Hello Everyone!
I wanted to pass on some things I have discoverd while trying to get PalmOS Treo devices to connect to a new Exchange 2007 Sp1 server.
First and foremost, in order to get Versamail to sync with Exchange over SSL, you need a self-signed certificate that will be accepted by the Treo. I found the following command worked to create such a certificate. Remember to type this in an Exchange PowerShell window. Note that the first -domainname is a switch, not "your domain name". The rest are actually your domain name.
new-Exchangecertificate -domainname YourFQDN,YourNetBios,autodiscover.YourDomain,YourDomainController.YourDomain,YourHubRole.YourDomain,YourDomain -FriendlyName "Microsoft Exchange" -KeySize 1024 -services "IMAP,POP,IIS,UM,SMTP"
the key here (pun intended) is that the KeySize has to be 1024. The default cert is 2048 which the Treo's won't accept. Once you have this cert set as your default web site ssl cert, go to IE and export the cert to a file. Run the Palm cert converter utility to convert it and copy it to your Treo.
Ok - now that you can browse to
https://yoursite.com with no cert errors in Blazer (a requirement for SSL) you need to be able to connect with ExchangeActiveSync to your server. Unfortunately, Microsoft creates a default Exchange ActiveSync policy with Exchange 2007 SP1 and you can't remove it with the GUI. Here is the command I found after much trouble, to remove the default Exchange ActiveSync profile:
remove-activesyncmailboxpolicy –Identity “default”
Now make sure you do NOT create an ExchangeActiveSync profile for any users with a Treo.
That is it! You should now be able to sync your Treo using Exchange ActiveSync using a self-signed certificate (optional but recommended) with Exchange 2007!
Steve