Solved

Server Encountered a Problem. Support Code:85010014 when I try to sync to Exchange Server

Posted on 2006-12-01
25
658 Views
Last Modified: 2009-07-29
I am trying to do a better job of wrapping up issues here, but my problem is this; I have a Sprint PPC 6700 from AudioVox. I had the device working just fine on one Exchange 2003 Server, but I decided to switch to a server I am using more. So, I did a hard reset of the system wiping it clean and input the correct data. Now, everytime I try to sync to the server using the Cell Phone link (not Active Sync on the Laptop - although the result is the same there) I get the Error or support code 85010014. I am not finding anything that guides me to a solution with the server environment. Most of what I have found points to the Outlook-PDA relationship. Since I am not using that, I am not sure where to go from here. Any help would be greatly appreciated. I believe the server is setup correctly because I have other users with the very same model of phone (as well as some I600s) and they are not having any difficulties getting their devices to Sync. Mine is the only one out of six devices. PLEASE HELP!!! It is killing me to keep missing emails and not getting the updates from the office in my contacts. I didn't know how much I used the synchronization until it was gone.

Thanks,
Blaine
0
Comment
Question by:ber8630
  • 13
  • 7
  • 5
25 Comments
 
LVL 5

Expert Comment

by:myfootsmells
ID: 18057759
What SSL certificate company are you using to provide Exchange-Activesync on your SBS box?

Michael
myfootsmells
0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 18057988
Well, actually even though you are synching over the air, Outlook can still be the problem.  Especially if it's modifying your Exchange mailbox with information that doesn't mesh up right with the info on your device... AND you say that the problem exists when you connect to your laptop as well.  There are all sorts of tags that Outlook and the device add to messages to let Exchange know what to do with the messages.  For instance, if you delete a message from your phone that has already been displayed in Outlook it still needs to be updated in Outlook.

So, you say that you switched Exchange servers... was there a previous mobile profile on your computer that may have been reinstalled?  Were you using the same Outlook for both? (assuming 2 profiles).

Listen to what you're seeing on the Net, a list of which is here:  http://www.pocketpcfaq.com/faqs/activesync/tshoot-as4x-85010014.htm

Also, are you using ActiveSync 4.2?

Jeff
TechSoEasy
0
 

Author Comment

by:ber8630
ID: 18070909
Michael

On this particular server, the SSL is home-grown (MS CA), but we have not been using SSL on this server for MS Exchange Active Sync. With so few users, we just have not felt the need so far.

Thanks,
Blain
0
 

Author Comment

by:ber8630
ID: 18071000
Jeff,

I didn't think about the fact that the Outlook Client could indeed affect the PDA/phone. Just in case it matters, I was trying to get the device to Sync with the server before I tried syncing with the PC to see if I got any different results. I did not, however, the local data such as note and such did sync with the PC successfully.

For your question about the different servers; both my phone and computer were syncing to another Exchange server under another completely different URL and it was using SSL. Then, later it got the point that I rarely did much with that organiation and second organization whom I do an increasing amount has Exchange running as well. I already had several users running for many months on this server, so I chose to make this my primary server for email, syncing, etc. This server does NOT use SSL. So, I switched my phone and computer over to the second server. The PC works fine and is under a clean profile. I did a hard reset on the PDA and have not gotten it so sync once. I did have at one point ann I600 syncing to this account, but that was more than a year ago when I was testing. Does that have an impact?

I was using AS 4.1 and did install AS 4.2 over the weekend, but no change on that. I am now reviewing the information that you provided in the URL above.

Thanks,
Blaine
0
 

Author Comment

by:ber8630
ID: 18071196
Jeff,

I did as the URL above suggested, I removed, rebooted, and then re-installed Outlook, and rebooted again. I did not get any change in results.

Thanks,
Blaine
0
 
LVL 5

Expert Comment

by:myfootsmells
ID: 18071240
I'm pretty sure Exchange ActiveSync requires an SSL connection.  If you check out this article http://www.microsoft.com/technet/itsolutions/mobile/deploy/msfp_a.mspx and scroll down to the section titled "Configuring Certificate-Based Authentication for Exchange ActiveSync"

Since you're using a homegrown version of an SSL cert, you need to import that to your phone because by default Windows Mobile only supports the large companies.  You can find directions here http://blogs.msdn.com/windowsmobile/archive/2006/01/28/making_a_root_cert_cab_file.aspx

Hope this helps.

Michael
myfootsmells
0
 

Author Comment

by:ber8630
ID: 18071273
Michael,

Thanks for the update. I do plan on moving to SSL for the Mobile devices at some point, but I haven't had the time to do it correctly. In the meantime though, I have seven different users and devices syncing to the system with I600s and PPC6700s all syncing fine without SSL. The server I was using previously, I did use SSL there and was OK, I had to import the certificate and root authority as you mention above. But, since everyone else is working without it on this server, I am trying not to go down that road right now.

Thanks,
Blaine
0
 
LVL 5

Expert Comment

by:myfootsmells
ID: 18071337
Blaine

Odd.  Have you checked the Event Viewer logs on the Exchange server when this person tries to connect?  Also have that user go to http://blitz-dc1/oma on the mobile phone and type in his username password.  The username will be in the format of username@domainname.com

Let me know

Michael
0
 

Author Comment

by:ber8630
ID: 18071520
Micheal,

I cleared all of the error logs from the server and then tried to sync, nothing happened. So, I tried going to the URL for our server with /oma. The username and password dialogue came up. I entered all the information, then I got a screen that said" Server Error in '/OMA' Application.

Runtime Error

Then it gives me scripting information for "custome errors."

Then I got back to the Error Log and notice one that references the OMA error with a great deal of information in it. It is below.

Thanks,
Blaine


Event code: 3005
Event message: An unhandled exception has occurred.
Event time: 12/4/2006 2:17:34 PM
Event time (UTC): 12/4/2006 8:17:34 PM
Event ID: 9f53539e48f7451e9eebf7f709e83934
Event sequence: 2
Event occurrence: 1
Event detail code: 0
 
Application information:
    Application domain: /LM/W3SVC/1/root/OMA-1-128097370524062500
    Trust level: Full
    Application Virtual Path: /OMA
    Application Path: c:\program files\Exchsrvr\OMA\Browse\
    Machine name: CWC-SRVR
 
Process information:
    Process ID: 5056
    Process name: w3wp.exe
    Account name: NT AUTHORITY\NETWORK SERVICE
 
Exception information:
    Exception type: InvalidOperationException
    Exception message: Collection was modified; enumeration operation may not execute.
 
Request information:
    Request URL: http://www.cwranch.net/oma/oma.aspx
    Request path: /oma/oma.aspx
    User host address: 70.183.89.11
    User:  
    Is authenticated: False
    Authentication Type:  
    Thread account name: NT AUTHORITY\NETWORK SERVICE
 
Thread information:
    Thread ID: 1
    Thread account name: NT AUTHORITY\NETWORK SERVICE
    Is impersonating: False
    Stack trace:    at System.Collections.ArrayList.ArrayListEnumeratorSimple.MoveNext()
   at Microsoft.Exchange.OMA.Tracing.OmaTrace.set_DebugOutputTracing(Boolean value)
   at Microsoft.Exchange.OMA.UserInterface.Global..ctor()
   at ASP.global_asax..ctor()
 
 
Custom event details:

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 18071763
It doesn't make any sense that you are able to connect to your server without SSL unless you've disabled the certificate check.

I would also think that even though you did a hard reset on the device, that there may still be a cache of some sorts left over that is causing an error.

But first, I would check to see if you can log into OMA from your Workstation on the LAN by going to http://<servername>/oma

If you can do that, then your account should be working fine.

The SBS - Mobile 5 Deployment instructions have a troubleshooting section at the bottom of http://sbsurl.com/mobile which states this:

Some Users are Not Able to Synchronize
If some users are not able to synchronize their devices while others can, perform the following checks:

• On the Exchange Features tab of the user account properties dialog, ensure that all mobile services are set to Enabled.
 
• Ensure that the device has Internet access by browsing to a Web site from the device.
 
• Some carriers require a SIM update to use data service. Check with your mobile operator for any such requirements.
 
• Ensure that the time and time zone is set properly on the device.
 
• Some devices cache the IP address of DNS names. If your Windows SBS server uses a dynamic IP address in conjunction with Internet services such as DynDNS.org, you may need to reset the device if your IP address changes.
 
• If you are using Smartphones, you may have to use a third-party certificate from a trusted CA.  Many Windows Mobile 5.0 powered Smartphone devices cannot use self-signed certificates.  However, all Pocket PC devices are capable of adding self-signed certificates, so they can work without third-party certificates.
 

The only two items that I think are relevant are Time Zone and DNS Cache.  Even though you aren't using a dynamic IP, your phone still could be caching the address.  

Jeff
TechSoEasy
0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 18071822
Also, I don't know if you've reviewed this document lately, but it was just revised a couple of weeks ago.  It may be worth just going through the motions of EACH step.
http://www.microsoft.com/downloads/details.aspx?FamilyID=8be70d72-1e5a-4128-a30c-dafeeb43544d&displaylang=en

Jeff
TechSoEasy
0
 

Author Comment

by:ber8630
ID: 18072010
Jeff,

Thanks again for your help!!!!

As you know when you first set up the server, you can select whether you want to use SSL or not with a checkmark. All of our users on this server, which is not many, have that check mark deselected; thus, the disablecertchk.exe is not necessary--or at least so far.

I verified that the User Settings has all three of the mobile services enabled for my user.

When I access the www.cwranch.net/oma, It made me enter my username and password twice and then gave me the following:

Server Error in '/OMA' Application.
--------------------------------------------------------------------------------

Runtime Error
Description: An application error occurred on the server. The current custom error settings for this application prevent the details of the application error from being viewed remotely (for security reasons). It could, however, be viewed by browsers running on the local server machine.

Details: To enable the details of this specific error message to be viewable on remote machines, please create a <customErrors> tag within a "web.config" configuration file located in the root directory of the current web application. This <customErrors> tag should then have its "mode" attribute set to "Off".


<!-- Web.Config Configuration File -->

<configuration>
    <system.web>
        <customErrors mode="Off"/>
    </system.web>
</configuration>
 

Notes: The current error page you are seeing can be replaced by a custom error page by modifying the "defaultRedirect" attribute of the application's <customErrors> configuration tag to point to a custom error page URL.


<!-- Web.Config Configuration File -->

<configuration>
    <system.web>
        <customErrors mode="RemoteOnly" defaultRedirect="mycustompage.htm"/>
    </system.web>
</configuration>
 ____________________________________________________________________________________________________________________________________________________________________________________________
So, I decided to the same thing from the Server itself and I tried entering the same username and password credentials several times before it finally gave me this error:

You are not authorized to view this page
You do not have permission to view this directory or page using the credentials that you supplied.
--------------------------------------------------------------------------------

Please try the following:

Contact the Web site administrator if you believe you should be able to view this directory or page.
Click the Refresh button to try again with different credentials.
HTTP Error 401.1 - Unauthorized: Access is denied due to invalid credentials.
Internet Information Services (IIS)

--------------------------------------------------------------------------------

Technical Information (for support personnel)

Go to Microsoft Product Support Services and perform a title search for the words HTTP and 401.
Open IIS Help, which is accessible in IIS Manager (inetmgr), and search for topics titled Authentication, Access Control, and About Custom Error Messages.

____________________________________________________________________________________________________________________________________________________________________________________________________

At that point, i decided to try logging on locally (at the server) and outside the firewall using an account  (username and password) I knew was working. Got the same issues and errors.

OK, I have not looked at the URL you gave me yet, I will look at it as well. Something seems to hit the back of my mind the SP1 for Exchange started those errors where I could not decisively point to anything not working. Case in point, I just check with two of my users, one with a 6700 and one with an I600 and they are still syncing just fine.

I am confused,
Blaine


0
Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

 
LVL 5

Expert Comment

by:myfootsmells
ID: 18072296
The users that are able to sync with their phones, can you have them try going to http://computername/oma?  Also, please confirm you're not using SSL w/ Exchange ActiveSync.

Launch IIS Manager
Expand Websites
Right Click Default Web Sites > Properties
Directory Security Tab
Under Secure communications frame are you able to click Edit?  If so Click Edit.
Is Require secure channel (SSL) checked?  Is Require 128-bit encryption checked?

Michael

0
 

Author Comment

by:ber8630
ID: 18072581
Michael,

I am able to get to the Secure Communications Dialogue and Require SSL is NOT checked; thus, the 128 Option is greyed out, but it is not checked either.

I will have to get back with someone in a little bit to see if I can get them to go to OMA. Everyone left me early today. I am obsessed with this problem.

I just downloaded the new build from Sprint, installed that on the phone, which effectively wipes the device clean and starts all over. It still gives me the 85010014 stuff.

Thanks again,
Blaine
0
 
LVL 5

Expert Comment

by:myfootsmells
ID: 18072706
That's odd if you haven't disabled the cert check you MUST be running SSL to use Exchange ActiveSync.  I'm stumped for now, let me know what happens when those other users attempt to hit the oma site.  Jeff you have any thoughts on this?

Michael
0
 

Author Comment

by:ber8630
ID: 18072720
Micheal,

Just for clarification, when you first setup the device to sync with the server, it gives you the option to sync without SSL. I warns you about the risk of doing so, but it does allow you to do that. I have had to use disablecertchk.exe when using my home grown SSL certificate on the other server in the past, but I later upgraded the certficate and did not have to do that any longer. All of my users on this particular server have not had to disablecertchk because they have told it not to use SSL to begin with as we setup the device.

Thanks again,
Blaine
0
 
LVL 5

Expert Comment

by:myfootsmells
ID: 18072905
Blaine

Yes I see that option "This server require an encrypted (SSL) connection."  From Microsoft's website regarding this issue:

Q.      Does Exchange ActiveSync require SSL authentication?
A.      It depends on the device. Windows Mobile 2002 powered devices connect over Secure Sockets Layer (SSL). Windows Mobile 2003 powered devices do not require SSL. However, it is strongly recommended that you use SSL to protect your data and credentials. To enable SSL authentication on Windows Mobile 2003 powered devices, in the ActiveSync Server Synchronization settings, select the This server uses an SSL connection option.

Well I don't know then.  Let's wait until the users who can sync try and log onto the OMA site.

Michael
0
 
LVL 74

Accepted Solution

by:
Jeffrey Kane - TechSoEasy earned 500 total points
ID: 18072918
It's possible that the permissions aren't set correctly in the IIS directories.  If you run the Configure Email and Internet Connection Wizard, then this should fix those issues.  

I was mistaken about disablecertchk because that's only valid for PPC 2002 and 2003, not Win Mobile 5.  But just to clarify, disablecertchk is not run on the Exchange server, but rather on the device.  So it's still possible that the device is looking for a proper ssl certificate.  I certainly wouldn't use ActiveSync without it.  

Apparently, there is a ROM update for the PPC 6700, so you do want to be sure you've installed that:
http://www4.sprint.com/pcsbusiness/support/downloads/index.jsp?internalId=downloads

Then, review this:  http://support.microsoft.com/kb/817379  which was the accepted answer here:  http:Q_22048573.html
Lastly, this was of help to another person with this same issue:  http://snipurl.com/142io

Jeff
TechSoEasy

0
 

Author Comment

by:ber8630
ID: 18076847
Jeff,

You are very helfpful, I am going over the links you gave me now, but I thougt I would let you know that the Build I am running right now on my 6700 is 14847.2.0.0. You are right, I use to run the disablecertchk.exe on my phone when I was on the other server and it had a home grown certificate. When I finally bit the bullet (we had too many phones being added to make it worth the effort), I turned that off. I was afraid that might have something with this issue, that is why i chose to wipe the machine completely clean. Once I get things stable with my phone and through the holidays I plan on getting SSL setiup on this other server. Please forgive my failure there. I know it is not a good idea, but this server/network environment, I volunteer to take care of, so I have to do it in my free time. Too much information I am sure.

Again, I appreciate your help, and I will let you know what I find out here in a minute.

Thanks,
Blaine
0
 

Author Comment

by:ber8630
ID: 18077595
Jeff,

While I am going down this road, I thought I would update you and let you know that running the Email and Internet Connection Wizard, nothing changed. I am still going over the KB articles and comparing them to the error logs. I will let you know what I find.

Thanks,
Blaine
0
 

Author Comment

by:ber8630
ID: 18077599
Michael,

Had another user check and they said they were getting they same error as I was, but they are able to sync still.

Thanks again,
Blaine
0
 
LVL 5

Expert Comment

by:myfootsmells
ID: 18078544
Hey Blaine

You could always secure your network and purchase a legit SSL certificate: https://www.thawte.com/process/retail/new_ssl123?language=en&productInfo.productType=fssl2

:)

I'm baffled.  Let me know what you find.

Michael
0
 

Author Comment

by:ber8630
ID: 18135058
Hello  Jeff and Michael,

I am sorry, I have a new building opening this week which is killing my trouble-shooting time as well as the wisdom teeth had to be removed. I just did not want you to think I was flaking.

Thanks for your patience.
Blaine
0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 18135074
Blaine...

We'll send some ice cream your way!

:-)
0
 

Author Comment

by:ber8630
ID: 18358800
Jeff & Michael,

I forgot, I was going to update you on what I found to be the problem after many agonizing hours with all the "moving parts." It is actually several items conspiring against me, but ultimately, I thought I had Exchange SP2 on this server, but I was wrong. After I ran the Best Practices utility, it showed that I was on SP1. I had forgotten from a previous nightmare that in versions prior to SP2 you could not have the primary email address of the user be something other than the primary SMTP address of the default recipient policy. That has been addressed in SP2 of Exchange and when I loaded that on, all went to syncing without me having to change my primary email address to match the primary SMTP for the default recipient policy. I hope this helps someone else. This is of course related to the Exchange Active Sync, not the Outlook local client sync. I could sync fine to the local Outlook client, but not the server.

Again, I thank you both for your help on this.

Thanks,
Blaine
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

This guide is intended for migrating Windows 2003 Standard with Exchange 2003 to Windows Small Business Server 2008. You will need the following: Exchange Best Practice Analyzer: http://www.microsoft.com/downloads/details.aspx?FamilyID=DBAB201F-…
Introduction At 19:33 (UST) on Tuesday 21st September the long awaited email arrived with the subject title of “ANNOUNCING THE AVAILABILITY OF WINDOWS SBS 7 PREVIEW”.  It was time to drop whatever I was doing and dedicate as much bandwidth as possi…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.
Polish reports in Access so they look terrific. Take yourself to another level. Equations, Back Color, Alternate Back Color. Write easy VBA Code. Tighten space to use less pages. Launch report from a menu, considering criteria only when it is filled…

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now