Solved

Activesync unable to sync with exchange server

Posted on 2006-06-17
13
2,013 Views
Last Modified: 2009-07-29
I know this question has been asked a million times in many differnt forums but i have yet to find one that is similar to my problem.  

First of all to explain my problem i am trying to syncronize a new t-mobile mda and also a t-mobile sda via a 2003 exchange server.  Within active sync i am getting an error code 85010004 followed by a brief description of the problem:
"account in microsoft exchange server does not have permissions to syncronize wint your current settings"

Now i know many times it is a problem with an SSL certificate but that is not the case everything is set up perfectly.  I know this becasue it syncs for some users and not for others using the exact same phone. I have created a certificate and imported it into the phone and with user A everything works perfectly on phone number 1.  Now if i change phone number 1 to user A i get the error message.  The same with phone number 2, user A works perfectly and User B gets the error.  

Now out of the 6 accounts that need to be able to sync only about 3 of them work.  So im kinda of lost here as ive looked everywhere in all settings and i cannot find anywhere that would give access to activesync to some users and not to others.  And yes i have checked the mobile services option within active directory.  Outlook Mobile Access, User initiated synchronization, and up-to-date notifications are all enabled.  

What could be causing some users to work and others not to???????
0
Comment
Question by:taylorludwig
  • 7
  • 5
13 Comments
 
LVL 18

Expert Comment

by:amaheshwari
ID: 16926557
HTTP_403 85010004 A forbidden HTTP communication or protocol was used.
- OR -
Your account does not have permission to sync with your current settings. Contact your Microsoft Exchange administrator. Remove the item from the synchronization list.

cause:
1. The Microsoft-Server-ActiveSync virtual directory on your server is configured to require SSL and you are using a device without SSL.
2. The Exchange virtual directory on your mailbox server is configured to require SSL.
3. This error could occur if host headers are being used and the request goes to the wrong Web site.
Resolution:
1. On your Pocket PC 2003-based device, click Start, ActiveSync, Tools, Options, Server and check the box “This server uses an SSL connection”.
2. On your Smartphone 2003-based device, click Start, ActiveSync, Menu, Options, Server Settings, Connection and check the box “This server uses an SSL connection”.
3. Verify that host headers are configured correctly.
0
 
LVL 104

Expert Comment

by:Sembee
ID: 16926569
Are you attempting to use AUTD? If you are using a handheld with Windows Mobile 5.0 and MSFP then this feature is no longer used. If you made any settings to use AUTD you should undo them.

I always recommend that when changing users on a handheld that the device is hard reset. You may also want to look at the mobile admin tool (free download from Microsoft) to ensure that the handheld is not attached to a specific user account.

Simon.
0
 
LVL 3

Author Comment

by:taylorludwig
ID: 16926730
I have a couple questions.

Where are the host headers and what would qualify them as set up correctly?
and
What is AUTD? and how would i disable that? is it an option for just certain users?

Everything else i have cheked.
0
 
LVL 3

Author Comment

by:taylorludwig
ID: 16926936
I tried taking a look at the binding cleanup tool from microsoft i got it from this address http://www.microsoft.com/downloads/details.aspx?FamilyID=7fce5d4d-5d92-4210-9b96-a7fedca38325&displaylang=en   but i got this error in the log:

Starting Log...
Opened User File: C:\Documents and Settings\taludwig\Desktop\autd\BindingCleanup\users.txt
Object reference not set to an instance of an object.
Successfully enumerated AUTD bindings for: taludwig

but in the program it does show many any information to delete.  It has the same problem for the users that do work also.
0
 
LVL 104

Expert Comment

by:Sembee
ID: 16927479
Host headers are configured in IIS Manager. If you are using SSL then you cannot use host headers. Exchange in general doesn't play well with host headers.

AUTD is "Always Up To Date". It was how Microsoft did push before the MSFP feature set was released. It uses email to SMS gateways which are very common in the USA, but almost unheard of outside of the USA.

Make sure that you don't have require SSL enabled on either the /exchange virtual directory or the /Microsoft-Server-Activesync virtual directory in IIS Manager. That doesn't affect your ability to use SSL, just being able to require it.

Simon.
0
 
LVL 3

Author Comment

by:taylorludwig
ID: 16927742
Everything is set up correctly.  I have tried the accounts that dont work without using AUTD and still get the same error.  Like i said before i really doubt its a problem with the SSL certificate or any global settings since half of the users work fine.  Where are all the possible places where there are mobile and activesync settings that you can ajust per user?

Also i dont know if it matters but im using SP1.  Some of the mobile tools only work on sp2 so i havent been able to use as many of microsfts digonostics tools as i would like to.
0
Promote certifications in your email signature

Has your company recently won an award or achieved a certification? They'll no doubt want to show it off. Email signature images used to promote certifications & awards can instantly establish credibility with a recipient and provide you with numerous benefits.

 
LVL 104

Expert Comment

by:Sembee
ID: 16927890
Any reason you are still on SP1? The whole interface for EAS was changed in SP2. I would strongly advise going to SP2 as soon as possible. There is virtually no reason not to. It has been available for almost 12 months and is considered rock solid.

Simon.
0
 
LVL 3

Author Comment

by:taylorludwig
ID: 16930598
No not really im looking into it right now.  Ive just never got around to it as our exchange has been stable as a rock no problems and i didnt see a reason to mess with it.  Do you think if i installed SP2 it might fix this problem?????
0
 
LVL 104

Expert Comment

by:Sembee
ID: 16930792
I wouldn't say it would fix the problem - it might.
The thing is that the changes are significant enough that I cannot even remember how it worked on SP1. The number of people still running SP1 is very small, and most of the top experts will be on SP2 now.
Get on to SP2 and you are on a platform that is known and the issues with the mobile devices can be worked on. We are dealing with a problem involving OMA or EAS most days and have been for the last six weeks or so.

While I appreciate your reason for not going to the latest service pack - and it is the most common reason given - it is no longer a valid reason. Service Packs fix problems and more importantly patch security holes that have been found in the application. With the time between fix and exploit shortening all the time, you should install the service pack as soon as possible. I had it running on all sites that I manage within weeks of release.

Simon.
0
 
LVL 3

Author Comment

by:taylorludwig
ID: 16932547
Alright i will try and get that on there the beggining of this week.  But i still need the original problem fixed.  Any suggestions? The options are still pretty similar to the point where whatever suggestins you have on SP2 i can work out on SP1
0
 
LVL 3

Author Comment

by:taylorludwig
ID: 16940843
Since sp2 isnt really going to fix it i think im just going to do a fresh install of server and exchange on a differnt system.  Ive been wanting to upgrade to a nicer server this one is a getting kinda old.  Is there any other suggestions on how to fix it before i start from scratch?
0
 
LVL 104

Accepted Solution

by:
Sembee earned 500 total points
ID: 16946945
If you are going to move to a new server, then I would switch over to that one first. I don't believe in trying to get something old to work if you are going to replace it shortly afterwards with something new.

The fixes for EAS on SP2 are well documented. I have no idea if they will work on SP1 because I have never tried - and have no intention of doing so. As far as I am concerned there are no reasons not to go to Service Pack 2 for Exchange.

Simon.
0
 
LVL 3

Author Comment

by:taylorludwig
ID: 17014562
I know its been a while, we are currently in the process of testing a new server and setting it up hopefully after a fresh install it will just solve the problem.  There has been hardware issues this last week on the exchange server so its time to compltely upgrade.  Thanks for the responses.
0

Featured Post

IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

We are happy to announce a brand new addition to our line of acclaimed email signature management products – CodeTwo Email Signatures for Office 365.
Follow this checklist to learn more about the 15 things you should never include in an email signature from personal quotes, animated gifs and out-of-date marketing content.
In this video we show how to create a Distribution Group in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >>…
To show how to create a transport rule in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Rules tab.:  To cr…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now