Developers guidelines June 2010
Microsoft Exchange ActiveSync (EAS) with Sony Ericsson phones
Developers guidelines | Exchange Active Sync (EAS)
Preface Purpose of this document These Developers guidelines describe the Microsoft® Exchange ActiveSync® implementation in Sony Ericsson phones and the communication methods and protocols used when synchronising email, calendar and contact items in the phone with a Microsoft Exchange server. The document is primarily intended for corporate IT personnel working with Microsoft Exchange server maintenance and operation. People who can benefit from this document are: • • • •
Corporate decision makers Corporate IT departments Microsoft Exchange server operators Operators and service providers
These Developers guidelines are published by:
This document is published by Sony Ericsson Mobile Communications AB, without any warranty*. Improvements and changes to this text necessitated by typographical errors, inaccuracies of current information or improvements to programs and/or equipment, may be made by Sony Ericsson Mobile Communications AB at any time and without notice. Such changes will, however, be incorporated into new editions of this document. Printed versions are to be regarded as temporary reference copies only.
Sony Ericsson Mobile Communications AB, SE-221 88 Lund, Sweden www.sonyericsson.com/ © Sony Ericsson Mobile Communications AB, 2008. All rights reserved. You are hereby granted a license to download and/or print a copy of this document. Any rights not expressly granted herein are reserved.
*All implied warranties, including without limitation the implied warranties of merchantability or fitness for a particular purpose, are excluded. In no event shall Sony Ericsson or its licensors be liable for incidental or consequential damages of any nature, including but not limited to lost profits or commercial loss, arising out of the use of the information in this document.
14th version (June 2010) Publication number: 1214-8413.14
2
June 2010
Developers guidelines | Exchange Active Sync (EAS)
Sony Ericsson Developer World At www.sonyericsson.com/developer, developers find the latest technical documentation and development tools such as phone White papers, Developers guidelines for different technologies, Getting started tutorials, SDKs (Software Development Kits) and tool plugins. The Web site also features news articles, go-to-market advice, moderated discussion forums offering free technical support and a Wiki community sharing expertise and code examples. For more information about these professional services, go to the Sony Ericsson Developer World Web site.
Document conventions Products Sony Ericsson mobile phones are referred to in this document using generic names: Generic names Series
Sony Ericsson mobile phones
Windows Mobile phones: Aspen
Sony Ericsson Aspen™ M1i, Sony Ericsson Aspen™ M1a
X1
Xperia™ X1
X2
Xperia™ X2, Xperia™ X2a
Symbian™ OS UIQ phones: G700
G700, G700c, G700a
G900
G900, G900c
M600
M600, M608c
P1
P1i, P1c
P990
P990i, P990c
W950
W950i, W958c
W960
W960i
Sony Ericsson feature phones: Aino™
Aino™ U10i, Aino™ U10a
C510
C510, C510c, C510a
3
June 2010
Developers guidelines | Exchange Active Sync (EAS)
Generic names Series
Sony Ericsson mobile phones
C702
C702, C702c, C702a
C901
C901, C901a, C901 GreenHeart™
C902
C902, C902c
C903
C903, C903a
C905
C905, C905c, C905a
Cedar
Sony Ericsson Cedar™ J108i, Sony Ericsson Cedar™ J108a
Elm
Sony Ericsson Elm™ J10, Sony Ericsson Elm™ J10i2
G502
G502, G502c
G705
G705, G705u
Hazel
Sony Ericsson Hazel™ J20, Sony Ericsson Hazel™ J20i
Jalou™
Jalou™ F100i, BeJoo™ F100i
K630
K630i
K660
K660i
K850
K850i, K858c
Naite™
Naite™ J105i, Naite™ J105a
Pureness™
Xperia™ Pureness™ X5, Xperia™ Pureness™ X5i
T700
T700
T707
T707, T707a
T715
T715, T715a
V640
V640i
W508
W508, W508c, W508a, W518a
W595
W595, W595s
W705
W705, W705u
W715
W715
W760
W760i, W760c
W890
W890i, W898c
W902
W902
W910
W910i, W908c
W980
W980i
W995
W995, W995a
Yari™
Yari™ U100i, Yari™ U100a
4
June 2010
Developers guidelines | Exchange Active Sync (EAS)
Generic names Series
Sony Ericsson mobile phones
Z770
Z770i
Z780
Z780i, Z780a
Zylo
Sony Ericsson Zylo™ W20, Sony Ericsson Zylo™ W20i
Terminology and abbreviations EAS
Exchange ActiveSync
GAL
Global Address List
SSL
Secure Socket Layer
Trademarks and acknowledgements GreenHeart, Aino, BeJoo, Jalou, Naite, Pureness, Sony Ericsson Aspen, Sony Ericsson Cedar, Sony Ericsson Elm, Sony Ericsson Hazel, Sony Ericsson Zylo, Xperia and Yari are trademarks or registered trademarks of Sony Ericsson Mobile Communications AB. Symbian is a trademark or a registered trademark of Symbian Ltd. Microsoft and Exchange ActiveSync are trademarks or registered trademarks of Microsoft Corporation in the United States and/or other countries. DataViz is a trademark of DataViz, Inc. Other product and company names mentioned herein may be the trademarks of their respective owners.
5
June 2010
Developers guidelines | Exchange Active Sync (EAS)
Document history Change history 2008-07-22
Doc. no. 1214-8413.1
First version published on Developer World
2008-09-09
Doc. no. 1214-8413.2
Second version. Information about G705 added
2008-10-17
Doc. no. 1214-8413.2 (rev. B)
Second revised version. New document layout
2008-11-11
Doc. no. 1214-8413.3
Third version. Information about W705 added
2009-01-08
Doc. no. 1214-8413.4
Fourth version. Information about C510 and W508 series added
2009-02-15
Doc. no. 1214-8413.5
Fifth version. Information about C901, C903, W715 and W995 series added
2009-03-26
Doc. no. 1214-8413.6
Sixth version. Information about T707 series added
2009-06-01
Doc. no. 1214-8413.7
Seventh version. Information about Aino™ and Yari™ series added
2009-06-25
Doc. no. 1214-8413.8
Eighth version. Information about Naite™ and T715 series added
2009-08-12
Doc. no. 1214-8413.9
Ninth version. Information about Jalou™ series added
2009-10-26
Doc. no. 1214-8413.10
Tenth version. Information about X2 and Pureness™ phone series added
2009-12-10
Doc. no. 1214-8413.11
Eleventh version. Information about Elm and Hazel phone series added
2010-02-02
Doc. no. 1214-8413.12
12th version. Information about Aspen phone series added
2010-04-13
Doc. no. 1214-8413.13
13th version. Information about Zylo phone series added
2010-06-16
Doc. no. 1214-8413.14
14th version. Information about Cedar phone series added
6
June 2010
Developers guidelines | Exchange Active Sync (EAS)
Contents Overview ......................................................................................................................8 EAS features overview ..............................................................................................8 EAS system architecture ..........................................................................................10 Supported features .................................................................................................11 EAS server settings .................................................................................................12 SSL certificates .......................................................................................................13 Installing root certificates in a phone ...................................................................14 EAS client features and settings .............................................................................15 EAS client in Sony Ericsson Symbian OS UIQ phones .......................................15 EAS client in Sony Ericsson feature phones ........................................................18
7
June 2010
Developers guidelines | Exchange Active Sync (EAS)
Overview Microsoft Exchange ActiveSync provides a secure, wireless, direct push synchronisation of corporate email, calendar items, contacts and tasks in one easy to manage package. The phones in this document, except the M600, P990 and W950 series, are delivered with a preinstalled Exchange ActiveSync (EAS) client software supporting synchronisation of email, calendar items and contacts. The client software for M600, P990 and W950 series is available for download at www.sonyericsson.com/support. The EAS client needs to be set up to communicate with a Microsoft Exchange server using the EAS protocol. The client communicates with the server using standard Internet account settings in the phone. Access to the Exchange server is normally granted via the Exchange Client Access License, as provided for example via an Outlook or Outlook Web Access account possessed by the user. Normally the user logs in to the Exchange server using the same user name and password as when logging in to the corporate network. The Sony Ericsson EAS client support synchronising of email, contacts and calendar items with the corresponding items on the Exchange server. Which items to synchronise, time intervals, size limits, and so on, are chosen via client software settings in the phone.
EAS features overview The EAS clients in Sony Ericsson phones are primarily designed to communicate with Microsoft Exchange server 2003. They also work with Microsoft Exchange server 2007, but none of the new features in this server version are supported. The following features are supported: • Wireless synchronisation of emails, calendar items and contacts • Direct push (requires Exchange server 2003 SP2 or higher) or scheduled synchronisation • Full attachment support, both sending and receiving (Symbian phones only) • Secure transmission of sensitive data, SSL encrypted transport over port 443 • Global Address List (GAL) lookup is supported in Symbian phones, but items received from the server must be stored in Contacts before it can be used • Remote wipe. All emails, calendar items and contacts and the EAS profile in the phone may be removed by Exchange server administrators. On later Symbian phone models, the entire phone is wiped, that is, its file system is formatted
8
June 2010
Developers guidelines | Exchange Active Sync (EAS)
• Password enforcement (Symbian phones only). If activated, the server forces the user to enter a password after a certain time of phone inactivity. All password rules supported on Exchange server 2003 SP2 can be applied to this password
9
June 2010
Developers guidelines | Exchange Active Sync (EAS)
EAS system architecture
The figure illustrates the recommended EAS system configuration with front end and back end Exchange servers behind a firewall. The EAS client in the phone communicates with the Exchange server over the Internet, using an activated operator Internet account over GPRS or UMTS/HSDPA. Internet connection via WLAN is also supported. WAP connections should be avoided. Synchronisations are initiated on timed intervals or via Direct Push, depending on EAS client settings in the phone. It is also possible to initiate synchronisations manually. When Direct Push is set in the client the server initiates a synchronisation session whenever there is a change in Exchange data, for example, if a new email has arrived or a new appointment has been registered in the calendar. A notification is sent to the EAS client in the phone which initiates the data transfer between client and server. On scheduled synchronisation the EAS client initiates Exchange ActiveSync sessions on the set time intervals by notifying the server. The server checks if any new emails have arrived or PIM items have changed since the last synchronisation session and responds to the EAS client. The data transfer is then initiated.
10
June 2010
Developers guidelines | Exchange Active Sync (EAS)
Supported features The EAS implementation differs slightly between Sony Ericsson Symbian OS UIQ phones and Sony Ericsson feature phones. The Exchange ActiveSync client software in Sony Ericsson phones is provided by DataViz™ and is preinstalled in most of the phones mentioned in this document. For M600, P990 and W950 phones, the software is available for download at www.sonyericsson.com/support. Recommended software version is 2.015 or higher. Sony Ericsson phones support EAS protocol version 2.5. The following features are supported. Function
Exchange ActiveSync server, Aspen, X1 and X2 phones
Symbian OS phones (except M600, P990, W950 and early P1 phones)
M600, P990, Feature W950 and early phones P1 phones
Attachments
Full
Full
Full
Yes (No viewers)
Subfolders
Yes
No
No
No
Direct Push
Yes
Yes
Yes
Yes
Scheduled sync
Yes
Yes
Yes
Yes
Email sync
Yes
Yes
Yes
Yes
Calendar sync
Yes
Yes
Yes
Yes
Contacts sync
Yes
Yes
Yes
Yes
Task sync
Yes
No
No
No
Sent items sync
Yes
Items are only stored in the phone
Items are only stored in the phone
Items are only stored in the phone
Sync of Contact images
Yes
No
No
No
Meeting request, send
Yes
No
No
No
Meeting request, receive
Yes
Yes
Yes
No
Meeting request, reply
Yes
Yes
Yes
No
Global Address Lookup (GAL)
Yes
Yes
Yes
No
Remote wipe (IT wipe)
Yes, Full
Yes, Full
PIM data only
PIM data only
Exchange 2003 server policy settings
Yes
Yes
Limited support No
11
June 2010
Developers guidelines | Exchange Active Sync (EAS)
EAS server settings For detailed information about Exchange ActiveSync server features and settings, see Mobile Messaging with Exchange ActiveSync, White Paper, available at http://www.microsoft.com/exchange/evaluation/features/mobileaccesswp.mspx To make EAS clients in Sony Ericsson phones work properly with the server, the following settings on the server are required: • “User Initiated Synchronisation” must be enabled in “Server settings”, “Exchange Features” tab • “User Initiated Synchronisation” must also be enabled in the “Mobile Services Properties” dialog • “Enable Direct Push over HTTP(s)” should be checked in the “Mobile Services Properties” dialog (valid for Exchange server 2003 SP2 or higher)
• With Direct Push enabled, the phone EAS client keeps an idle HTTP(s) connection open to the server during the heartbeat interval. To secure that Direct Push works properly the firewall time-out value should be set to at least 15 minutes to allow the idle connection to persist. Note: In earlier Symbian OS phones, the heartbeat interval (Push cycle interval) could be set in the client, but in all phones mentioned in this document, this interval is set automatically via an adoptive algorithm • If any of the settings in the “Device Security Settings” dialog are checked, the “Allow access to devices that do not fully support password settings” checkbox must also be checked for EAS to work with Sony Ericsson feature phones. The M600, P990, W950 and early P1 phones only support the “Enforce password on device” setting
12
June 2010
Developers guidelines | Exchange Active Sync (EAS)
• Microsoft recommends that Exchange ActiveSync server environments are configured with both back end and front end servers. In configurations with only a back end server, the following settings are required: • The Exchange virtual directory on the Exchange back end server must not be configured to require SSL • Forms-based authentication must be disabled More information about these and other issues can be found in Microsoft’s knowledge base article “Exchange ActiveSync and Outlook Mobile Access errors occur when SSL or forms-based authentication is required for Exchange Server 2003”, available at: http://support.microsoft.com/kb/817379/en-us
SSL certificates Data transfer between the Exchange server and phone is made secure by applying SSL security to the HTTP protocol. This requires that the phone has a root certificate which match the certificate on the server during the SSL handshake to verify the identity of the server. All Sony Ericsson phones include a series of Certificate Authority (CA) root certificates issued by various companies. Most feature phones include root certificates from Entrust, Equifax, GlobalSign, Thawte and Verisign. The list of root certificates installed in a feature phone can be viewed by selecting Settings from the desktop, then selecting Security – Certificates – Trusted certificates. Most Symbian phones include root certificates from Baltimore, Entrust, Equifax, Geotrust, Globalsign, GTE, RSA Data, VeriSign and Thawte. The list of root certificates installed in a Symbian phone can be viewed by selecting Tools from the menu, starting the Control Panel application and selecting Security – Certificate Manager – the CA tab.
13
June 2010
Developers guidelines | Exchange Active Sync (EAS)
There are mainly three ways to handle SSL security with EAS: • An SSL certificate matching one of the root certificates included with the phone is installed on the server. The server certificate has to be purchased from the CA who issued the preferred root certificate. • An SSL certificate created on the server, based on a custom root certificate which is not present in the phone. For example, this may be the case when the company has a certificate of their own. In this case this custom root certificate must be installed on the phone. • Microsoft Small Business Server (SBS) is used. SBS usually generates a self-signed SSL certificate, which is not a root certificate and can therefore not be used as a certificate on the phone. The root certificate used to generate the self-signed certificate has to be installed on the phone instead.
Installing root certificates in a phone If the SSL certificate on the server is based on a root certificate that is not installed in the phone, this root certificate has to be installed on the phone to make EAS work. A root certificate to install on a phone must be either binary (DER) or base64 (PEM) encoded and the file format .cer. The certificate can be transferred to the phone in several ways. With feature phones the preferred method is to transfer the file over a Bluetooth connection and store it in phone memory or on a memory card. When the .cer file is opened, the certificate installs itself on the phone. The same method is applicable to Symbian phones but it is also possible to send the certificate file as an email attachment. A certificate file can also be downloaded to the phone, provided that its MIME type is “application/x-x509-ca-cert” on the download server.
Retrieving a custom root certificate from a server. If your server has a custom root certificate, rather than one issued by a CA, the following method can be used to install this root certificate on the phone: 1. On a desktop computer, use any Web browser and navigate to http://servername/ OMA. 2. Double click the “lock” icon in the bottom right hand corner of the browser window. This brings up the certificate information for the CA used on this site. 3. Double click the least indented entry in the certificate list, this is usually at the top of the list and is the root certificate. 4. Select the Details tab and click the Copy to File button. This starts the export process. 5. Export the file as a DER encoded binary (default). 6. Transfer the file to your phone and open it to install the certificate.
14
June 2010
Developers guidelines | Exchange Active Sync (EAS)
Retrieving a root certificate from an SBS server The following method can be used to retrieve a root certificate file on an SBS server and install it on a phone: 1. Install Windows Certificate Services from Windows Components. Both Certificates Services CA and Certificates Services Web are required. 2. On a desktop computer, use any Web browser and navigate to http://servername/ certsrv to download the CA certificate. Make sure it is DER encoded. 3. Transfer the file to your phone and open it to install the certificate.
EAS client features and settings EAS client in Sony Ericsson Symbian OS UIQ phones Note: Before setting up the EAS client, an Internet account must be defined in the phone. Note: The actual layout of setup screens may differ slightly between phone models. 1 “ActiveSync” wizard When the EAS client application is started for the first time, a setup wizard guides the user through five setup steps.
2 Server settings In step 2 of the wizard, the user enters the following: • User name and password for login to the Exchange server, typically the user name and password used to login to the corporate network • Server name. URL of the Exchange server. Note that the server name should not include “https://” • Domain. The server domain the user belongs to in the corporate network • SSL. This setting is enabled by default. Note that SSL must be disabled if it is disabled on the server, for example, when only a back end server is used
15
June 2010
Developers guidelines | Exchange Active Sync (EAS)
3 PC Suite disabled The user is informed that PC Suite synchronisation will be disabled to avoid conflicts between the two synchronisation methods.
4 Overwrite or merge data The user may select whether Exchange server data should overwrite data in the phone or merge. Overwrite is recommended to avoid duplicates.
5 Setup ready The user is given the options to start using the application or continue with more refined settings as below. These settings are also available by selecting Entertainment – Exchange ActiveSync from the phone desktop.
6a Edit server settings Here the user can change user name and password and other server settings.
16
June 2010
Developers guidelines | Exchange Active Sync (EAS)
6b Synchronisation scheduling The user can enable/disable Direct Push. If Push is disabled, the user may select an appropriate synchronisation schedule. There is also an option to allow or not allow synchronisation when roaming.
6c Email synchronisation settings The user can enable/disable email syncronisation and edit email sync settings, among others: • Date range, to allow limitation of how old emails from the Exchange inbox are shown in the phone • Email size, allowing the user to choose how much of an email can be viewed in the phone • Delete sent items, after how long time a sent email is deleted
6d Calendar synchronisation settings The user can enable/disable calendar synchronisation and set the date range for calendar items to be shown in the phone. It is also possible to reset calendar data, which erases all present calendar items in the phone. Data stored on the server is then downloaded in the next synchronisation.
6e Contacts synchronisation settings The user can enable/disable Contacts synchronisation and reset contacts data, which erases all present contacts items in the phone. Data stored on the server is then downloaded in the next synchronisation.
17
June 2010
Developers guidelines | Exchange Active Sync (EAS)
EAS client in Sony Ericsson feature phones Note: Before setting up the EAS client, an Internet account must be activated in the phone. Note: The actual layout of setup screens may differ slightly between phone models. 1 Synchronisation settings The user selects Settings – Connectivity from the desktop. Synchronisation settings are also available by selecting Organiser from the desktop.
2a New account The user selects the account type Exchange ActiveSync.
2b Name the account The user enters the name of the account.
3 Server settings The user enters the following: • Server address. URL of the Exchange server • Domain. The server domain the user belongs to in the corporate network • User name and password for login to the Exchange server, typically the user name and password used to login to the corporate network
18
June 2010
Developers guidelines | Exchange Active Sync (EAS)
4 Select data to synchronise The user checks which application data to synchronise.
5a Email synchronisation settings The user can edit email synchronisation settings, among others: • Message size, allowing the user to choose how much of an email can be viewed in the phone • Attachment size, allowing the user whether to download attachments or not, and if so, limit the maximum size of attachments to download • Date range, to allow limitation of how old emails from the Exchange inbox are shown in the phone • The user may also define a signature which will be included in all emails sent from the phone 5b Calendar synchronisation settings The user can set the date range for calendar items to be shown in the phone, up to 4 months back in time.
5c Advanced synchronisation settings The user can set Direct Push On or Off. If Push is set Off, the user may select an appropriate synchronisation schedule. There is also an option to allow synchronisation only on the Home Network or on all networks. SSL is enabled by setting Secure connection to On.
19
June 2010