Mike Southby

If you are using your iPhone with Exchange 2007 you’ll notice that Exchange now forces a remote policy which requires you to have a passcode on your device (of course this also applies to other mobile devices and not just the iPhone).  I’m sure for some this is not an issue but for those users who do not need this security feature enabled and/or simply do not want to have to enter a passcode every time, there is of course a way to disable the feature.

Firstly, you’ll need to have administrative rights to the Exchange 2007 server, so if you do and you’re able to either access the box locally or remotely via RDP, read on.

Assuming you are now sat looking at the desktop on your server, do the following (I have based this guide on a standard installation of Small Business Server 2008, but of course still applies to a stand-alone build of Exchange 2007, just follow the same steps):

• Click through Start>All Programs>Microsoft Exchange Server 2007>Exchange Management Console
• You’ll be greeted with a Windows needs your permission to continue dialogue box, select Continue
• Once in the console, expand Organization Configuration and highlight Client Access
• There should only be one policy active, which is the Windows SBS Mobile Mailbox Policy <servername>, right click this and select Properties
• Click on the Password tab
• Next uncheck the Require password checkbox and hit Apply then OK
• You can now close all of the open windows

You should now find that the forced passcode is no longer required.

If you found this guide useful, please leave a comment below.  Remember you can also subscribe to any future posts via email by clicking here.

There have been a lot of reports recently by numerous people around the internet, that there seems to be ongoing problems with people syncing their iPhone to iTunes in a Windows 7 environment.  The official Apple forums [Link] have got a number of threads related to the issue so it does appear that this is definitely a problem and this is not just a bunch of die hard Apple fans trying to add a negative taste to what has been otherwise, a successful launch for Microsoft’s latest operating system.

Now, looking at the problems people are facing, there does seem to be some common similarities; most people who are reporting the problem are using a motherboard with an Intel P55 chipset and the problem seems to be affecting more people using Windows 7 x64.  Both of these are not conclusive though, as it is also affecting people using other chipsets and Windows 7 x86, although certainly, less so.

The official advice – as always – seems to be a workaround, suggesting that you should use a USB hub or PCI USB card for connecting your iPhone, and disabling Power Management for each of the USB root hubs on your machine, but none of these seem to work universally for everyone which to me would suggest that neither Apple or Microsoft still really understand what the problem is and that there isn’t an imminent fix.

Fortunately, I don’t have an iPhone so am not affected by this, how about you?  Have you had problems with iPhone/iTunes syncing with Windows 7?  If so, have you been able to fix it or come up with a workaround?  Share your thoughts!

You all remember the Windows vs. Mac ads don’t you?  I guess in fairness Apple always knew they were on to a winner with those.  The humble pc and Windows may well be the winner in the corporate IT world but that’s not who the adverts were targeting, no they were targeting the average home user who wants an all in one solution that just works, and I have to admit the Mac does, and it does it very well.

So when it comes to marketing brilliance, it seems Apple are all over Microsoft.  But could it be that they have new competition?

Being an Android user and fan, I just had to smile when I came across this earlier today, further details can be found here.

iPhone

Here’s a brief walk through for configuring your iPhone (or iPod Touch) to work with true push-services on a Microsoft Exchange 2007 server.  Thanks to my good friend Steve for lending me his iPhone to have a play with and write this article.

Caveat: This method worked fine for me, but as always you follow this guide at your own risk.  I will not be held responsible for any problems along the way.  Please *do* backup both the Exchange server and your iPhone before making any changes.

What you’ll need:

• IIS (I have used v6, but the basics are essentially the  same for previous versions)
• Exchange 2007 with installed Service Pack 1
• iPhone running 2.1 or greater software

Step 1: Installing RPC over HTTPS

1. On the Windows server that is running Exchange, go to the control panel and then Add or Remove Programs.
2. Click the Add or Remove Windows Components tab, click Networking Services and then click Details.
3. Click to select the RPC over HTTP Proxy check box and then OK followed by Next.  You’ll need to have your Windows server installation disc ready at this point, or the i386 folder if you have made a local copy as some additional files will be needed to install this component.
4. When the Windows Component Wizard has completed installing, click Finish.

Step 2: Configuring RPC with IIS

1. Click Start, go to Administrative Tools, and then click Internet Information Services (IIS) Manager.
2. Expand $servername, expand Web Sites, expand Default Web Site, right click Rpc and then click Properties. (You’ll also notice that Windows Server 2003 Service Pack 1 added a new virtual directory called RpcWithCert.  This virtual directory points to the same location as the Rpc virtual directory.  You do *not* have to modify this)
3. Click the Directory Security tab, and then click Edit under Authentication and Access Control.
4. Click to clear the Enable Anonymous Access check box, we do not want this.
5. Click to select the Basic Authentication (Password is sent in clear text) check box.
6. Now, you should receive the following message: The authentication option you have selected results in passwords being transmitted over the network without data encryption.  Someone attempting to compromise your system security could use a protocol analyser to examine user passwords during authentication process.  For more detail on user authentication, consult the online help.  This warning does not apply to HTTPS(or SSL) connections.  Are you sure you want to continue?
7. Click Yes.
8. If you have not done so already, now would be a good time to enter your domain name into the Default Domain box (you can browse to the domain name by pressing Enter).
9. Click OK.
10. Finally, click Apply and then OK to finish.

Step 3: Configure RPC SSL in IIS

The RPC virtual directory has now been configured to use basic authentication in the above steps.  We are now going to configure SSL.  To configure SSL on the RPC virtual directory you have to obtain and publish a certificate or use the self sign method.  I have used the self sign method in this walk through.  If you only want to access your exchange server without SSL (i.e. using port 80) you can skip the next 3 steps.  This however is *not* recommended.

1. In Internet Information Services (IIS) Manager expand Web Sites.  Expand Default Web Site.  Right click Rpc and then right click.  Click Properties.
2. Click the Directory Security tab and then Edit under Secure Communications.
3. Click the Require Secure Channel (SSL) check box and also the Require 128-bit Encryption check box.
4. Click OK, click Apply and then click OK.

Step 4: Self Sign an SSL certificate for IIS

Next we need to provide a self signed certificate (or a commercially available signed one, iPhone works with both) .  You’ll need a free tool provided by Microsoft SelfSSL which comes with IS 6.0 Resource Kit Tools.  You can download it from http://www.microsoft.com/downloads/details.aspx?FamilyID=56fc92ee-a71a-4c73-b628-ade629c89499&displaylang=en.  Once you have downloaded and installed this, make sure you click Complete Installation.

1. Click Start > All Programs > IIS Resources > SelfSSL > SelfSSL to run the SelfSSL utility.  When you do this, you should have a command prompt window appear with help instructions.
2. Type selfssl.exe and press Enter.  The utility will use the default settings to install the SSL certificate which are:
   /N:CN=<YOUR COMPUTER NAME> (common name of the certificate)
   /K:1024 (key length of certificate)
   /V:7 (validity of the certificate in days)
   /S:1 (ID of the site to which the certificate needs to be installed i.e. Default Web Site)
   /P:443 (SSL port)
3. Press Enter, then type y and press Enter again to confirm the installation.

Step 5: Port Parameters in the Registry

You can manually edit the registry but it is easier and safer to use a utility to do this.  I’d recommend a tool called RPCNoFrontEnd which does all of the changes in only a few mouse clicks, available from http://www.mikesouthby.co.uk/wp-content/uploads/2009/10/rpcnofrontend.zip.

1. Run the tool, all you need to do is input the servers name and click Set registry entries now.

Step 6: Configure Exchange 2007 SP1 to use RPC over HTTPS

1. Click Start, click through Microsoft Exchange and click System Manager.
2. Expand Your Organisation; expand Administrative Groups > First Administrative Group > Servers.
3. Right click on your server name and select Properties.
4. On the General tab, verify that you have SP1 installed.  Also, verify that a tab called RPC-HTTP is also present.
5. On the RPC-HTTP tab, click on RPC-HTTP Back-End Server.  At this point you may get an error, if you do just acknowledge it.
6. Keep clicking OK to exit.

Now, everything is set up as far as the server is concerned.  It’d be a good idea to reboot at this stage.

Step 7: Firewall ports for RPC over HTTPS

On your router, you’ll need to open the following ports:
No-SSL setup: TCP port 80
SSL setup: TCP port 443
if you are also running NAT on your router, you also need to port forward these ports to your server running Exchange/IIS.

Step 8: Configuration of the Exchange Account on iPhone

1. Tap Settings, then Mail, Contacts, Calendars, and then Add Account.  Finally click Microsoft Exchange.
2. Enter your complete email address, domain, username, password and a description for this new account (obviously, this can be anything you like).
3. Your iPhone will now try to locate your Exchange server using Microsoft’s Autodiscovery service.  If the server cannot be located, enter your Exchange server’s complete address in the Server field.  Your iPhone will try and create a secure (SSL) connection to your Exchange server.  If you did not setup SSL, it will try a non-SSL connection.  After successfully making a connection to the Exchange server, you may be prompted to change your device pass code to match any policies that may be enforced on the Exchange server, if so you can choose to do this or change the policy!
4. Choose which type(s) of data you would like to synchronise: Mail, Contacts and Calendars.  By default, only 3 days worth of email will be synchronised, to change this go to Settings, then Mail, Contacts, Calendar and select your Exchange account.  Here, choose how many days worth of email you’d like on your iPhone.

Important note: Once you have configured an Exchange ActiveSync account on your iPhone, all existing contact and calendar information on your iPhone will be overwritten.  Only one Exchange account is permitted.  iTunes will no longer sync contacts or calendar entries to your desktop computer however you can still sync your iPhone wirelessly with MobilMe services.

Please do leave a comment if you find this useful.

My G1 is not a phone.

That may sound like a strange start for a phone review but bear with me; the G1 is a small computer that happens to have reasonably good phone functions.

Almost every review of the G1 which you find on the internet compares it to the iPhone.  The main difference highlighted between the two is that the iPhone has a more consistent experience (Apple have always been very good at this given the hardware and software are designed to run together in-house) compared to the G1 which whilst very good, at times feels a little ‘beta’ in comparison.  Whilst this is a fair point, sometimes the beta tag has its advantages, like giving you cutting edge technology and features even if not quite ready for mass market yet.

Using the G1 is a satisfying experience hardware wise.  Despite the criticism of its aesthetics, it fits nicely in your hands (well it does mine anyhow, if you have particularly small hands you may find it a little large but this is true of many new phones) and feels solidly built.  Sure, the hinge will always be a weak point, but any modern phone can be damaged easily.  And, while Apple is all about minimalism, HTC is all about function; so, you get a touch screen, buttons, a full keyboard and a trackball.

The trackball is particularly useful.  Despite having a full touch screen, I find myself using the trackball far more often when browsing or selecting menu options, as it is just faster and more precise.  The keyboard is also quite nice, though I must admit that it’s not as much of an advantage over the iPhone as you may be lead to believe.  Any phone text-entry format is less than ideal and requires getting used to – a physical QWERTY keyboard will be slightly nicer and have a less steep learning curve, but I don’t think for example it is much quicker than even T9 if you are used to that.  For one, the keyboard is quite small to type with.  The main advantage of the keyboard ties in with my opening point – this is actually a small computer in disguise.  For regular text entry the keyboard isn’t that special, but for entering symbols and numbers it’s much better than any phone I have used previously save for my Nokia E90 which was fab.

The G1 is all about Android.

Already there are many Android apps out there, and I have no doubt that we’ll see more and more as time goes on.  There’s the official market (much like Apples App Store) and several other stores popping up offering useful apps brought about by the fact that anyone who wants to can just make an .apk file and distribute it as they see fit.  That’s the beauty of Android.  For a developer, Android is an appealing platform – it’s open yet able to be used for profit, centralised yet resistant to rules and censorship.  For the G1 specifically, the main limitation is that you can only install apps to the internal memory.  This forces you to pick and chose what apps you actually want, and to go with apps that are smaller as well.  This may seem annoying, but it’s not that bad – if apps are that big chances are they are pretty badly written anyhow (remember apps can still store their data on the memory card).  The internal memory still allows you to install maybe up to 50 apps so it’s not all bad.

Living with the G1 as a phone is a pleasant experience, the core functions work very well; the phone itself, working with contacts, messaging and calendar are all very well catered for and work better than I was expecting.  The quality of calls, both for me and the person on the other end are on par with the best Nokia have to offer.  The screen too is a vast improvement over previous HTC devices (I have owned a few previous Windows Mobile incarnations).  If I was to pinpoint one area where HTC could improve, and this is a big one, it would be battery life.  Using the phone for a variety of tasks throughout the day, the battery will need charging every night, nowhere near the time claimed between charges, but then I have never owned a phone that lives up to its promises in this regard.  Is this a problem though?  Well yes and no really, for me it’s not a huge problem as I have a charger at home and in the office with a charger available in the car should I be running out of power.  I just find it annoying that in this day and age manufacturers will not (as opposed to cannot) put more effort into battery life.

So, should you go get a G1?  It depends – if you’re a gadget lover (and live in a area with decent T-Mobile coverage), then yes, it’s good hardware, a great platform, and a lot of promise for future development.  If you just want a normal phone though, you might be better off looking elsewhere.