Trying to work out why BlackBerries are so popular (I still don’t get it)

Posted on By Mark Wilson
This content is 17 years old. I don't routinely update old blog posts as they are only intended to represent a view at a particular point in time. Please be warned that the information here may be out of date.

Whilst the United States is going iPhone crazy, over on this side of the pond we can’t get one yet… so life goes on.

BlackBerry 7100vA couple of weeks back, I was given a BlackBerry to use at work (until I can get my hands on a Windows-powered phone – one of my colleagues had a greater need than I for the Palm Treo 750v we snagged but there are some new models coming soon on Vodafone
that I can’t talk about but which look pretty cool).

So, if I want a Windows Mobile device (for work) why am I even looking at the BlackBerry? Firstly, I was given it to try (my Nokia 6021 is a bit beaten up these days) and secondly, I’m intrigued as to why these things are held in almost universal acclaim by senior executives, causing chaos in IT departments up and down the country who don’t want to support a (proprietary) messaging platform in addition to their corporate e-mail on Microsoft Exchange or Lotus Domino (and even leading to the nicknaming of London’s Jubilee line between the West End and Canary Wharf as the Blackberry line).

I’ve re-written this post a few times over the last couple of weeks because as I’ve used it, I’ve warmed to the BlackBerry:

  • At first I hated the interface (what is it about mobile phones that, almost without exception, they have such appalling user interfaces?) but that was improved by a software upgrade.
  • I didn’t like that I had to buy a USB 2.0 A to mini 5pin cable to charge the device – and battery life is poor – I get about day’s worth of (light) use for voice only (I know that smartphones are battery-hungry but I don’t have a data plan to use it properly… all I do was make and receive calls). As it happens, the fact that I can use a standard cable to charge the device via USB is pretty useful.
  • I’ve discovered features like the auto on/off capabilities which could have a real use for me (I have a personal phone which friends and family can use to contact me 24×7 – and even though one of my friends recent described me as having workaholic tendencies the work phone is not normally answered in the evening or at weekends).
  • Once you get used the the scroll-click wheel and the button next to it, the user interface becomes a lot easier to navigate – and the 240×260 screen is excellent for viewing photos, although there is no card slot for additional memory (and getting pictures onto the device without a data plan is cumbersome). It looks quite good and feels comfortable in my hand (size and weight). Unfortunately though, I found the keyboard difficult to use – a pretty major failing on a device like this (I think the problem is that it has a qwerty layout but it feels like a mobile phone, so my fingers and thumbs want it to be arranged alphabetically).

I’m not trying to write a product review (for that, refer to Lord Percy or The Register and anyway this particular device is a bit old now so I’m not sure how useful any review that I wrote would be)… this is more of a “this is what I found when I tried to use it” post – I’m hoping that my experience may be useful for others too:

  • After inserting my SIM card, all of my calls went to voicemail – it seems that before you can use the device as a phone you have to turn the wireless on. Not realising that this model doesn’t have WiFi capabilities I thought that “wireless” was referring to IEEE802.11b/g but no – the wireless in question is the GSM radio that is required in order to connect to a mobile carrier.
  • Not having any manuals, etc., I had to find out what the device was first so that I could Google for some help. IMEI number analysis didn’t help (probably because this was originally an evaluation unit), but I eventually discovered that there is an option/setting labelled about, which tells me I have a Blackberry 7100 Wireless Handheld and a bit more searching confirms that its the Blackberry 7100v.
  • I noticed that I still had the previous user’s contacts loaded, so I wanted to wipe the phone – there doesn’t appear to be a delete all option for contacts, so the resolution I used (found on BlackBerry Forums) was:
    • Install Blackberry Desktop Manager (4.2), followed by the BlackBerry Handheld Software v4.1.0.314 for Vodafone (UK) – both of these were downloaded from RIM after searching Google. Following the software update, the device had a totally different (much improved) look and feel. The installation also worked on Windows Vista, despite not being listed as compatible (I ran the installer as an Administrator)
    • Open the BlackBerry Desktop Manager application and create a connection to the device (Connection Settings… from the Options menu).
    • To delete the old data from within Desktop Manager, select Backup and Restore and click the Advanced… button. Select the appropriate device databases (multiples can be selected by Control or Shift clicking) then click Clear.
  • I don’t have a connection to a BlackBerry e-mail service – effectively I’m using the device as a PDA and a phone, but it ought to be possible to set up the BlackBerry as a GPRS modem (not by Bluetooth, but using a USB connection). Unfortunately that’s not working (it should – using the same SIM in my Nokia 6021 allows me to browse the web using GPRS) but I’m unlikely to get anywhere with Vodafone unless I sign up for a BlackBerry service. My BlackBerry alternates between GSM and gprs (depending on signal strength/cell coverage) but never shows GPRS because:
    • GSM – GRPS is not enabled (contact your mobile carrier to sign up to a GPRS plan.
    • gprs (in lower case) – GRPS is enabled, but not been set up for use with a BlackBerry device.
    • GPRS (in upper case) – both GRPS and BlackBerry are enabled, (the service should be enabled for BlackBerry Enterprise Server if Exchange Server connectivity is required, rather than BlackBerry Internet Server).

Even though I’ve warmed to the BlackBerry (and newer models like the curve and the pearl are attractive), I’m still not a convert. Exchange Server 2003 SP2 offers push e-mail too (as does Exchange Server 2007), without requiring another layer of complexity in the organisational IT infrastructure. The dependency on a data plan for even basic things like transferring pictures to/from the device is also a hassle. The jury’s still out on my choice of handset for a personal phone (an iPhone would be nice… but do I really need something that expensive… or on a carrier other than Vodafone? It would be nice to have a decent camera in the device I choose… like the one in the Nokia N95… but last time I had a Symbian smartphone I didn’t get on with the interface. Then again, there are devices like the HTC touch… arghhh, brain overload… too much choice) – in any case, if I have any influence over the selection of my next handset for business it will be running Windows Mobile 6.

Who needs an iPhone?

Posted on By Mark Wilson
This content is 17 years old. I don't routinely update old blog posts as they are only intended to represent a view at a particular point in time. Please be warned that the information here may be out of date.

I just read about the HTC Touch and, whilst I haven’t seen one in the flesh, my existing phone is out of contract in a month or so and do have to say I’m seriously tempted.

This is what the BBC had to say about the device:

As far as I can see, for UK users, the HTC Touch has at least two of advantages over an iPhone:

  1. It’s available here, now.
  2. It’s about 40% less expensive than the iPhone is predicted to be, without a contract (and just over £50 with a £30 monthly contract on Vodafone).

Of course, it also runs Windows Mobile and lacks the Apple wow factor but I can live without an iPhone. For those who just don’t fancy the idea of running Windows on their phone – there is the Symbian-based Nokia N95, which includes a 5MP camera on it’s spec-sheet.

Modifying wp-mobile to create content that validates as XHTML-MP

Posted on By Mark Wilson
This content is 18 years old. I don't routinely update old blog posts as they are only intended to represent a view at a particular point in time. Please be warned that the information here may be out of date.

Yesterday, I wrote a post about using Alex King’s WordPress Mobile Edition plugin (wp-mobile) to generate WordPress content formatted for the mobile web. wp-mobile makes the code generation seamless; however I did have a few issues when I came to validating the output at the ready.mobi site. After a few hours (remember, I’m an infrastructure bod and my coding abilities are best described as weak) I managed to tweak the wp-mobile theme to produce code that validates perfectly.

Screen grab from the ready.mobi report for this website

The changes that I made to the wp-mobile index.php file can be seen at Paul Dixon’s PHP pastebin but are also detailed below:

  1. Add an XHTML Mobile Profile (XHTML-MP) document type descriptor: <!DOCTYPE html PUBLIC "-//WAPFORUM//DTD XHTML Mobile 1.0//EN" "http://www.wapforum.org/DTD/xhtml-mobile10.dtd">. Incidentally, I didn’t include an XML declaration (which looks like: <?xml version="1.0" charset="UTF-8" ?>) as it kept on generating unexpected T_STRING PHP errors and it seems that it is not strictly necessary if the UTF-8 character set is in use:

    “An XML declaration is not required in all XML documents; however XHTML document authors are strongly encouraged to use XML declarations in all their documents. Such a declaration is required when the character encoding of the document is other than the default UTF-8 or UTF-16 and no encoding was determined by a higher-level protocol.”

    W3C recommendation for XHTML 1.0

  2. Add some caching controls: <?php header ("Cache-Control: max-age=10 "); ?>. 10 seconds is a little on the low side but it can be changed later and it means that the caching is unlikely to affect testing of subsequent changes.
  3. Remove <meta name="HandheldFriendly" value="true" />: this code doesn’t appear to do anything and is not valid XHTML-MP – media="handheld" can be used instead when linking the stylesheet (see below).
  4. Change the stylesheet link method: although <style type="text/css">@import url("<?php print(get_stylesheet_uri()); ?>"); </style> should work, I found that the validator was only completely satisfied with the form <link href="<?php print(get_stylesheet_uri()); ?>" rel="stylesheet" type="text/css" media="handheld" />.
  5. Provide access keys using accesskey="key" inside the <a> tag for each of the main menu items.
  6. Surround <?php ak_recent_posts(10); ?> with <ul> and </ul> tags – this bug took the most time to track down and was the final change necessary to make the markup validate as XHTML-MP.

I also made some minor changes in order to fit my own page design (adding a legal notice, etc.) but in order to get the elusive 100% in the report for this site, there was one minor tweak required to style.css: removal of the height: 1px; rule for <hr>. I understand why it was there but the validator didn’t like it, suggesting that relative units should be used instead (I would argue that 1px is far more logical for a horizontal rule than the use of relative units but this change resulted in another pass on the report).

Right, enough of these mobile diversions – I’d better focus my development efforts on getting the rest of this site to be fully XHTML compliant…

Publishing WordPress content on the mobile web

Posted on By Mark Wilson
This content is 18 years old. I don't routinely update old blog posts as they are only intended to represent a view at a particular point in time. Please be warned that the information here may be out of date.

A few nights back, I was reading a .net magazine article about developing websites enabled for mobile content.

As my blog is written primarily for technical people, it seems logical to assume that a reasonable proportion of its readers could make use of access from a mobile device, especially as the magazine article’s author, Brian Fling, believes that:

“[the mobile web] will revolutionize the way we gather and interact with information in the next three years”

Web 2.0 Expo: From Desktop to Device: Designing the Ubiquitous Mobile Experience

Basically, the catalyst for this comes down to a combination of increasing network speeds and mobile services, combined with a falling cost in the provision of data services.

It seems that there are basically two schools of thought when it comes to designing mobile content for the web: some (most notably the W3C) believe that content should be device agnostic; whilst that approach is perfectly laudable (a mobile browser is, after all, just another form of browser) others believe that the whole point of the mobile web is that device-specific functionality can be used to provide services that wouldn’t otherwise be available (e.g. location-based services).

Brian’s .net magazine article explains that there are for major methods of mobile web publishing:

  1. Small screen rendering
  2. Programatically reformatting content
  3. Handheld style-sheets
  4. Mobile-specific site.

As we work down the list, each of these methods is (potentially) more complex, but is also faster. Luckily, for WordPress users like myself, Alex King has written a WordPress Mobile Edition plugin, which applies a different stylesheet for mobile browsers, publishing a mobile friendly site. Using the Opera Mini live demo to simulate a mobile browser, this is what it did for my site:

This website, viewed in a simulated mobile phone browserThe mobile-optimised version of this website, viewed in a simulated mobile phone browser

The first image shows the content as it would be rendered using the default, small screen rendering – not bad but not exactly ideal on a small screen – but the second image is using the WordPress Mobile Edition plugin to display something more suitable for the mobile web. Not only is the display much simpler and easy to navigate on a handset, but the page size has dropped from 28KB to 1KB. Consequently, I was a bit alarmed when I used the ready.mobi site to generate a report for this site, as the site only scored 3 out of 5 and was labelled as “will possibly display poorly on a mobile phone”. Even so, the user experience on my relatively basic (by modern standards) Nokia 6021 was actually quite good (especially when considering that the device is not a smartphone and it failed the handheld media type test) whereas viewing the normal (non-mobile) version generated a “memory full” error.

So, it seems that preparing a WordPress site for the mobile web is actually pretty simple. I have a couple of tweaks to make in order to improve the ready.mobi test results (quick fixes ought to include support for access keys and working out why the page heading is being tagged as <h3> when the standard site uses an <h1> tag) but there is certainly no need for me to develop a separate site for mobile devices, which is just as well as it’s taking me ages to finish the redevelopment of the site (and I can save myself a few quid by not registering the markwilson.mobi domain)!

Links
The following links may be useful to anyone who is looking at developing content for the mobile web:

It may also be worth stopping by at Keni Barwick’s blog on all things mobile.

Nokia phone stops ringing

Posted on By Mark Wilson
This content is 18 years old. I don't routinely update old blog posts as they are only intended to represent a view at a particular point in time. Please be warned that the information here may be out of date.

Yesterday, when my mobile phone rang it played the awful Nokia tune (I would never set that as my ringtone). Today, it decided that it wouldn’t make any sounds at all when incoming calls were received (although once answered, calls worked as intended). Then I realised, of course, it’s a computer. Time for a reboot. Problem solved. Bloody computers.

Portable applications – an alternative approach to mobile computing

Posted on By Mark Wilson
This content is 18 years old. I don't routinely update old blog posts as they are only intended to represent a view at a particular point in time. Please be warned that the information here may be out of date.

I’ve been playing around with the idea of running operating systems from USB flash drives for a while now but the main problem is USB boot support in the hardware I use (most notably the Fujitsu Siemens Lifebook S7010D that I use for work doesn’t support it).

A while back I wrote about my experiences of booting Windows PE from a USB flash drive (and I believe that new versions of PE make this easier) but the reality is that I haven’t needed this – it not really anything more than a challenge that I set myself to see if it could be done and for those (up to now, theoretical) “system down” occasions there are CD-based solutions that I can use (e.g. Knoppix STD, Trinity Rescue Kit or Winternals Administrators Pak).

For other occasions (like working on someone else’s PC), there is the option of a portable application. I tried out two such packages tonight (my favourite Windows FTP program – FileZilla – and Mozilla Firefox) and was very impressed. Neither of these applications is installed on my wife’s Windows XP PC and yet I was able to run the portable versions of the them both from my USB flash drive without leaving any files behind. It’s the ultimate in mobile computing – literally anytime, anyplace, anywhere – as long as you can borrow a (Windows) PC!

There are alternative solutions such as U3 and MojoPac but, as far as I can tell, these rely on kernel hacks to implement technology such as roaming desktops and the beauty of the Portable Applications solution is that, even though there is an application “suite” available, I can just run the individual applications that I need, on any Windows PC, without any specialist hardware – and it’s free.

Mobile working… without any devices

Posted on By Mark Wilson
This content is 18 years old. I don't routinely update old blog posts as they are only intended to represent a view at a particular point in time. Please be warned that the information here may be out of date.

Today is not a good day. It’s a fairly normal Tuesday – up at 05:00, leave the house at 05:30 to avoid the traffic and be in the office in London (Docklands) by about 07:00; except that I was hungry, it took 15 minutes to get served at the MacDonalds drive thru’ (call that fast food?) and now I’m at my desk I’ve found that I left my notebook PC at home. Arghhhhh!

I hadn’t realised before that I can’t work without my notebook PC. This office doesn’t have any general use desktop PCs – just hot desks for mobile/notebook users; and my data isn’t on the network either – it’s on my PC and backed up to DVD and external hard disks at home. I feel like I’ve lost a limb (well, if I had really lost a limb I’m sure it would be much, much worse, but I’m sure you get my drift).

I can’t go home to pick it up because south-east England will be snarled up with traffic now, making it a 4-hour round trip (and I have a meeting at 10:30). Luckily, I’ve managed to borrow a notebook from one of the guys in the office for a few hours.

So, for the next 3 hours it’s Microsoft Exchange via Outlook Web Access and picking out tasks that don’t require access to my existing data. Then, after my meeting, I can make the 160-mile round trip to retrieve my lost limb and pick up my work where I left off previously before making my way to the hotel and this evening’s appointments. Now, what was I saying about not trusting Web 2.0 sites to hold my data? Alternatively, maybe I should start to work from home 5 days a week instead of just 2…

Windows Mobile device security

Posted on By Mark Wilson
This content is 18 years old. I don't routinely update old blog posts as they are only intended to represent a view at a particular point in time. Please be warned that the information here may be out of date.

Over the years, I’ve attended various presentations featuring mobile access to data but most of them have been along the lines of “look at all this cool stuff I can do”. Last week I was at the Microsoft IT Security Summit and saw a slightly different angle on things as Jason Langridge presented a session on securing Windows Mobile devices – something which is becoming ever more important as we increasingly use mobile devices to access data on the move.

It’s surprising just how few people make any effort to secure their device and, according to Microsoft, only 25% of mobile users set even a password/PIN. Even so, that’s just the tip of the iceberg – mobile data exists in a variety of locations (including paper!) and whilst many IT Managers are concerned about data on smartphones, PDAs and USB devices, paradoxically, many notebook PCs have an unencrypted hard disk containing many gigabytes of data. A mobile security policy is different to a laptop security policy – and it’s more than just a set of technology recommendations – it should involve assessing the risk and deciding what data can safely be lost and what can’t. Ultimately there is a fundamental trade-off between security, usability and cost.

Potential mobile device security threats can come from a number of sources, including malware from applications of unknown origin, viruses, loss/theft, unauthorised access via a personal area network, wireless LAN, wireless WAN, LAN or through synchronisation with a desktop/notebook PC. Each of these represents a subsequent risk to a corporate network.

The Windows Mobile platform supports secure device configuration through 43 configuration service providers (CSPs). Each CSP is an XML document that can be used to lock down a device, for example to disable Bluetooth:


The diagram below illustrates the various methods of provisioning and control for mobile devices, from direct application installation or desktop ActiveSync, through in-ROM configuration to over-the-air provisioning from Exchange Server, WAP or the Open Mobile Alliance (OMA) industry standard for mobile device management.Mobile device provisioning and control methods

The most secure method of configuring a mobile device is via a custom in-ROM configuration – i.e. hard-coded XML in ROM, run during every cold boot. This method needs to be configured by the OEM or system integrator who creates the device image.

Secure system updates provide for after-market updates to device configuration, even when mobile. Image updates (a new feature for Windows Mobile 5.0) can update system files ranging from the full image to a single file including handling dependency and conflict resolution. Controlled by the OEM or the mobile operator, image update packages are secured using cryptographic signatures.

Probably the simplest way to provide some form of perimeter security is using a PIN code or strong password (depending on the device), incorporating an exponential delay with each incorrect password. Such arrangements can now be enforced using the tools provided in Exchange Server 2003 SP2 and/or the Systems Management Server device management feature pack. Taking a look at Exchange Server 2003 SP2, it not only delivers improved access to Outlook data when mobile with reduced bandwidth usage and latency, direct push e-mail, additional Outlook properties and global address list lookup; but it also provides security policy provisioning for devices with password restrictions, certificate authentication, S/MIME and the ability to locally or remotely reset a mobile device.

Windows Mobile does not encrypt data on devices due to the impact on performance; however it does include a cryptographic API and SQL CE/SQL Mobile access provides 128-bit encryption. If data encryption on the device is required (bearing in mind that the volume of data involved is small and the observation that many notebook PCs representing a far larger security risk are unsecured) then third party solutions are available.

Mobile applications can be secured for both installation and execution. For installation, the .CAB file containing the application can be signed and is validated against certificates in the device certificate store. Similarly, .EXE/.DLL files (and .CPL files, which are a special .DLL) need to be signed and validated for execution. Users are asked to consent to install or execute signed code, and if consent is given, a hash of each file is added to a prompt exclusion list to avoid repeated prompts. Copying executable files to the device is not the same as installing them and will result in an execution prompt.

Windows Mobile includes a two-tier application execution control with the 1-tier mode including either blocking execution completely or running as privileged/trusted. If 2-tier mode is in use, an application could be signed for one of two different trust levels – either privileged, with access to registries, APIs and hardware interfaces; or unprivileged, with applications restricted from certain operations. Smartphones support 1- or 2-tier operation; whereas PocketPC devices are limited to a single tier.

Whilst application installation security can provide good protection against viruses and other malware, there are also anti-virus APIs built in to Windows Mobile with solutions available from a variety of vendors.

As new wireless network technologies come onstream, it is important to consider wide area network security too. Windows Mobile supports NTLM v2 as well as SSL, WPA and 802.1x user authentication using passwords or certificates. VPN support is also provided. From a personal area network (Bluetooth/infrared) perspective, peer-to-peer connections require interaction in order to accept data and CSPs are available to block both Bluetooth and IrDA object exchange (OBEX). By default, Bluetooth is turned off on Windows Mobile 5.0 devices, giving out-of-the-box protection against bluesnarfing (gaining access to personal information data) and bluejacking (unauthorised sending of messages to a device).

Jason summarised his presentation by pointing out that security is often used as a convenient excuse not to deploy mobile technology when what is really required is to establish a mobile security policy and to educate users.

A risk assessment must be made of each security scenario and risk management should be based on that assessment. Solutions should be automatically enforced but must also be acceptable to users (e.g. complex passwords will not work well on a smartphone!). Security is a combination of both a policy and technology but the policy must come before the technology choice (only when it is known what is to be protected from whom in which situations can it be decided how to secure it).

Suggested further reading
Microsoft mobile security white paper
Windows Mobile network security white paper

Enabling Outlook Mobile Access for Exchange Server 2003

Posted on By Mark Wilson
This content is 18 years old. I don't routinely update old blog posts as they are only intended to represent a view at a particular point in time. Please be warned that the information here may be out of date.

A few years ago I attended an Exchange Server 2003 overview presented by Microsoft UK and Conchango (where I subsequently worked for a while) and got to play with Outlook Mobile Access (OMA) using an emulated mobile phone connection. I was pretty impressed (these were the days before smartphones became a reality) but haven’t used the functionality since. Until last night that was, when (inspired by a mobility presentation which Jason Langridge gave at the Microsoft UK Security Summit a couple of days back) I was tweaking a few settings on my Exchange server and decided to enable OMA.

For those who are not familiar with OMA, it supports mobile microbrowser access to Exchange Server 2003 for browsers that use HTML, extensible HTML (XHTML), wireless application protocol (WAP) 2.x or compressed HTML (CHTML) with access to Inbox, Calendar, Contacts, and Tasks as well as a searchable global address list and searchable Inbox folders .

OMA Main Menu

My handset is a fairly simple Nokia 6021 (but it does everything that I need it to) and is not on the list of supported handsets but there’s an option in Exchange System Manager to enable unsupported devices. After enabling OMA in the mobile services global settings (and optionally enabling unsupported devices) browsing to the server and reading my messages should be as simple as initiating a GPRS connection from my phone to my Exchange server (but with /oma instead of /exchange) and logging on (SMTP forwarding is also available but it requires the use of a WAP gateway and additional settings to define the mobile carrier).

Unfortunately my browse request was greeted with the following error message:

A System error has occurred while processing your request. Please try again. If the problem persists, contact your administrator.

Additionally, Exchange Server logged the following error in the application event log:

Event Type: Error
Event Source: MSExchangeOMA
Event Category: (1000)
Event ID: 1503
Date: 06/07/2006
Time: 23:36:57
User: N/A
Computer: servername
Description:
An unknown error occurred while processing the current request:
Message: The remote server returned an error: (403) Forbidden.
Source: Microsoft.Exchange.OMA.ExchangeDataProvider
Stack trace:
at Microsoft.Exchange.OMA.ExchangeDataProvider.OmaWebRequest.GetRequestStream()
at Microsoft.Exchange.OMA.ExchangeDataProvider.ExchangeServices.GetSpecialFolders()
at Microsoft.Exchange.OMA.ExchangeDataProvider.ExchangeServices..ctor(UserInfo user)

Message: Exception has been thrown by the target of an invocation.
Source: mscorlib
Stack trace:
at System.Reflection.RuntimeConstructorInfo.InternalInvoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture, Boolean isBinderDefault)
at System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
at System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
at System.Activator.CreateInstance(Type type, BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
at Microsoft.Exchange.OMA.UserInterface.Global.Session_Start(Object sender, EventArgs e)

Message: Exception of type Microsoft.Exchange.OMA.DataProviderInterface.ProviderException was thrown.
EventMessage:
UserMessage: A System error has occurred while processing your request. Please try again. If the problem persists, contact your administrator.
Source: Microsoft.Exchange.OMA.UserInterface
Stack trace:
at Microsoft.Exchange.OMA.UserInterface.Global.Session_Start(Object sender, EventArgs e)
at System.Web.SessionState.SessionStateModule.RaiseOnStart(EventArgs e)
at System.Web.SessionState.SessionStateModule.CompleteAcquireState()
at System.Web.SessionState.SessionStateModule.BeginAcquireState(Object source, EventArgs e, AsyncCallback cb, Object extraData)
at System.Web.AsyncEventExecutionStep.System.Web.HttpApplication+IExecutionStep.Execute()
at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)

Microsoft knowledge base article 898131 suggested that the on-screen error may have been related to multiple server identities and incorrect host headers for the OMA website; however I didn’t find that to be the case (that is to say that the resolution I found works regardless of whether or not I change the host headers to include the NetBIOS name of my server, which is accessed externally using a totally different name). Microsoft knowledge base article 817379 was much more useful as it seems the issue is related to the fact that my server is only accessible using an SSL connection, forms-based authentication is enabled and I don’t have a dedicated front-end server. Following Microsoft’s advice to create a secondary virtual directory for Exchange that does not require SSL (/exchange-oma), and then adding a registry value to point to the new virtual directory resolved the issue for me.

I still access the server using HTTPS to https://exchangeservername/oma (external HTTP connections cannot reach my Exchange server) but this fix resolves the internal operations between OMA, the OWA templates and DAV on the mailbox server.

To read more about configuring OMA, an OMA 2003 tutorial is available at MSExchange.org. It’s also possible to test OMA using the Nokia mobile browser and WAP gateway simulators (which is what I used for the screenshot shown above).

Mobile messaging and Exchange Server 2003 SP2

Posted on By Mark Wilson
This content is 19 years old. I don't routinely update old blog posts as they are only intended to represent a view at a particular point in time. Please be warned that the information here may be out of date.

Apart from a short post announcing the arrival of Exchange Server 2003 service pack 2 (SP2), I haven’t written much on the topic. Often the first service pack for a product brings functionality that didn’t quite make it in time for the release. Second service packs are more likely to include features that have become significant in the market – for Windows XP that was security and for Exchange, that’s mobile messaging and tackling UCE – but SP2 also brings a number of other improvements:

  • Probably the most significant change for small businesses (and branch office deployments) is the increased storage potential for Exchange Server 2003 standard edition (now limited to 75GB, rather than the 16GB limit that existed previously). Of course, enterprise edition is still “unlimited”, but for those organisations running the standard edition, 16GB might only have been a few mailboxes!
  • SP2 also enhances some of the management tools – particularly with a “panic button” to prevent public folder replication (a lengthy process that was previously difficult to stop once started).
  • The Exchange Server 2003 intelligent message filter (IMF) – previously a separate download, it is now included in SP2. SP2 also supports SenderID – the proposal from Microsoft and others for validation that a message did actually originate from the organisation from which it claims to be.
  • Finally, on the mobile messaging front, SP2 adds direct push support, device and message security, and support for device policy provisioning.

I’m planning a separate post on tacking unsolicited commercial e-mail (UCE – commonly known as spam) using the IMF so here I’ll concentrate on the mobile messaging improvements in SP2.

At last week’s IT Forum ’05 highlights (part 2) event, Ewan Dalton (one of the Microsoft Exchange team members) demonstrated some of the new mobile technologies. I was quite impressed – up until now, Windows Mobile users only really had POP/IMAP/HTTP e-mail whilst Blackberry users were bragging about their instant delivery (“push” e-mail). Actually, none of it is instant – there’s actually a polling mechanism in place and push does involve some pulling (as does it for Blackberry), but even so it’s pretty good.

The ActiveSync direct push process works as follows:

  1. The mobile device sends a request to the Exchange Server front end server.
  2. The server holds the request pending until the heartbeat interval expires (default 15 minutes) – effectively keeping a connection open, but with no traffic).
  3. If no mail arrives before the heartbeat interval expires, the device sends another request but if new mail arrives in the meantime, the server notifies the device that changes have occurred in the mailbox.
  4. Upon receiving a response from the server, the device immediately issues a synchronisation request to pull e-mail. Once synchronised, the process restarts at step 1.

In practice, I’m told that mail will probably be on the mobile device before it would arrive in Outlook in cached mode.

When asked about the cost of keeping the device connection open using the heartbeats, Microsoft replied that their testing indicates an extra 1MB of traffic per month; however, because the new ActiveSync is using GZIP compression, traffic levels have dropped by 50%, so it could actually result in lower bandwidth charges.

Another improvement with SP2 is the new mobile device policy functionality, allowing organisations to enforce device security requirements, e.g. password length, complexity, inactivity timeout, refresh interval and also the ability to wipe the device after a specified number of attempts (the handset would still be usable, but it would no longer contain any data). All of this can optionally be overridden with exceptions (e.g. for older devices which do not support the policy). Certificates are also supported in place of username and password/PIN combinations; however these need to be provisioned over a corporate network (not the mobile operator’s network).

Microsoft also demonstrated the ability to wipe a device when chosen from a list of devices associated with a user, sending a dummy contact which effectively applies a new policy and wipes the device. Because this is a notification, not an SMS message, it is effective immediately.

Using a traditional middleware approach (e.g. BlackBerry Server for Microsoft Exchange), device support is limited and the network operator has to be involved in mail delivery:

Mobile middleware

With Windows Mobile and Exchange Server 2003 SP2, there is no middleware and devices connect via HTTPS straight into the corporate infrastructure:

Windows Mobile

In practice, this looks something like the following:

Windows Mobile in the Enterprise

Microsoft recommend using a domain-joined ISA Server with one NIC in the corporate network and another in a DMZ (i.e. behind another firewall) to pre-authenticate user requests. In this manner the front-end server no longer has to be located inside the DMZ and there are less firewall ports to be opened for Active Directory connectivity, decreasing the attack surface for the corporate network.

For scalability, Microsoft quote their own metrics from internal deployment.

  • Worldwide, the software giant has 106,000 user mailboxes with four front end hubs. About 25% of these mailboxes use mobile devices – and two thirds of these are smart phones with the remaining third running Pocket PC Phone Edition.
  • In Redmond alone, there are 60,000 mailboxes with all mobile services running on three Exchange Server 2003 SP2 servers (dual CPU and 2GB RAM). This breaks down to 20,000 simultaneous HTTP sessions per server (although they do concede that a more realistic benchmark would be 10-15,000 sessions). The same servers are used for Outlook Web Access (OWA) and Outlook RPC over HTTP.
  • ActiveSync uses a single HTTPS connection.
  • OWA uses 3 or 4 connections.
  • RPC over HTTP typically uses between 10 and 12 connections.
  • In the Europe, Middle East and Africa (EMEA) region, 9000 users are supported from one 5-node Exchange Server cluster in Dublin. Two of these are front end servers but one would be sufficient – the second is for resilience.

    • In order to use the new Exchange Server mobile functionality there are some device and server requirements:

    • The device must be running Windows Mobile 5.0 (older devices will work, but will not benefit from the SP2 improvements). Also, the messaging security feature pack (MSFP) is required for much of the new functionality – this is part of the adoption kit ROM update 2 (AKU2), currently being tested by network operators and expected to ship during March/April 2006. Device manufacturers can use an image update to refresh older Windows Mobile 5.0 devices that are already on the market.
    • The front end server needs to have Exchange Server 2003 SP2 installed. In addition, Microsoft recommend that the IIS and firewall HTTPS timeout is increased for the ActiveSync virtual directory (to between 15 and 30 minutes).

    Other OEMs are licensing Exchange technologies so the new features will be supported on a broader range of devices (Palm, Nokia, Motorola, etc.). Another option is the use of third-party software, like the Java-based DataViz RoadSync.

    Unusually feature-packed (for a service pack), SP2 is expected to be the last major functional improvement for Exchange Server 2003 but it brings a whole host of valuable functionality. Watch this space for more about the next version of Exchange Server (codenamed Exchange 12).