在 Exchange ActiveSync 客户端上实施配置
Posted
技术标签:
【中文标题】在 Exchange ActiveSync 客户端上实施配置【英文标题】:Implementing Provision on Exchange ActiveSync client 【发布时间】:2014-11-10 23:52:39 【问题描述】:我正在尝试编写支持 Exchange Active Sync 策略的客户端。现在我在实施 Provision 步骤时遇到了困难。我一直在关注 Microsoft 文档并检查了其他几个示例,我认为我正在采取正确的步骤。
首先,我发送一个 Provision Cmd,它返回一个带有临时策略密钥的策略。
其次,我使用步骤 1 中的策略密钥发送第二个 Provision Cmd。 但是,对此确认的响应看起来与第 1 步的响应相同。这让我相信确认并没有真正发生。
之后尝试使用其他 Cmd,例如 FolderSync,会导致响应状态码为 142 (DeviceNotProvisioned),这表明服务器认为我未配置。
如果服务器没有为我的用户强制执行任何策略,我可以成功使用 EAS 协议(同步电子邮件、日历等)。所以我相信 Exchange 设置正确。一定是我跳Provision Dance的方式有问题。
第 1 步:首次提供请求:
Request:
POST /Microsoft-Server-ActiveSync?User=user8&DeviceId=482049E2C44C47E38438410E418E9B02&DeviceType=iPhone&Cmd=Provision HTTP/1.1
Host: mail.blahtest.com
Content-Type: application/vnd.ms-sync.wbxml
X-MS-PolicyKey: 3769048351
Content-Length: 85
Connection: close
Proxy-Connection: close
Cookie: X-BackEndCookie=S-1-5-21-1158204237-3780276595-2398335240-1113=u56Lnp2ejJqBm5nNx8bOyZ3Sz5ubyNLLns7G0saazszSzZudnJmcmsbHzszNgYHOztDOz9DNz87L38bFysfFy8nfr7I=
User-Agent: CS Mail/1.0.5 (iPhone Simulator; ios 8.1; Scale/2.00)
MS-ASProtocolVersion: 14.1
Authorization: Basic <snip>
Accept-Encoding: gzip
<?xml version="1.0" encoding="utf-8"?>
<provision:Provision xmlns:provision="Provision:" xmlns:settings="Settings:">
<settings:DeviceInformation>
<settings:Set>
<settings:Model>iPhone Simulator</settings:Model>
<settings:OS>iPhone OS8.1</settings:OS>
</settings:Set>
</settings:DeviceInformation>
<provision:Policies>
<provision:Policy>
<provision:PolicyType>MS-EAS-Provisioning-WBXML</provision:PolicyType>
</provision:Policy>
</provision:Policies>
</provision:Provision>
Response:
HTTP/1.1 200 OK
Content-Type: application/vnd.ms-sync.wbxml
Content-Encoding: gzip
request-id: 51d04ea0-a14d-4ec7-8784-39e46668eb2a
X-TargetBEServer: blahtest.blahtest.com
X-DiagInfo: blahtest
Set-Cookie: X-BackEndCookie=S-1-5-21-1158204237-3780276595-2398335240-1113=u56Lnp2ejJqBm5nNx8bOyZ3Sz5ubyNLLns7G0saazszSzZudnJmcmsbHzszNgYHOztDOz9DNz87L38bFysfFy8nfr7I=; expires=Mon, 10-Nov-2014 21:58:46 GMT; path=/Microsoft-Server-ActiveSync; secure; HttpOnly
X-FEServer: blahtest
Date: Mon, 10 Nov 2014 21:48:46 GMT
Connection: close
Content-Length: 342
<?xml version="1.0"?>
<provision:Provision xmlns:airsync="AirSync" xmlns:provision="Provision" xmlns:settings="Settings">
<settings:DeviceInformation>
<settings:Status>1</settings:Status>
</settings:DeviceInformation>
<provision:Status>1</provision:Status>
<provision:Policies>
<provision:Policy>
<provision:PolicyType>MS-EAS-Provisioning-WBXML</provision:PolicyType>
<provision:Status>1</provision:Status>
<provision:PolicyKey>3769048351</provision:PolicyKey>
<provision:Data>
<provision:EASProvisionDoc>
<provision:DevicePasswordEnabled>1</provision:DevicePasswordEnabled>
<provision:AlphanumericDevicePasswordRequired>0</provision:AlphanumericDevicePasswordRequired>
<provision:PasswordRecoveryEnabled>0</provision:PasswordRecoveryEnabled>
<provision:RequireStorageCardEncryption>0</provision:RequireStorageCardEncryption>
<provision:AttachmentsEnabled>1</provision:AttachmentsEnabled>
<provision:MinDevicePasswordLength/>
<provision:MaxInactivityTimeDeviceLock>300</provision:MaxInactivityTimeDeviceLock>
<provision:MaxDevicePasswordFailedAttempts>5</provision:MaxDevicePasswordFailedAttempts>
<provision:MaxAttachmentSize/>
<provision:AllowSimpleDevicePassword>1</provision:AllowSimpleDevicePassword>
<provision:DevicePasswordExpiration/>
<provision:DevicePasswordHistory>0</provision:DevicePasswordHistory>
<provision:AllowStorageCard>1</provision:AllowStorageCard>
<provision:AllowCamera>1</provision:AllowCamera>
<provision:RequireDeviceEncryption>0</provision:RequireDeviceEncryption>
<provision:AllowUnsignedApplications>1</provision:AllowUnsignedApplications>
<provision:AllowUnsignedInstallationPackages>1</provision:AllowUnsignedInstallationPackages>
<provision:MinDevicePasswordComplexCharacters>3</provision:MinDevicePasswordComplexCharacters>
<provision:AllowWiFi>1</provision:AllowWiFi>
<provision:AllowTextMessaging>1</provision:AllowTextMessaging>
<provision:AllowPOPIMAPEmail>1</provision:AllowPOPIMAPEmail>
<provision:AllowBluetooth>2</provision:AllowBluetooth>
<provision:AllowIrDA>1</provision:AllowIrDA>
<provision:RequireManualSyncWhenRoaming>0</provision:RequireManualSyncWhenRoaming>
<provision:AllowDesktopSync>1</provision:AllowDesktopSync>
<provision:MaxCalendarAgeFilter>0</provision:MaxCalendarAgeFilter>
<provision:AllowhtmlEmail>1</provision:AllowHTMLEmail>
<provision:MaxEmailAgeFilter>0</provision:MaxEmailAgeFilter>
<provision:MaxEmailBodyTruncationSize>-1</provision:MaxEmailBodyTruncationSize>
<provision:MaxEmailHTMLBodyTruncationSize>-1</provision:MaxEmailHTMLBodyTruncationSize>
<provision:RequireSignedSMIMEMessages>0</provision:RequireSignedSMIMEMessages>
<provision:RequireEncryptedSMIMEMessages>0</provision:RequireEncryptedSMIMEMessages>
<provision:RequireSignedSMIMEAlgorithm>0</provision:RequireSignedSMIMEAlgorithm>
<provision:RequireEncryptionSMIMEAlgorithm>0</provision:RequireEncryptionSMIMEAlgorithm>
<provision:AllowSMIMEEncryptionAlgorithmNegotiation>2</provision:AllowSMIMEEncryptionAlgorithmNegotiation>
<provision:AllowSMIMESoftCerts>1</provision:AllowSMIMESoftCerts>
<provision:AllowBrowser>1</provision:AllowBrowser>
<provision:AllowConsumerEmail>1</provision:AllowConsumerEmail>
<provision:AllowRemoteDesktop>1</provision:AllowRemoteDesktop>
<provision:AllowInternetSharing>1</provision:AllowInternetSharing>
<provision:UnapprovedInROMApplicationList/>
<provision:ApprovedApplicationList/>
</provision:EASProvisionDoc>
</provision:Data>
</provision:Policy>
</provision:Policies>
</provision:Provision>
第 2 步:第二条规定(意为确认):
Request:
POST /Microsoft-Server-ActiveSync?User=user8&DeviceId=482049E2C44C47E38438410E418E9B02&DeviceType=iPhone&Cmd=Provision HTTP/1.1
Host: mail.blahtest.com
Content-Type: application/vnd.ms-sync.wbxml
X-MS-PolicyKey: 3769048351
Content-Length: 85
Cookie: X-BackEndCookie=S-1-5-21-1158204237-3780276595-2398335240-1113=u56Lnp2ejJqBm5nNx8bOyZ3Sz5ubyNLLns7G0saazszSzZudnJmcmsbHzszNgYHOztDOz9DNz87L38bFysfFy8nfr7I=
User-Agent: CS Mail/1.0.5 (iPhone Simulator; iOS 8.1; Scale/2.00)
MS-ASProtocolVersion: 14.1
Authorization: Basic <snip>
Accept-Encoding: gzip
<?xml version="1.0" encoding="utf-8"?>
<provision:Provision xmlns:provision="Provision:">
<provision:Policies>
<provision:Policy>
<provision:PolicyType>MS-EAS-Provisioning-WBXML</provision:PolicyType>
<provision:PolicyKey>3769048351</provision:PolicyKey>
<provision:Status>1</provision:Status>
</provision:Policy>
</provision:Policies>
</provision:Provision>
Response:
HTTP/1.1 200 OK
Content-Type: application/vnd.ms-sync.wbxml
Content-Encoding: gzip
request-id: 3f9b10d1-2012-4df0-93c2-427cb37b8dfd
X-TargetBEServer: blahtest.blahtest.com
X-DiagInfo: blahtest
Set-Cookie: X-BackEndCookie=S-1-5-21-1158204237-3780276595-2398335240-1113=u56Lnp2ejJqBm5nNx8bOyZ3Sz5ubyNLLns7G0saazszSzZudnJmcmsbHzszNgYHOztDOz9DNz87L387Pxc/Nxc3K36+y; expires=Mon, 10-Nov-2014 22:02:25 GMT; path=/Microsoft-Server-ActiveSync; secure; HttpOnly
X-FEServer: blahtest
Date: Mon, 10 Nov 2014 21:52:25 GMT
Connection: close
Content-Length: 342
<?xml version="1.0"?>
<provision:Provision xmlns:airsync="AirSync" xmlns:provision="Provision" xmlns:settings="Settings">
<settings:DeviceInformation>
<settings:Status>1</settings:Status>
</settings:DeviceInformation>
<provision:Status>1</provision:Status>
<provision:Policies>
<provision:Policy>
<provision:PolicyType>MS-EAS-Provisioning-WBXML</provision:PolicyType>
<provision:Status>1</provision:Status>
<provision:PolicyKey>3769048351</provision:PolicyKey>
<provision:Data>
<provision:EASProvisionDoc>
<provision:DevicePasswordEnabled>1</provision:DevicePasswordEnabled>
<provision:AlphanumericDevicePasswordRequired>0</provision:AlphanumericDevicePasswordRequired>
<provision:PasswordRecoveryEnabled>0</provision:PasswordRecoveryEnabled>
<provision:RequireStorageCardEncryption>0</provision:RequireStorageCardEncryption>
<provision:AttachmentsEnabled>1</provision:AttachmentsEnabled>
<provision:MinDevicePasswordLength/>
<provision:MaxInactivityTimeDeviceLock>300</provision:MaxInactivityTimeDeviceLock>
<provision:MaxDevicePasswordFailedAttempts>5</provision:MaxDevicePasswordFailedAttempts>
<provision:MaxAttachmentSize/>
<provision:AllowSimpleDevicePassword>1</provision:AllowSimpleDevicePassword>
<provision:DevicePasswordExpiration/>
<provision:DevicePasswordHistory>0</provision:DevicePasswordHistory>
<provision:AllowStorageCard>1</provision:AllowStorageCard>
<provision:AllowCamera>1</provision:AllowCamera>
<provision:RequireDeviceEncryption>0</provision:RequireDeviceEncryption>
<provision:AllowUnsignedApplications>1</provision:AllowUnsignedApplications>
<provision:AllowUnsignedInstallationPackages>1</provision:AllowUnsignedInstallationPackages>
<provision:MinDevicePasswordComplexCharacters>3</provision:MinDevicePasswordComplexCharacters>
<provision:AllowWiFi>1</provision:AllowWiFi>
<provision:AllowTextMessaging>1</provision:AllowTextMessaging>
<provision:AllowPOPIMAPEmail>1</provision:AllowPOPIMAPEmail>
<provision:AllowBluetooth>2</provision:AllowBluetooth>
<provision:AllowIrDA>1</provision:AllowIrDA>
<provision:RequireManualSyncWhenRoaming>0</provision:RequireManualSyncWhenRoaming>
<provision:AllowDesktopSync>1</provision:AllowDesktopSync>
<provision:MaxCalendarAgeFilter>0</provision:MaxCalendarAgeFilter>
<provision:AllowHTMLEmail>1</provision:AllowHTMLEmail>
<provision:MaxEmailAgeFilter>0</provision:MaxEmailAgeFilter>
<provision:MaxEmailBodyTruncationSize>-1</provision:MaxEmailBodyTruncationSize>
<provision:MaxEmailHTMLBodyTruncationSize>-1</provision:MaxEmailHTMLBodyTruncationSize>
<provision:RequireSignedSMIMEMessages>0</provision:RequireSignedSMIMEMessages>
<provision:RequireEncryptedSMIMEMessages>0</provision:RequireEncryptedSMIMEMessages>
<provision:RequireSignedSMIMEAlgorithm>0</provision:RequireSignedSMIMEAlgorithm>
<provision:RequireEncryptionSMIMEAlgorithm>0</provision:RequireEncryptionSMIMEAlgorithm>
<provision:AllowSMIMEEncryptionAlgorithmNegotiation>2</provision:AllowSMIMEEncryptionAlgorithmNegotiation>
<provision:AllowSMIMESoftCerts>1</provision:AllowSMIMESoftCerts>
<provision:AllowBrowser>1</provision:AllowBrowser>
<provision:AllowConsumerEmail>1</provision:AllowConsumerEmail>
<provision:AllowRemoteDesktop>1</provision:AllowRemoteDesktop>
<provision:AllowInternetSharing>1</provision:AllowInternetSharing>
<provision:UnapprovedInROMApplicationList/>
<provision:ApprovedApplicationList/>
</provision:EASProvisionDoc>
</provision:Data>
</provision:Policy>
</provision:Policies>
</provision:Provision>
第 3 步(失败,状态为 142):下一个命令,例如 FolderSync:
Request:
POST /Microsoft-Server-ActiveSync?User=user8&DeviceId=482049E2C44C47E38438410E418E9B02&DeviceType=iPhone&Cmd=FolderSync HTTP/1.1
Host: mail.blahtest.com
Content-Type: application/vnd.ms-sync.wbxml
X-MS-PolicyKey: 3769048351
Content-Length: 13
Connection: close
Proxy-Connection: close
Cookie: X-BackEndCookie=S-1-5-21-1158204237-3780276595-2398335240-1113=u56Lnp2ejJqBm5nNx8bOyZ3Sz5ubyNLLns7G0saazszSzZudnJmcmsbHzszNgYHOztDOz9DNz87L387Pxc/Nxc3K36+y
User-Agent: CS Mail/1.0.5 (iPhone Simulator; iOS 8.1; Scale/2.00)
MS-ASProtocolVersion: 14.1
Authorization: Basic <snip>
Accept-Encoding: gzip
响应的状态为 142 (DeviceNotProvisioned) 这让我相信确认没有正确发生。
【问题讨论】:
你的序列看起来是正确的,FWIW。两个规定,第二个返回实际的 PolicyKey。不知道为什么会失败。 如何将 NSData 转换为 WBXML?你能分享一些你的想法吗?我正在开发一个需要集成 ActiveSync 协议的应用程序,您能指导我吗? 【参考方案1】:我可能错了,但我认为第二个请求的 X-MS-PolicyKey 标头应该是:
X-MS-PolicyKey:0
【讨论】:
其实我认为在第一个请求它应该是 0,然后在第二个它应该被填充。这表明客户收到了由 3769048351 临时标识的策略。我确实确保为第一次请求发送策略密钥 0,但不幸的是仍然看到问题。 但是您在请求正文中不是已经有了它吗?我的假设是基于流量,我通过代理捕获和分析,由 android ActiveSync 客户端生成 我刚刚检查并为我工作,同时使用 JMeter 编写 ActiveSync 测试计划【参考方案2】:我的代码中存在一个问题,即没有在帖子正文中正确设置 PolicyKey。我现在开始工作了。
【讨论】:
以上是关于在 Exchange ActiveSync 客户端上实施配置的主要内容,如果未能解决你的问题,请参考以下文章
如何将 PC 桌面邮件客户端同步到 Exchange Activesync 服务器?
Exchange 2007 ActiveSync - 重新创建 IIS 虚拟目录
通过 Exchange ActiveSync (EAS) 为 Office365 使用 OAuth2
Exchange Web Service 与 Exchange ActiveSync(或者当您可以免费获得奶牛时,为啥还要购买牛奶?)