Developers guidelines June 2010

Microsoft Exchange ActiveSync (EAS) with Sony Ericsson phones

Developers guidelines | Exchange Active Sync (EAS)

Preface Purpose of this document These Developers guidelines describe the Microsoft® Exchange ActiveSync® implementation in Sony Ericsson phones and the communication methods and protocols used when synchronising email, calendar and contact items in the phone with a Microsoft Exchange server. The document is primarily intended for corporate IT personnel working with Microsoft Exchange server maintenance and operation. People who can benefit from this document are: • • • •

Corporate decision makers Corporate IT departments Microsoft Exchange server operators Operators and service providers

These Developers guidelines are published by:

This document is published by Sony Ericsson Mobile Communications AB, without any warranty*. Improvements and changes to this text necessitated by typographical errors, inaccuracies of current information or improvements to programs and/or equipment, may be made by Sony Ericsson Mobile Communications AB at any time and without notice. Such changes will, however, be incorporated into new editions of this document. Printed versions are to be regarded as temporary reference copies only.

Sony Ericsson Mobile Communications AB, SE-221 88 Lund, Sweden www.sonyericsson.com/ © Sony Ericsson Mobile Communications AB, 2008. All rights reserved. You are hereby granted a license to download and/or print a copy of this document. Any rights not expressly granted herein are reserved.

*All implied warranties, including without limitation the implied warranties of merchantability or fitness for a particular purpose, are excluded. In no event shall Sony Ericsson or its licensors be liable for incidental or consequential damages of any nature, including but not limited to lost profits or commercial loss, arising out of the use of the information in this document.

14th version (June 2010) Publication number: 1214-8413.14

2

June 2010

Developers guidelines | Exchange Active Sync (EAS)

Sony Ericsson Developer World At www.sonyericsson.com/developer, developers find the latest technical documentation and development tools such as phone White papers, Developers guidelines for different technologies, Getting started tutorials, SDKs (Software Development Kits) and tool plugins. The Web site also features news articles, go-to-market advice, moderated discussion forums offering free technical support and a Wiki community sharing expertise and code examples. For more information about these professional services, go to the Sony Ericsson Developer World Web site.

Document conventions Products Sony Ericsson mobile phones are referred to in this document using generic names: Generic names Series

Sony Ericsson mobile phones

Windows Mobile phones: Aspen

Sony Ericsson Aspen™ M1i, Sony Ericsson Aspen™ M1a

X1

Xperia™ X1

X2

Xperia™ X2, Xperia™ X2a

Symbian™ OS UIQ phones: G700

G700, G700c, G700a

G900

G900, G900c

M600

M600, M608c

P1

P1i, P1c

P990

P990i, P990c

W950

W950i, W958c

W960

W960i

Sony Ericsson feature phones: Aino™

Aino™ U10i, Aino™ U10a

C510

C510, C510c, C510a

3

June 2010

Developers guidelines | Exchange Active Sync (EAS)

Generic names Series

Sony Ericsson mobile phones

C702

C702, C702c, C702a

C901

C901, C901a, C901 GreenHeart™

C902

C902, C902c

C903

C903, C903a

C905

C905, C905c, C905a

Cedar

Sony Ericsson Cedar™ J108i, Sony Ericsson Cedar™ J108a

Elm

Sony Ericsson Elm™ J10, Sony Ericsson Elm™ J10i2

G502

G502, G502c

G705

G705, G705u

Hazel

Sony Ericsson Hazel™ J20, Sony Ericsson Hazel™ J20i

Jalou™

Jalou™ F100i, BeJoo™ F100i

K630

K630i

K660

K660i

K850

K850i, K858c

Naite™

Naite™ J105i, Naite™ J105a

Pureness™

Xperia™ Pureness™ X5, Xperia™ Pureness™ X5i

T700

T700

T707

T707, T707a

T715

T715, T715a

V640

V640i

W508

W508, W508c, W508a, W518a

W595

W595, W595s

W705

W705, W705u

W715

W715

W760

W760i, W760c

W890

W890i, W898c

W902

W902

W910

W910i, W908c

W980

W980i

W995

W995, W995a

Yari™

Yari™ U100i, Yari™ U100a

4

June 2010

Developers guidelines | Exchange Active Sync (EAS)

Generic names Series

Sony Ericsson mobile phones

Z770

Z770i

Z780

Z780i, Z780a

Zylo

Sony Ericsson Zylo™ W20, Sony Ericsson Zylo™ W20i

Terminology and abbreviations EAS

Exchange ActiveSync

GAL

Global Address List

SSL

Secure Socket Layer

Trademarks and acknowledgements GreenHeart, Aino, BeJoo, Jalou, Naite, Pureness, Sony Ericsson Aspen, Sony Ericsson Cedar, Sony Ericsson Elm, Sony Ericsson Hazel, Sony Ericsson Zylo, Xperia and Yari are trademarks or registered trademarks of Sony Ericsson Mobile Communications AB. Symbian is a trademark or a registered trademark of Symbian Ltd. Microsoft and Exchange ActiveSync are trademarks or registered trademarks of Microsoft Corporation in the United States and/or other countries. DataViz is a trademark of DataViz, Inc. Other product and company names mentioned herein may be the trademarks of their respective owners.

5

June 2010

Developers guidelines | Exchange Active Sync (EAS)

Document history Change history 2008-07-22

Doc. no. 1214-8413.1

First version published on Developer World

2008-09-09

Doc. no. 1214-8413.2

Second version. Information about G705 added

2008-10-17

Doc. no. 1214-8413.2 (rev. B)

Second revised version. New document layout

2008-11-11

Doc. no. 1214-8413.3

Third version. Information about W705 added

2009-01-08

Doc. no. 1214-8413.4

Fourth version. Information about C510 and W508 series added

2009-02-15

Doc. no. 1214-8413.5

Fifth version. Information about C901, C903, W715 and W995 series added

2009-03-26

Doc. no. 1214-8413.6

Sixth version. Information about T707 series added

2009-06-01

Doc. no. 1214-8413.7

Seventh version. Information about Aino™ and Yari™ series added

2009-06-25

Doc. no. 1214-8413.8

Eighth version. Information about Naite™ and T715 series added

2009-08-12

Doc. no. 1214-8413.9

Ninth version. Information about Jalou™ series added

2009-10-26

Doc. no. 1214-8413.10

Tenth version. Information about X2 and Pureness™ phone series added

2009-12-10

Doc. no. 1214-8413.11

Eleventh version. Information about Elm and Hazel phone series added

2010-02-02

Doc. no. 1214-8413.12

12th version. Information about Aspen phone series added

2010-04-13

Doc. no. 1214-8413.13

13th version. Information about Zylo phone series added

2010-06-16

Doc. no. 1214-8413.14

14th version. Information about Cedar phone series added

6

June 2010

Developers guidelines | Exchange Active Sync (EAS)

Contents Overview ......................................................................................................................8 EAS features overview ..............................................................................................8 EAS system architecture ..........................................................................................10 Supported features .................................................................................................11 EAS server settings .................................................................................................12 SSL certificates .......................................................................................................13 Installing root certificates in a phone ...................................................................14 EAS client features and settings .............................................................................15 EAS client in Sony Ericsson Symbian OS UIQ phones .......................................15 EAS client in Sony Ericsson feature phones ........................................................18

7

June 2010

Developers guidelines | Exchange Active Sync (EAS)

Overview Microsoft Exchange ActiveSync provides a secure, wireless, direct push synchronisation of corporate email, calendar items, contacts and tasks in one easy to manage package. The phones in this document, except the M600, P990 and W950 series, are delivered with a preinstalled Exchange ActiveSync (EAS) client software supporting synchronisation of email, calendar items and contacts. The client software for M600, P990 and W950 series is available for download at www.sonyericsson.com/support. The EAS client needs to be set up to communicate with a Microsoft Exchange server using the EAS protocol. The client communicates with the server using standard Internet account settings in the phone. Access to the Exchange server is normally granted via the Exchange Client Access License, as provided for example via an Outlook or Outlook Web Access account possessed by the user. Normally the user logs in to the Exchange server using the same user name and password as when logging in to the corporate network. The Sony Ericsson EAS client support synchronising of email, contacts and calendar items with the corresponding items on the Exchange server. Which items to synchronise, time intervals, size limits, and so on, are chosen via client software settings in the phone.

EAS features overview The EAS clients in Sony Ericsson phones are primarily designed to communicate with Microsoft Exchange server 2003. They also work with Microsoft Exchange server 2007, but none of the new features in this server version are supported. The following features are supported: • Wireless synchronisation of emails, calendar items and contacts • Direct push (requires Exchange server 2003 SP2 or higher) or scheduled synchronisation • Full attachment support, both sending and receiving (Symbian phones only) • Secure transmission of sensitive data, SSL encrypted transport over port 443 • Global Address List (GAL) lookup is supported in Symbian phones, but items received from the server must be stored in Contacts before it can be used • Remote wipe. All emails, calendar items and contacts and the EAS profile in the phone may be removed by Exchange server administrators. On later Symbian phone models, the entire phone is wiped, that is, its file system is formatted

8

June 2010

Developers guidelines | Exchange Active Sync (EAS)

• Password enforcement (Symbian phones only). If activated, the server forces the user to enter a password after a certain time of phone inactivity. All password rules supported on Exchange server 2003 SP2 can be applied to this password

9

June 2010

Developers guidelines | Exchange Active Sync (EAS)

EAS system architecture

The figure illustrates the recommended EAS system configuration with front end and back end Exchange servers behind a firewall. The EAS client in the phone communicates with the Exchange server over the Internet, using an activated operator Internet account over GPRS or UMTS/HSDPA. Internet connection via WLAN is also supported. WAP connections should be avoided. Synchronisations are initiated on timed intervals or via Direct Push, depending on EAS client settings in the phone. It is also possible to initiate synchronisations manually. When Direct Push is set in the client the server initiates a synchronisation session whenever there is a change in Exchange data, for example, if a new email has arrived or a new appointment has been registered in the calendar. A notification is sent to the EAS client in the phone which initiates the data transfer between client and server. On scheduled synchronisation the EAS client initiates Exchange ActiveSync sessions on the set time intervals by notifying the server. The server checks if any new emails have arrived or PIM items have changed since the last synchronisation session and responds to the EAS client. The data transfer is then initiated.

10

June 2010

Developers guidelines | Exchange Active Sync (EAS)

Supported features The EAS implementation differs slightly between Sony Ericsson Symbian OS UIQ phones and Sony Ericsson feature phones. The Exchange ActiveSync client software in Sony Ericsson phones is provided by DataViz™ and is preinstalled in most of the phones mentioned in this document. For M600, P990 and W950 phones, the software is available for download at www.sonyericsson.com/support. Recommended software version is 2.015 or higher. Sony Ericsson phones support EAS protocol version 2.5. The following features are supported. Function

Exchange ActiveSync server, Aspen, X1 and X2 phones

Symbian OS phones (except M600, P990, W950 and early P1 phones)

M600, P990, Feature W950 and early phones P1 phones

Attachments

Full

Full

Full

Yes (No viewers)

Subfolders

Yes

No

No

No

Direct Push

Yes

Yes

Yes

Yes

Scheduled sync

Yes

Yes

Yes

Yes

Email sync

Yes

Yes

Yes

Yes

Calendar sync

Yes

Yes

Yes

Yes

Contacts sync

Yes

Yes

Yes

Yes

Task sync

Yes

No

No

No

Sent items sync

Yes

Items are only stored in the phone

Items are only stored in the phone

Items are only stored in the phone

Sync of Contact images

Yes

No

No

No

Meeting request, send

Yes

No

No

No

Meeting request, receive

Yes

Yes

Yes

No

Meeting request, reply

Yes

Yes

Yes

No

Global Address Lookup (GAL)

Yes

Yes

Yes

No

Remote wipe (IT wipe)

Yes, Full

Yes, Full

PIM data only

PIM data only

Exchange 2003 server policy settings

Yes

Yes

Limited support No

11

June 2010

Developers guidelines | Exchange Active Sync (EAS)

EAS server settings For detailed information about Exchange ActiveSync server features and settings, see Mobile Messaging with Exchange ActiveSync, White Paper, available at http://www.microsoft.com/exchange/evaluation/features/mobileaccesswp.mspx To make EAS clients in Sony Ericsson phones work properly with the server, the following settings on the server are required: • “User Initiated Synchronisation” must be enabled in “Server settings”, “Exchange Features” tab • “User Initiated Synchronisation” must also be enabled in the “Mobile Services Properties” dialog • “Enable Direct Push over HTTP(s)” should be checked in the “Mobile Services Properties” dialog (valid for Exchange server 2003 SP2 or higher)

• With Direct Push enabled, the phone EAS client keeps an idle HTTP(s) connection open to the server during the heartbeat interval. To secure that Direct Push works properly the firewall time-out value should be set to at least 15 minutes to allow the idle connection to persist. Note: In earlier Symbian OS phones, the heartbeat interval (Push cycle interval) could be set in the client, but in all phones mentioned in this document, this interval is set automatically via an adoptive algorithm • If any of the settings in the “Device Security Settings” dialog are checked, the “Allow access to devices that do not fully support password settings” checkbox must also be checked for EAS to work with Sony Ericsson feature phones. The M600, P990, W950 and early P1 phones only support the “Enforce password on device” setting

12

June 2010

Developers guidelines | Exchange Active Sync (EAS)

• Microsoft recommends that Exchange ActiveSync server environments are configured with both back end and front end servers. In configurations with only a back end server, the following settings are required: • The Exchange virtual directory on the Exchange back end server must not be configured to require SSL • Forms-based authentication must be disabled More information about these and other issues can be found in Microsoft’s knowledge base article “Exchange ActiveSync and Outlook Mobile Access errors occur when SSL or forms-based authentication is required for Exchange Server 2003”, available at: http://support.microsoft.com/kb/817379/en-us

SSL certificates Data transfer between the Exchange server and phone is made secure by applying SSL security to the HTTP protocol. This requires that the phone has a root certificate which match the certificate on the server during the SSL handshake to verify the identity of the server. All Sony Ericsson phones include a series of Certificate Authority (CA) root certificates issued by various companies. Most feature phones include root certificates from Entrust, Equifax, GlobalSign, Thawte and Verisign. The list of root certificates installed in a feature phone can be viewed by selecting Settings from the desktop, then selecting Security – Certificates – Trusted certificates. Most Symbian phones include root certificates from Baltimore, Entrust, Equifax, Geotrust, Globalsign, GTE, RSA Data, VeriSign and Thawte. The list of root certificates installed in a Symbian phone can be viewed by selecting Tools from the menu, starting the Control Panel application and selecting Security – Certificate Manager – the CA tab.

13

June 2010

Developers guidelines | Exchange Active Sync (EAS)

There are mainly three ways to handle SSL security with EAS: • An SSL certificate matching one of the root certificates included with the phone is installed on the server. The server certificate has to be purchased from the CA who issued the preferred root certificate. • An SSL certificate created on the server, based on a custom root certificate which is not present in the phone. For example, this may be the case when the company has a certificate of their own. In this case this custom root certificate must be installed on the phone. • Microsoft Small Business Server (SBS) is used. SBS usually generates a self-signed SSL certificate, which is not a root certificate and can therefore not be used as a certificate on the phone. The root certificate used to generate the self-signed certificate has to be installed on the phone instead.

Installing root certificates in a phone If the SSL certificate on the server is based on a root certificate that is not installed in the phone, this root certificate has to be installed on the phone to make EAS work. A root certificate to install on a phone must be either binary (DER) or base64 (PEM) encoded and the file format .cer. The certificate can be transferred to the phone in several ways. With feature phones the preferred method is to transfer the file over a Bluetooth connection and store it in phone memory or on a memory card. When the .cer file is opened, the certificate installs itself on the phone. The same method is applicable to Symbian phones but it is also possible to send the certificate file as an email attachment. A certificate file can also be downloaded to the phone, provided that its MIME type is “application/x-x509-ca-cert” on the download server.

Retrieving a custom root certificate from a server. If your server has a custom root certificate, rather than one issued by a CA, the following method can be used to install this root certificate on the phone: 1. On a desktop computer, use any Web browser and navigate to http://servername/ OMA. 2. Double click the “lock” icon in the bottom right hand corner of the browser window. This brings up the certificate information for the CA used on this site. 3. Double click the least indented entry in the certificate list, this is usually at the top of the list and is the root certificate. 4. Select the Details tab and click the Copy to File button. This starts the export process. 5. Export the file as a DER encoded binary (default). 6. Transfer the file to your phone and open it to install the certificate.

14

June 2010

Developers guidelines | Exchange Active Sync (EAS)

Retrieving a root certificate from an SBS server The following method can be used to retrieve a root certificate file on an SBS server and install it on a phone: 1. Install Windows Certificate Services from Windows Components. Both Certificates Services CA and Certificates Services Web are required. 2. On a desktop computer, use any Web browser and navigate to http://servername/ certsrv to download the CA certificate. Make sure it is DER encoded. 3. Transfer the file to your phone and open it to install the certificate.

EAS client features and settings EAS client in Sony Ericsson Symbian OS UIQ phones Note: Before setting up the EAS client, an Internet account must be defined in the phone. Note: The actual layout of setup screens may differ slightly between phone models. 1 “ActiveSync” wizard When the EAS client application is started for the first time, a setup wizard guides the user through five setup steps.

2 Server settings In step 2 of the wizard, the user enters the following: • User name and password for login to the Exchange server, typically the user name and password used to login to the corporate network • Server name. URL of the Exchange server. Note that the server name should not include “https://” • Domain. The server domain the user belongs to in the corporate network • SSL. This setting is enabled by default. Note that SSL must be disabled if it is disabled on the server, for example, when only a back end server is used

15

June 2010

Developers guidelines | Exchange Active Sync (EAS)

3 PC Suite disabled The user is informed that PC Suite synchronisation will be disabled to avoid conflicts between the two synchronisation methods.

4 Overwrite or merge data The user may select whether Exchange server data should overwrite data in the phone or merge. Overwrite is recommended to avoid duplicates.

5 Setup ready The user is given the options to start using the application or continue with more refined settings as below. These settings are also available by selecting Entertainment – Exchange ActiveSync from the phone desktop.

6a Edit server settings Here the user can change user name and password and other server settings.

16

June 2010

Developers guidelines | Exchange Active Sync (EAS)

6b Synchronisation scheduling The user can enable/disable Direct Push. If Push is disabled, the user may select an appropriate synchronisation schedule. There is also an option to allow or not allow synchronisation when roaming.

6c Email synchronisation settings The user can enable/disable email syncronisation and edit email sync settings, among others: • Date range, to allow limitation of how old emails from the Exchange inbox are shown in the phone • Email size, allowing the user to choose how much of an email can be viewed in the phone • Delete sent items, after how long time a sent email is deleted

6d Calendar synchronisation settings The user can enable/disable calendar synchronisation and set the date range for calendar items to be shown in the phone. It is also possible to reset calendar data, which erases all present calendar items in the phone. Data stored on the server is then downloaded in the next synchronisation.

6e Contacts synchronisation settings The user can enable/disable Contacts synchronisation and reset contacts data, which erases all present contacts items in the phone. Data stored on the server is then downloaded in the next synchronisation.

17

June 2010

Developers guidelines | Exchange Active Sync (EAS)

EAS client in Sony Ericsson feature phones Note: Before setting up the EAS client, an Internet account must be activated in the phone. Note: The actual layout of setup screens may differ slightly between phone models. 1 Synchronisation settings The user selects Settings – Connectivity from the desktop. Synchronisation settings are also available by selecting Organiser from the desktop.

2a New account The user selects the account type Exchange ActiveSync.

2b Name the account The user enters the name of the account.

3 Server settings The user enters the following: • Server address. URL of the Exchange server • Domain. The server domain the user belongs to in the corporate network • User name and password for login to the Exchange server, typically the user name and password used to login to the corporate network

18

June 2010

Developers guidelines | Exchange Active Sync (EAS)

4 Select data to synchronise The user checks which application data to synchronise.

5a Email synchronisation settings The user can edit email synchronisation settings, among others: • Message size, allowing the user to choose how much of an email can be viewed in the phone • Attachment size, allowing the user whether to download attachments or not, and if so, limit the maximum size of attachments to download • Date range, to allow limitation of how old emails from the Exchange inbox are shown in the phone • The user may also define a signature which will be included in all emails sent from the phone 5b Calendar synchronisation settings The user can set the date range for calendar items to be shown in the phone, up to 4 months back in time.

5c Advanced synchronisation settings The user can set Direct Push On or Off. If Push is set Off, the user may select an appropriate synchronisation schedule. There is also an option to allow synchronisation only on the Home Network or on all networks. SSL is enabled by setting Secure connection to On.

19

June 2010