?
Solved

AES/OMA/OWA work but Exchange still shows Server Active Sync Error Event id 3029.

Posted on 2007-03-26
11
Medium Priority
?
2,712 Views
Last Modified: 2012-06-27
I have OWA, OMA, and AES all working.  OWA is enabled with certificate based authtentication.  All is well!  I have one Exchange Server in our organization.  I have only port 443 opened on my firewall.  I am still getting event id 3029, Server Active Sync Error on my exchange server.  I applied http://support.microsoft.com/default.aspx?kbid=817379 and that got me on the right track to send and recieve email on mobile smartphones.  OMA works with no problems too!  OWA is still on certificate base authentication and that works as well!.  I do not get the OMA error(event id 1503) as I did before I applied kb817379, but I still get event id 3029 for AES.  Should I worry about this?  Or is there a way to disable this error events?
0
Comment
Question by:scopeortho
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 8
  • 3
11 Comments
 

Author Comment

by:scopeortho
ID: 18796589
I think I may have found my problem I believe I still had Require SSL on the AES directory.  I just disabled it right now.  So I will look at the logs later to see if I am still getting these errors.
0
 
LVL 104

Expert Comment

by:Sembee
ID: 18796597
If you are getting the error about require SSL being enabled, then you need to disable that option. Require SSL is not compatible with EAS, and you cannot have that option enabled on the virtual directory.

A common mistake and something that Microsoft do not make clear in 817379 is that you need to turn off FBA and Require SSL before doing the export of the /exchange virtual directory. If you don't then the broken configuration comes along with it.

Simon.
0
 

Author Comment

by:scopeortho
ID: 18800172
You lost me at FBA I am not sure what that is???  I made sure that the Microsoft Active-Sync Virtual Directory and exchange-oma directory do not have Require SSL enabled.  And I set both of them to authenticate with Integrated Windows Authentication.  Is this correct???

Dennis
0
Comprehensive Backup Solutions for Microsoft

Acronis protects the complete Microsoft technology stack: Windows Server, Windows PC, laptop and Surface data; Microsoft business applications; Microsoft Hyper-V; Azure VMs; Microsoft Windows Server 2016; Microsoft Exchange 2016 and SQL Server 2016.

 
LVL 104

Expert Comment

by:Sembee
ID: 18800389
FBA is forms based authentication, the web page for login to OWA instead of the standard username and password prompt.

If the process is working then the authentication is correct. I haven't got access to a site configured in that way at the moment to check.

Simon.
0
 

Author Comment

by:scopeortho
ID: 18801971
Sorry about FBA have not seen that abreviation.  Yeah all accesses work, but now my emails are not getting pushed to my mobile smartphone.  I have to initaite an ActiveSync on the mobile phone in order to recieve emails.  And when I initiate an ActiveSync it does it twice...  Should I redo the KB817379.  When I did this yesterday, I am more than positive that I disabled FBA before I saved the configuration.  But I did notice yesterday that RequireSSL was enabled on Microsoft Active-Sync Virtual Directory.  What do you think Simon?

Dennis
0
 

Author Comment

by:scopeortho
ID: 18802046
I am seeing that sometimes emails do get pushed to my mobile phone.  But I still at times have to manaully initiate an ActiveSync.

Dennis
0
 

Author Comment

by:scopeortho
ID: 18802077
AND!!! the Event ID Error is only when the Exchange Server pushes the emails to the mobile device.  Do I have a big problem with AES on my server?
0
 

Author Comment

by:scopeortho
ID: 18802660
I have been troubleshooting my Auto Up to Date on my Exchange and it is not working.  Before I implemented FBA on the Exchagne Server I had no issues at all.  Now when the Exchange server does initiate a push I get the Error 3029, and it pushes out the message to the device.  But that is only after I restart IIS, once it does one push then it will no longer do any pushes.  I can initaite an Active Sync on my device and all is good I do not get the error on the server.  So I am seeing that the AUTD on Exchange is still thinking that Active-Sync Directory has SSL required.  Does this mean that it is not looking at the right directory?  That what it looks like to me.  I looked at ActiveSync Logs from my device I could not decipher all that information.  I am working with this posting: http://msexchangeteam.com/archive/2006/04/03/424028.aspx and I have looked at the logs on my smartphone and IIS and I see these entries.  What I am not finding is the AUTDState.XML on my exchange server.  Is this a problem???

Dennis
0
 
LVL 104

Accepted Solution

by:
Sembee earned 1000 total points
ID: 18804256
If you have been pulling around the configuration of IIS, I would probably suggest that you reset the virtual directories
http://support.microsoft.com/default.aspx?kbid=883380

Remember to remove the registry key created as part of 817379.
Don't change anything else after resetting the virtual directories. If you have an SSL certificate in place, leave it alone. DO NOT enable forms based authentication.
See whether things work then.

Then reapply 817379, or my version of the instructions here: http://www.amset.info/exchange/mobile-85010014.asp

Only then enable forms based authentication.

Simon.
0
 

Author Comment

by:scopeortho
ID: 18804272
I will try that this evening I will let you know how it goes...

Dennis
0
 

Author Comment

by:scopeortho
ID: 18808674
Simon, thanks for the help you also helped me out on a prior issue with SSL on Exchange for OWA.  You are awesome!  Anyways I tried method 3 form KB883380 and it did not re-create my Exchange Virtual Directories.  What I am planning to do next year is hopefully add a front end Exchange server so we can have a good configuration before migrating to Exchange 2007.  But that is down the road.  I cannot unfortunately bring OWA down since there are serveral users that gain access to their email via the web.  For right now I am not expecting many users on AES maybe up to 5 users only and they will not entirely depend on Mobile Access to their mailbox.  So I am not stressing AUTD on AES.  Since ActiveSync can be programmed to get message every 5 minutes and ther seems to be no issue with the Exchange Server I will leave the configuration as is.  If need be something goes entirely bad, I do have the documenation to re-create the directories rather than re-installing exchange and recovery the information store from back-up.  This is good I will add this to my disaster Recovery document for our Exchange Server.  AUDT still does one push of email and then stops working.  This leads me to beleive that there is something wrong with http directory since the PING command from the device is working properly.  But I will keep an eye on it.  As of now the problem is not resolved but the server is functional!  I am supprised that more people have not had the same issue as me since I know a lot of organization do not deploy FE/BE Exchange configurations.  Maybe people do not deploy Certificate FBA or do not allow OWA/OMA/AES access.  But these were the selling points of Exchange server and that is why we migrated from a POP3 email based configuration to Exchange.

Dennis
0

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article lists the top 5 free OST to PST Converter Tools. These tools save a lot of time for users when they want to convert OST to PST after their exchange server is no longer available or some other critical issue with exchange server or impor…
A couple of months ago we ran into an issue that necessitated re-creating our Edge Subscriptions. However, when we attempted to execute the command: New-EdgeSubscription -filename C:\NewEdgeSub_01.xml we received an error indicating that the LDAP se…
In this video we show how to create an Accepted Domain in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Ac…
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…
Suggested Courses
Course of the Month9 days, 2 hours left to enroll

764 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question