Solved

AES/OMA/OWA work but Exchange still shows Server Active Sync Error Event id 3029.

Posted on 2007-03-26
11
2,691 Views
Last Modified: 2012-06-27
I have OWA, OMA, and AES all working.  OWA is enabled with certificate based authtentication.  All is well!  I have one Exchange Server in our organization.  I have only port 443 opened on my firewall.  I am still getting event id 3029, Server Active Sync Error on my exchange server.  I applied http://support.microsoft.com/default.aspx?kbid=817379 and that got me on the right track to send and recieve email on mobile smartphones.  OMA works with no problems too!  OWA is still on certificate base authentication and that works as well!.  I do not get the OMA error(event id 1503) as I did before I applied kb817379, but I still get event id 3029 for AES.  Should I worry about this?  Or is there a way to disable this error events?
0
Comment
Question by:scopeortho
  • 8
  • 3
11 Comments
 

Author Comment

by:scopeortho
ID: 18796589
I think I may have found my problem I believe I still had Require SSL on the AES directory.  I just disabled it right now.  So I will look at the logs later to see if I am still getting these errors.
0
 
LVL 104

Expert Comment

by:Sembee
ID: 18796597
If you are getting the error about require SSL being enabled, then you need to disable that option. Require SSL is not compatible with EAS, and you cannot have that option enabled on the virtual directory.

A common mistake and something that Microsoft do not make clear in 817379 is that you need to turn off FBA and Require SSL before doing the export of the /exchange virtual directory. If you don't then the broken configuration comes along with it.

Simon.
0
 

Author Comment

by:scopeortho
ID: 18800172
You lost me at FBA I am not sure what that is???  I made sure that the Microsoft Active-Sync Virtual Directory and exchange-oma directory do not have Require SSL enabled.  And I set both of them to authenticate with Integrated Windows Authentication.  Is this correct???

Dennis
0
VMware Disaster Recovery and Data Protection

In this expert guide, you’ll learn about the components of a Modern Data Center. You will use cases for the value-added capabilities of Veeam®, including combining backup and replication for VMware disaster recovery and using replication for data center migration.

 
LVL 104

Expert Comment

by:Sembee
ID: 18800389
FBA is forms based authentication, the web page for login to OWA instead of the standard username and password prompt.

If the process is working then the authentication is correct. I haven't got access to a site configured in that way at the moment to check.

Simon.
0
 

Author Comment

by:scopeortho
ID: 18801971
Sorry about FBA have not seen that abreviation.  Yeah all accesses work, but now my emails are not getting pushed to my mobile smartphone.  I have to initaite an ActiveSync on the mobile phone in order to recieve emails.  And when I initiate an ActiveSync it does it twice...  Should I redo the KB817379.  When I did this yesterday, I am more than positive that I disabled FBA before I saved the configuration.  But I did notice yesterday that RequireSSL was enabled on Microsoft Active-Sync Virtual Directory.  What do you think Simon?

Dennis
0
 

Author Comment

by:scopeortho
ID: 18802046
I am seeing that sometimes emails do get pushed to my mobile phone.  But I still at times have to manaully initiate an ActiveSync.

Dennis
0
 

Author Comment

by:scopeortho
ID: 18802077
AND!!! the Event ID Error is only when the Exchange Server pushes the emails to the mobile device.  Do I have a big problem with AES on my server?
0
 

Author Comment

by:scopeortho
ID: 18802660
I have been troubleshooting my Auto Up to Date on my Exchange and it is not working.  Before I implemented FBA on the Exchagne Server I had no issues at all.  Now when the Exchange server does initiate a push I get the Error 3029, and it pushes out the message to the device.  But that is only after I restart IIS, once it does one push then it will no longer do any pushes.  I can initaite an Active Sync on my device and all is good I do not get the error on the server.  So I am seeing that the AUTD on Exchange is still thinking that Active-Sync Directory has SSL required.  Does this mean that it is not looking at the right directory?  That what it looks like to me.  I looked at ActiveSync Logs from my device I could not decipher all that information.  I am working with this posting: http://msexchangeteam.com/archive/2006/04/03/424028.aspx and I have looked at the logs on my smartphone and IIS and I see these entries.  What I am not finding is the AUTDState.XML on my exchange server.  Is this a problem???

Dennis
0
 
LVL 104

Accepted Solution

by:
Sembee earned 250 total points
ID: 18804256
If you have been pulling around the configuration of IIS, I would probably suggest that you reset the virtual directories
http://support.microsoft.com/default.aspx?kbid=883380

Remember to remove the registry key created as part of 817379.
Don't change anything else after resetting the virtual directories. If you have an SSL certificate in place, leave it alone. DO NOT enable forms based authentication.
See whether things work then.

Then reapply 817379, or my version of the instructions here: http://www.amset.info/exchange/mobile-85010014.asp

Only then enable forms based authentication.

Simon.
0
 

Author Comment

by:scopeortho
ID: 18804272
I will try that this evening I will let you know how it goes...

Dennis
0
 

Author Comment

by:scopeortho
ID: 18808674
Simon, thanks for the help you also helped me out on a prior issue with SSL on Exchange for OWA.  You are awesome!  Anyways I tried method 3 form KB883380 and it did not re-create my Exchange Virtual Directories.  What I am planning to do next year is hopefully add a front end Exchange server so we can have a good configuration before migrating to Exchange 2007.  But that is down the road.  I cannot unfortunately bring OWA down since there are serveral users that gain access to their email via the web.  For right now I am not expecting many users on AES maybe up to 5 users only and they will not entirely depend on Mobile Access to their mailbox.  So I am not stressing AUTD on AES.  Since ActiveSync can be programmed to get message every 5 minutes and ther seems to be no issue with the Exchange Server I will leave the configuration as is.  If need be something goes entirely bad, I do have the documenation to re-create the directories rather than re-installing exchange and recovery the information store from back-up.  This is good I will add this to my disaster Recovery document for our Exchange Server.  AUDT still does one push of email and then stops working.  This leads me to beleive that there is something wrong with http directory since the PING command from the device is working properly.  But I will keep an eye on it.  As of now the problem is not resolved but the server is functional!  I am supprised that more people have not had the same issue as me since I know a lot of organization do not deploy FE/BE Exchange configurations.  Maybe people do not deploy Certificate FBA or do not allow OWA/OMA/AES access.  But these were the selling points of Exchange server and that is why we migrated from a POP3 email based configuration to Exchange.

Dennis
0

Featured Post

Optimizing Cloud Backup for Low Bandwidth

With cloud storage prices going down a growing number of SMBs start to use it for backup storage. Unfortunately, business data volume rarely fits the average Internet speed. This article provides an overview of main Internet speed challenges and reveals backup best practices.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Following basic email etiquette rules will help you write a professional email and achieve a good, lasting impression with your contacts.
Learn to move / copy / export exchange contacts to iPhone without using any software. Also see the issues in configuration of exchange with iPhone to migrate contacts.
The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…

803 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question