installed certificate. To be on the safe side, you can actually use both at the same time: | when the chain of trust ends with a user-installed certificate. To be on the safe side, you can actually use both at the same time: | ||
- | |||
+ | cmcli -T common-ca -t ssl-ca -v <your-server-dns-name-or-ip-address>:<port-number> | ||
The missing tags have to be replaced with your personal server-address and respective port number (mostly 443 on SSL connections). | The missing tags have to be replaced with your personal server-address and respective port number (mostly 443 on SSL connections). | ||
- | |||
For instance: cmcli -T common-ca -v localhost:443 | For instance: cmcli -T common-ca -v localhost:443 | ||
- | |||
The output should read something like this: | The output should read something like this: | ||
Line 321: | Line 373: | ||
If the verification fails and you want to see why, you can save the certificates the server sends by giving also the -s switch at the command line. Like this: | If the verification fails and you want to see why, you can save the certificates the server sends by giving also the -s switch at the command line. Like this: | ||
- | + | cmcli -T common-ca -sv <your-servers-dns-name-or-ip-address>:<port-number> | |
This will make the command to write the server certificates and possibly sent intermediate CA certificates into file(s) with the .pem-extension, where the name of each file is the SHA1 hash of the public key in hexadecimal. You can then study these file for instance with the command | This will make the command to write the server certificates and possibly sent intermediate CA certificates into file(s) with the .pem-extension, where the name of each file is the SHA1 hash of the public key in hexadecimal. You can then study these file for instance with the command | ||
- | + | openssl x509 -text -in <certificate-file> | |
== Miscellaneous == | == Miscellaneous == | ||
Line 331: | Line 383: | ||
=== How can I use my corporate address book (GAL) ? === | === How can I use my corporate address book (GAL) ? === | ||
- | At first, [[#How can I check what version of the software is installed in my N900?|check that you use PR1.1 or later release of the software.]] | + | At first, [[#How can I check what version of the software is installed in my N900?|check that you use PR1.1 or later release of the software.]] If you use the release prior to PR1.1.1 check also [[#PR_1.1_3|the known problem of pre-PR1.1.1. Exchange 2003]] implementation. |
- | |||
It is possible to search for a contact in your corporate address book using "Contacts" application. | It is possible to search for a contact in your corporate address book using "Contacts" application. | ||
Follow these steps to add the contact from your corporate address book to the N900 address book: | Follow these steps to add the contact from your corporate address book to the N900 address book: | ||
- | + | # Open "Contacts" application | |
- | + | # Select "Get Contacts" option from the menu | |
- | + | # Choose "Import Mail Exch. contacts" option | |
- | + | ## Type parts of the first or last name | |
+ | ## Press "Search" | ||
+ | ## Select contact from the results. (If the results are not sufficient press outside the window to return in step 1) | ||
+ | ## Press "Import" | ||
+ | |||
+ | === How can I disable the synchronization of specific folders ? === | ||
+ | |||
+ | Nokia does not provide the software for selecting the server folders which are synced to device. However, community does. Use [http://mfefolders.garage.maemo.org/ mfefolders] application to disable/enable synchronization of specific folders and assign them the names you wish to see in N900 mail client! | ||
+ | |||
+ | === How do I synchronize mail for exchange from the command line ? === | ||
+ | |||
+ | Open xterminal and type the following dbus command (note, I am not sure of the difference between <code>fullSync</code> and <code>sync</code>. I thought sync was safer so that is what I used and it seemed to work.): | ||
+ | |||
+ | dbus-send --print-reply --type=method_call --session --dest=com.nokia.asdbus /com/nokia/asdbus com.nokia.asdbus.<option> | ||
+ | |||
+ | <option> can be: | ||
+ | * <code>fullSync</code>, | ||
+ | * <code>sync</code>, | ||
+ | * <code>syncEmail</code> or | ||
+ | * <code>stopSync</code> | ||
[[Category:HowTo]] | [[Category:HowTo]] | ||
[[Category:Software]] | [[Category:Software]] | ||
[[Category:Power users]] | [[Category:Power users]] |
Latest revision as of 14:32, 26 February 2013
For general information on synchronizing your N900 with a mail or calendar server, please see the sync page
This page answers questions which are commonly asked by new N900 MfE users. It is mostly based on the analysis of the MfE support thread.
The current version of the page addresses three versions of MfE:
- PR1.0, also known as "Sales release" (1.2009.42-11)
- PR1.1 (2.2009.51-1). PR1.1 firmware update
- PR1.1.1 (3.2010.02-8)
See How can I check what version of the software is installed in my N900? for steps to check what version of the software is installed in your device.
If you use PR1.0 (sales release) it is strongly advised to update to PR1.1.1 See PR1.1.1 summary for additional details and update instructions.
[edit] Compatibility
[edit] Which server versions are supported by N900 MfE client?
[edit] PR 1.0
Microsoft Exchange 2007 with service packs on top. MS Exchange 2010 also works fine according to users reports.
In more technical terms, only EAS protocol 12.1 is supported and implementation is tested against MS Exchange 2007 servers. See How can I check what versions of EAS protocol are supported by my server? to check what EAS protocols are supported by your server.
[edit] PR 1.1 and PR 1.1.1
- Microsoft Exchange 2007 with and without service packs on top. MS Exchange 2010 also works fine according to users reports.
- Microsoft Exchange 2003.
In more technical terms, EAS protocols 2.5, 12.0 and 12.1 are supported and implementation is tested against MS Exchange 2003 and 2007 servers. See How can I check what versions of EAS protocol are supported by my server? to check what EAS protocols are supported by your server.
[edit] Which server versions are NOT supported by N900 MfE client?
[edit] PR 1.0
- Microsoft Exchange 2003 is not supported.
- Microsoft Exchange 2007 without service packs is not supported.
The only way to get MfE working with these servers is to install PR.1.1 update which is highly recommended.
[edit] PR 1.1 and PR 1.1.1
- All non-MS services, although there has been reported success synchronizing with Google and other non-MS services.
[edit] Why is feature XXX present in MfE for S60 but not for the N900?
S60 and Maemo MfE are different implementations.
The table below tries to summarize the most important differences between S60 and Maemo MfE implementations.
Feature | S60 status | Maemo status |
---|---|---|
YES, subfolders are not synced | YES, subfolders are synced | |
Calendar | YES | YES |
Tasks | YES | YES |
Notes | ? | NO |
Meeting invitations replying | YES | NO |
Private appointments | YES | NO |
Corporate address book (GAL) | YES | YES (*) |
Exchange servers support | 2003, 2007 | 2003, 2007 |
Autodiscover | YES | YES |
Provisioning support | Partly YES | NO |
(*) This feature is supported in PR1.1 and PR1.1.1 releases but not in PR1.0 (sales release).
Lack of provisioning support in MfE for the N900 is the most common cause of problems with corporate Exchange servers in North America. See Provisioning for additional details.
[edit] Known issues
[edit] Provisioning
N900 is considered to be "non provisioning device" from Exchange server point of view. It basically means that it can not be managed from Exchange server - administrator can not wipe your device, request you to use autolock and so on. Basically, all the provisioning data received from the server is ignored and the server is informed that N900 MfE does not support this feature.
Exchange administrator can configure the server in two ways - he/she can allow to use non-provisioning devices or disallow. In the second case N900 MfE will not work as server will reject the connection.
Post with Exchange server 2003 management console
[edit] GAL support for Exchange 2003 in PR1.1 release
[edit] PR 1.1
Corporate phone book support is broken for PR 1.1 release. Update to PR1.1.1 or later releases of the software. It is broken only in PR1.1 release and only for Exchange 2003 servers (in more technical terms, for the EAS protocol 2.5).
[edit] SSL-related errors
The error message is displayed "Exchange server requires secure connection or account is disabled".
This infamous error message is caused by the fact that server certificate is untrusted from Maemo MfE client point of view.
Possible root causes and workarounds:
[edit] Server certificate is either self-signed or signed by the non-trusted authority (root certificate is not visible in N900 "Certificates" application).
In this case, the server certificate shall be added to N900 certificate storage. Check this message and the thread after it for additional details.
Keep in mind - self-signed certificate shall have "CA" field. Otherwise, N900 certificate manager will not allow to install it. This message tells how to check does certificate has "CA" field or not.
Unfortunately, there is no way to disable certificates check at the client side in the current MfE releases (both PR1.0 and PR1.1/PR1.1.1).
[edit] PR1.0
Disclaimer:
The content of this section is applicable only for sales release (PR1.0). If you use this release, it is highly recommended to upgrade the software to PR1.1 or later releases instead of following the advices below.
- Another important hint about importing certificates.
- Server certificate is valid and trusted but MfE fails to sync. Check this bug.
[edit] HTML Messages
If you are using Exchange 2003 HTML messages will show as plain text. This is due to limitations of the ActiveSync protocol in this version of Exchange. The only way to get HTML support is to upgrade your server to Exchange 2007.
[edit] Sync with Exchange 2003 is broken. "Error in communication with Exchange Server" is displayed
Problem statement. Occurs only in PR1.1 and PR1.1.1 releases of the software.
This bug is fixed in the releases of the software later than PR.1.1.1.
The workaround is to use mfefolders application and disable synchronization of "Deleted Items" folder.
[edit] Sync with Google Mail / Google Calendar is broken. "Error in communication with Exchange Server" is displayed
There is a work-around which works for some people, but not all: [1]
The solution is to upgrade libcurl3 to the version in extras-devel, see: [2]
[edit] Troubleshooting
[edit] How can I check what version of the software is installed in my N900?
- Open "Settings" view
- Scroll to the "General" section
- Open "About product" applet
- Check the "Version" string
Versions strings versus releases:
Version | Release |
---|---|
1.2009.42-11 | PR 1.0 (sales) |
2.2009.51-1 | PR 1.1 |
3.2010.02-8 | PR 1.1.1 |
10.2010.19-1 | PR 1.2 |
If you do not use the latest version it is strongly advised to update to PR1.2. See PR1.2 summary for additional details and update instructions.
[edit] How can I check what versions of EAS protocol are supported by my server?
- Take the logs following the steps described in the section How can I turn the logging ON or OFF?
- Grep (search) for "MS-ASProtocolVersions:" in the logs. It will contain the EAS protocol versions supported by your server.
[edit] How can I turn the logging ON or OFF?
Warning:
Before sending the logs to somebody (including Nokia) or publishing them, check that the log files do not contain any data which you treat as private or confidentional!
[edit] Turning the logging ON
- Install syslog and reboot the device
- open terminal
-
Execute the command:
sudo gainroot
-
Execute the command:
cat /dev/null > /var/log/syslog
Why? This will just clear your current syslog file. This step should be considered optional and not recommended.
-
Execute the following commands:
gconftool-2 -s --type=int /apps/activesync/AsDaemon/Syslog/MinLogLevel 0 gconftool-2 -s --type=int /apps/activesync/modest/Syslog/MinLogLevel 0 gconftool-2 -s --type=int /apps/activesync/AsProvider/Syslog/MinLogLevel 0 gconftool-2 -s --type=int /apps/activesync/AsBackup/Syslog/MinLogLevel 0 gconftool-2 -s --type=int /apps/activesync/asapplet/Syslog/MinLogLevel 0 gconftool-2 -s --type=int /apps/activesync/AsStatusApplet/Syslog/MinLogLevel 0
- Reboot the device
- Initiate the synchronization session
/var/log/syslog
will contain the logs. In order to filter only activesync-specific logs the following command can be used:
grep activesync /var/log/syslog
In order to copy the activesync log to your computer follow the steps below:
- Make sure your N900 is not connected to any other device (including your desktop computer) through USB
- Open xterm (if it is not opened yet)
- Issue the command:
sudo gainroot
(if it was not issued yet) - Issue the command:
grep activesync /var/log/syslog > /home/user/MyDocs/activesync.log
- Close xterm
- Connect your N900 to the computer through USB
- Wait while flash drive(s) will appear in your computer
- Find activesync.log in one of the disk drives
- Copy it to your computer
- Remove the file from N900
- (Safely) disconnect N900 from the computer
[edit] Turning the logging OFF
In order to turn the logs OFF, execute the following commands from xterm:
gconftool-2 -u /apps/activesync/AsDaemon/Syslog/MinLogLevel gconftool-2 -u /apps/activesync/modest/Syslog/MinLogLevel gconftool-2 -u /apps/activesync/AsProvider/Syslog/MinLogLevel gconftool-2 -u /apps/activesync/AsBackup/Syslog/MinLogLevel gconftool-2 -u /apps/activesync/asapplet/Syslog/MinLogLevel gconftool-2 -u /apps/activesync/AsStatusApplet/Syslog/MinLogLevel
After device reboot the logs will not be collected.
[edit] Extended logging
There is the extended logging option for getting logged all data which are transmitted and received by ActiveSync protocol. This option requires as-daemon logging to be turned on as described above. Then, as-daemon process needs to receive USR2 signal. This also can be done from a device console:
$ ps ax | grep as-daemon
This command will produce output like this:
1503 user 25756 S /usr/sbin/as-daemon -D --pidfile=/var/lock/as-daemon
where 1503 is the <pid> value needed for the next command. The next command is kill -USR2 <pid>, so for this case, it is:
$ kill -USR2 1503
After that, extended logging is turned on and ready to be used. This option does not survive over reboots. It can be turned off by sending the same kill -USR2 <pid> command again.
Warning:
Before sending the logs to somebody (including Nokia) or publishing them, check that the log files do not contain any data which you treat as private or confidentional!
[edit] Pre-setting EAS protocol to be used on sync/ disable auto-negotiation
In certain scenarios it might be useful to disable MfE's built in auto-negotiation function on what sync protocol (EAS 2.5, 12.0 or 12.1) to be used during syncs and use a pre-defined default one instead. Some users report error messages/ fails in sync when trying to establish a connection with e.g. a Scalix Groupware server. For the time being (until solved on either side) a workaround has been established by presetting the sync protocol to EAS 2.5 manually. Scalix Groupware Server with Scalix-AS-1.0.2-addon has been reported working with EAS 2.5 on basic sync (calendar, contacts and email). Before forcing MfE to use a specific protocol version make sure it is supported on the server-side.
To force MfE to use a particular protocol follow these steps:
- Start MfE configuration wizard entering the credentials on the first page and press "next". Do not enter the server address on page 2 yet!
-
Open xterm and execute:
sudo gainroot
-
Execute the following commands:
gconftool-2 -s --type=string /apps/activesync/ActiveSyncAccount1/use_version 2.5 gconftool-2 -s --type=string /apps/activesync/ActiveSyncAccount1Temp/use_version 2.5
- Now continue MfE setup wizard and enter server address. Click next and follow the procedure to finish the wizard.
To check whether your changes have succesfully been submitted make sure you have syslog installed and type in xterm:
sudo gainroot tail -f /var/log/syslog | grep "Created factory"
There won't be a output right away but when
- credentials are verified
- first sync started
- Wizard setup completed
you should be able to see *Created factory for version 2.5* on the terminal. Pressing Ctrl+C will bring you back to the shell.
To disable the preset/ return to auto-negotiation it is recommended to delete the MfE-account and create a new one with the wizard from scratch.
Of course the above described way will also let you set EAS 12.0 or 12.1 as default protocols. Simply change the values of use_version
in the respective gconftool commands.
[edit] Debugging possible certificate errors on self-signed certificates
You might experience an error message like "Either exchange server requires a secure connection or your account is disabled". This mostly occurs when syncing on secure connections by using a self-signed certificate and/or missing certificate authority (CA) tag in the respective field.
A quick way to check whether your certificate info gets rosolved properly by the maemo OS is a cli-tool called "cmcli".
Note: This is a system-wide certificate check - not a MfE-specific issue!
Please open terminal and type:
cmcli -T common-ca -v <your-server-dns-name-or-ip-address>:<port-number>
to check with one of the 118 pre-installed certificate authorities or:
cmcli -t ssl-ca -v <your-server-dns-name-or-ip-address>:<port-number>
when the chain of trust ends with a user-installed certificate. To be on the safe side, you can actually use both at the same time:
cmcli -T common-ca -t ssl-ca -v <your-server-dns-name-or-ip-address>:<port-number>
The missing tags have to be replaced with your personal server-address and respective port number (mostly 443 on SSL connections).
For instance: cmcli -T common-ca -v localhost:443
The output should read something like this:
0115e5345e4dd64855ed1e3d44060be25f26c2e6 nixu-jum trust chain(1): b5567d6c9eef05f07966d98eb2a85716bff4e80d Maemosec test CA Verified OK
or
0115e5345e4dd64855ed1e3d44060be25f26c2e6 nixu-jum Verification failed: self signed certificate
depending whether the verification succeeds or not.
If the verification fails and you want to see why, you can save the certificates the server sends by giving also the -s switch at the command line. Like this:
cmcli -T common-ca -sv <your-servers-dns-name-or-ip-address>:<port-number>
This will make the command to write the server certificates and possibly sent intermediate CA certificates into file(s) with the .pem-extension, where the name of each file is the SHA1 hash of the public key in hexadecimal. You can then study these file for instance with the command
openssl x509 -text -in <certificate-file>
[edit] Miscellaneous
[edit] How can I use my corporate address book (GAL) ?
At first, check that you use PR1.1 or later release of the software. If you use the release prior to PR1.1.1 check also the known problem of pre-PR1.1.1. Exchange 2003 implementation.
It is possible to search for a contact in your corporate address book using "Contacts" application.
Follow these steps to add the contact from your corporate address book to the N900 address book:
- Open "Contacts" application
- Select "Get Contacts" option from the menu
- Choose "Import Mail Exch. contacts" option
- Type parts of the first or last name
- Press "Search"
- Select contact from the results. (If the results are not sufficient press outside the window to return in step 1)
- Press "Import"
[edit] How can I disable the synchronization of specific folders ?
Nokia does not provide the software for selecting the server folders which are synced to device. However, community does. Use mfefolders application to disable/enable synchronization of specific folders and assign them the names you wish to see in N900 mail client!
[edit] How do I synchronize mail for exchange from the command line ?
Open xterminal and type the following dbus command (note, I am not sure of the difference between fullSync
and sync
. I thought sync was safer so that is what I used and it seemed to work.):
dbus-send --print-reply --type=method_call --session --dest=com.nokia.asdbus /com/nokia/asdbus com.nokia.asdbus.<option>
<option> can be:
-
fullSync
, -
sync
, -
syncEmail
or -
stopSync
- This page was last modified on 26 February 2013, at 14:32.
- This page has been accessed 185,201 times.