Module 3: Troubleshooting Microsoft® Outlook® Mobile Access (OMA) 1 Module 3: Troubleshooting Microsoft® Outlook® Mobile Access (OMA) Contents Introduction . 3 General Overview 5 OMA, a .NET Application 8 ASP.NET Security Architecture 13 OMA Dependencies 19 OMA Capabilities 22 User preferences 36 OMA, behind the GUI . 42 Supported Devices . 48 Using http(s)://fqdn/oma . 49 Counters 52 Known Issues 56 Troubleshooting 62 Troubleshooting Diagram 86 Tools 88 Lab: Restoring OMA Functionality . 92 2 Module 3: Troubleshooting Microsoft® Outlook® Mobile Access (OMA) Information in this document, including URL and other Internet Web site references, is subject to change without notice. Unless otherwise noted, the example companies, organizations, products, domain names, e-mail addresses, logos, people, places, and events depicted herein are fictitious, and no association with any real company, organization, product, domain name, e-mail address, logo, person, place or event is intended or should be inferred. Complying with all applicable copyright laws is the responsibility of the user. Without limiting the rights under copyright, no part of this document may be reproduced, stored in or introduced into a retrieval system, or transmitted in any form or by any means (electronic, mechanical, photocopying, recording, or otherwise), or for any purpose, without the express written permission of Microsoft Corporation. Microsoft may have patents, patent applications, trademarks, copyrights, or other intellectual property rights covering subject matter in this document. Except as expressly provided in any written license agreement from Microsoft, the furnishing of this document does not give you any license to these patents, trademarks, copyrights, or other intellectual property.  2003 Microsoft Corporation. All rights reserved. Microsoft, MS-DOS, Windows, Windows NT, ActiveSync®, ActiveX®, Microsoft® Exchange 2000, Microsoft® Exchange Server 2003, Microsoft® Exchange 5.5, Microsoft® Internet Explorer, Microsoft® Internet Information Services, Microsoft® Mobile Information Server 2002, Microsoft® .NET, Microsoft® Notepad, Microsoft® Outlook® Mobile Access, Microsoft® Outlook® Web Access, Microsoft® SQL Server™, Microsoft® Windows®, Microsoft® Windows® 2000, Microsoft® Windows® 2003 are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries. The names of actual companies and products mentioned herein may be the trademarks of their respective owners. Module 3: Troubleshooting Microsoft® Outlook® Mobile Access (OMA) 3 Introduction Microsoft® Exchange Server 2003 provides a mobile browse solution that is ready worldwide; including the Asian-Pacific region. Exchange 2003 browse generates HTML, xHTML, and cHTML markup. This has been tested and is supported for a subset of HTML, xHTML, and cHTML devices on the approved device list. WML is generated but is not tested for all device/gateway configurations and as such is not supported, though most devices will work as expected. Mobile Access is installed by default but disabled in the Mobile Services Global Setting while all users are enabled for mobile access. The user experience is very similar to Microsoft® Outlook® Web Access (OWA). Access to Microsoft® Outlook® Mobile Access (OMA) is via a URL; http://server-name/oma . Unlike OWA, you can not specify the user account in the URL as OMA adds a unique identifier to the URL as part of session state management. I I S S A A / / F F i i r r e e w w a a l l AD Domain F F E E Internet / Wireless Cloud B B E E FE/BE is not required; Exchange 2003 is required. 4 Module 3: Troubleshooting Microsoft® Outlook® Mobile Access (OMA) Demonstration using Openwave Emulator Start the Openwave emulator. Enter http://mbx-fe.concsi.lab/oma . Login using concsi\administrator and P@ssword. Click “ OK” to continue when notified that the device is unsupported. Click “About” to show students the valuable information displayed in the about box. Microsoft®.NET Framework build. Server build Server name User name Etc Click back and then click “Preferences . Step through each of the preferences to show the student user preferences. Remind the student that size of a real device display may vary from the emulator, but the emulator is a good tool to get a feel for what the mobile user is experiencing. Module 3: Troubleshooting Microsoft® Outlook® Mobile Access (OMA) 5 General Overview OMA supports the following messaging and collaboration features.  E-mail: Read, Reply, Forward, Delete, Flag, Compose. Navigate multiple folders. Lookup sender or other recipients  Calendar: Accept, Decline, Tentative meeting requests. Navigate via date picker control. Compose/Edit appointments w/attendees support  Contacts: View, Create, Edit personal contacts. Search personal and GAL contacts. Save global address list (GAL) contacts to personal contacts. E- mail and Call contacts  Tasks: View, Create, Edit tasks In a mixed Exchange environment, you must use Exchange 2003 for both the front-end and back-end servers to gain access to mailboxes through OMA. Mailboxes on Microsoft® Exchange 5.5 or Microsoft® Exchange 2000 require Microsoft® Mobile Information Server (MIS) 2002. Features Limitations 6 Module 3: Troubleshooting Microsoft® Outlook® Mobile Access (OMA) Integrating Exchange 2003 with MIS 2002 MIS can be installed in an ‘ActiveSync-only’ configuration. When installed in this manner, MIS does not require an Active Directory schema change or any complicated auxiliary forest topologies. The recommended path for customers that want mobility on Exchange 2000 and want to ensure they’ll have a good migration path to Exchange 2003 is to install MIS in the ‘ActiveSync only’ configuration for Exchange 2000. Then the same devices, PPC Phone and Smartphone, will work with Exchange 2003 when they migrate. Then they do not have to be concerned with a complex Active Directory schema change and auxiliary forest scenarios pertinent to MIS. Of course, this means they won’t get the browse and push features of MIS. But past experience shows ActiveSync is usually the feature driving MIS deployments. In summary:  MIS has not been tested against Exchange 2003 mailboxes. Using MIS mobile browse or MIS ActiveSync® against Exchange 2003 mailboxes is not a supported scenario.  Coexistence: MIS (browse, push and sync) used against Exchange 2000 mailboxes can co-exist in the same environment as Exchange 2003 OMA and EAS (Exchange ActiveSync) used against Exchange 2003 mailboxes. Exchange 2003 does not reuse the Active Directory attributes used by MIS, and so they don’t conflict. For exact details about what Active Directory attributes are used by Exchange 2003 Mobility, see the documentation that will be available by launch. If you need information faster, SandraMa (EAS), AlexI (OMA) and PLimont (AUTD) are the PM contacts.  If a customer desires to use MIS for some users and Exchange 2003 mobility for others, then using separate name spaces for each is best. MIS/E2k users URL = mis.corp.com Ti users URL = oma.corp.com Exchange 2003 Mobile Browse is the only Exchange component that uses the .NET Framework. The specifics of the other components, sync and Up To Date, which complete the Exchange 2003 Mobile experience, will be covered in detail in the specific component modules. Module 3: Troubleshooting Microsoft® Outlook® Mobile Access (OMA) 7 8 Module 3: Troubleshooting Microsoft® Outlook® Mobile Access (OMA) OMA, a .NET Application It is impossible to understand the foundation of OMA without a cursory understanding of the .NET Framework. OMA gives you the ability to view your mailbox with a mobile browser. This section provides a basic explanation of the .NET Framework and ASP.NET as they apply to Exchange 2003 OMA and Mobility as a whole. The .NET Framework is a new development platform that simplifies application development in the highly distributed environment of the Internet. The .NET Framework is designed to fulfill the following objectives:  Provide a consistent object-oriented programming environment whether object code is stored and executed locally, executed locally but Internet- distributed, or executed remotely.  Provide a code-execution environment that minimizes software deployment and versioning conflicts.  Provide a code-execution environment that guarantees safe execution of code, including code created by an unknown or semi-trusted third party.  Provide a code-execution environment that eliminates the performance problems of scripted or interpreted environments.  Make the developer experience consistent across widely varying types of applications, such as Microsoft® Windows®-based applications and Web- based applications.  Build all communication on industry standards to ensure that code based on the .NET Framework can integrate with any other code. The .NET Framework has two main components: the common language runtime and the .NET Framework class library. .NET Framework Module 3: Troubleshooting Microsoft® Outlook® Mobile Access (OMA) 9 The common language runtime is the foundation of the .NET Framework. You can think of the runtime as an agent that manages code at execution time, providing core services such as memory management, thread management while enforcing strict type safety and other forms of code accuracy that ensure security and robustness. In fact, the concept of code management is a fundamental principle of the runtime. Code that targets the runtime is known as managed code, while code that does not target the runtime is known as unmanaged code. The class library, the other main component of the .NET Framework, is a comprehensive, object-oriented collection of reusable types that are used to develop applications ranging from traditional command-line or graphical user interface (GUI) applications to applications based on the latest innovations provided by ASP.NET; Web Forms and Extensible Markup Language (XML) Web services. Microsoft® Internet Explorer is an example of an unmanaged application that hosts the runtime; in the form of a MIME type extension. Using Internet Explorer to host the runtime enables you to embed managed components or Windows Forms controls in HTML documents. Hosting the runtime in this way makes managed mobile code, similar to ActiveX® controls possible, but with significant improvements that only managed code can offer, such as semi- trusted execution and secure isolated file storage. The CLR manages memory, thread execution, code execution, code safety verification, compilation, and other system services. These features are intrinsic to all managed code. With regards to security, managed components are awarded varying degrees of trust, depending on a number of factors that include their origin; the Internet, enterprise network, or local computer. Thus, a managed component might or might not be able to perform file-access operations, registry-access operations, or other sensitive functions, even if it is being used in the same active application. The runtime enforces code access security. Users can trust that an executable embedded in a Web page can play an animation on screen or sing a song, but cannot access their personal data, file system, or network. The security features of the runtime enable legitimate Internet-deployed software to have exceptionally rich features. In addition, the managed environment runtime eliminates many common software issues. The runtime automatically handles object layout and manages references to objects, releasing them when they are no longer being used. This automatic memory management, garbage collection, resolves the two most common application errors; memory leaks (pointer released before memory free) and invalid memory references (pointer). The runtime is designed to enhance performance. Although the common language runtime provides many standard runtime services, managed code is never interpreted. A feature called just-in-time (JIT) compiling enables all managed code to run in the native machine language of the system on which it is executing. Meanwhile, the memory manager removes the possibilities of fragmented memory and increases memory locality-of-reference to further increase performance. The runtime compiles the code the first time the code is called and reuses the complied version thereafter. Common Language Runtime (CLR) 10 Module 3: Troubleshooting Microsoft® Outlook® Mobile Access (OMA) The .NET Framework class library is a collection of reusable object oriented types that tightly integrate with the common language runtime. Developers use these base types to develop their own types; inheritance. This reduces the time associated with learning new features of the .NET Framework. In addition to these common tasks, the class library includes types that support a variety of specialized development scenarios. The .NET Framework can be used to develop console applications, scripted or hosted applications, Windows GUI applications (Windows Forms), XML Web services, Windows services, and last but most important to us, ASP.NET applications. .NET Framework Class Librar y [...]... session management; connection to same server is maintained for the entire connection Module 3: Troubleshooting Microsoft® Outlook® Mobile Access (OMA) Lookup contacts or users in directory by clicking on: E-mail sender Recipient Meeting organizer Attendee 23 24 Module 3: Troubleshooting Microsoft® Outlook® Mobile Access (OMA) Configuration Sources Retrieving Data Retrieving data for a user through DAV... AuthPersistSingleRequest AccessFlags AccessExecute AccessSource AccessRead AccessWrite AccessScript : (STRING) "OMA.aspx" : (STRING) "C:\Program : : : : : : : : : : (STRING) "" (STRING) "**********" (INTEGER) 64 (BOOLEAN) True (INTEGER) 513 (BOOLEAN) False (BOOLEAN) False (BOOLEAN) True (BOOLEAN) False (BOOLEAN) True Module 3: Troubleshooting Microsoft® Outlook® Mobile Access (OMA) AccessNoRemoteExecute AccessNoRemoteRead... authentication IIS creates a Windows access token for the authenticated user 3 IIS authorizes the caller to access the requested resource NTFS permissions defined by access control lists (ACLs) attached to the requested resource are used to authorize access 4 IIS passes the authenticated caller's Windows access token to ASP.NET Module 3: Troubleshooting Microsoft® Outlook® Mobile Access (OMA) ASP.NET Authenticates... attributes are part of the Public-Information property set, which gives Authenticated Users (AU) read access The attributes in the OMA Configuration Container are inherited from the Org Node, and then read access for AU is added Module 3: Troubleshooting Microsoft® Outlook® Mobile Access (OMA) 27 Outlook Mobile Access Comments OMA root node under Exchange Active Directory settings Containing some OMA-global... URL required by the back-dnd server 26 Module 3: Troubleshooting Microsoft® Outlook® Mobile Access (OMA) Directory Settings Forest Outlook Mobile Access OMA root node under Exchange Active Directory settings Containing some OMA-global attributes and containers for more OMA settings msExchOmaAdminWirelessEnable Admin control over what mobile services the user has access to Bit 0:OMA Push, Bit 1:OMA Browse,... Unfortunately, OMA, as well as ActiveSync and OWA, does not have read access for this attribute Since it is an administrator setting, the access rights are very restrictive However, the Microsoft Exchange Directory Service to Metabase Replication (DS2MB) process does have read access Module 3: Troubleshooting Microsoft® Outlook® Mobile Access (OMA) 25 1 ESM writes an SMTP Domain value to Active Directory... unmanaged ASP pages because they interact with the runtime unlike ASP pages which are interpreted 12 Module 3: Troubleshooting Microsoft® Outlook® Mobile Access (OMA) ASP.NET Framework 1.1 Mobile Controls The NET Framework also provides a collection of classes and tools to aid in development of Mobile Controls Mobile controls are used to develop applications for handheld devices and are device specific This... Module 3: Troubleshooting Microsoft® Outlook® Mobile Access (OMA) OMA Capabilities OMA supports many of the features associated with Personal Information Managers Personal Information Manager (PIM) Specific Features Enumerate messages according time received Read, Delete, Forward, Reply, and Compose E-mail Enumerate attachments and Display attachment name Access parent folder Enumerate subfolders Access. .. is shown in Figure 1.2 16 Module 3: Troubleshooting Microsoft® Outlook® Mobile Access (OMA) Figure 1.2 IIS and ASP.NET interoperability Remember, the authenticated user requires NTFS read permissions to all of the files involved in the scenario The only variable is regarding which gatekeeper is used to enforce access control The ASP.NET process account only requires read access to the ASP.NET registered... device the Microsoft has not tested In many cases there will be no interoperability problems between the mobile device and Exchange However, there is no support for such modifications and the end result may remove our ability to debug OMA Module 3: Troubleshooting Microsoft® Outlook® Mobile Access (OMA) 13 ASP.NET Security Architecture Overview of OMA Security Architecture User Exchange Server IIS process . Module 3: Troubleshooting Microsoft® Outlook® Mobile Access (OMA) 1 Module 3: Troubleshooting Microsoft® Outlook® Mobile Access (OMA) Contents. Services, Microsoft® Mobile Information Server 2002, Microsoft® .NET, Microsoft® Notepad, Microsoft® Outlook® Mobile Access, Microsoft® Outlook® Web Access, Microsoft®