Solved

Exchange 2003: ActiveSync on mobile phone errors when password expires and is changed, how can I prevent?

Posted on 2008-06-19
12
922 Views
Last Modified: 2012-05-05
We've had an annoying problem with Exchange Server 2003 on our side that I have not been able to find a fix for up to this point. I'm hoping you can help.

We have Windows Mobile phones and set them up to sync over the air with our Exchange Server. It works wonderfully ... until the end user changes their password, either as a result of expiration or choice. After that, the phone fails to synchronize, brings up a View Status screen, and the error it shows is the following:

ActiveSync encountered a problem on the server.

View Support Code (Support Code: 0x85010001)

The only way I can fix it is to delete the entire ActiveSync partnership, reboot the phone (either warm reset or battery removal and re-plugin) and then rebuild the partnership from the ground up. This is creating a lot of support calls, and is very hard to explain to the end user when they are on the road and cannot get to their e-mail.

This happens on all of our AT&T phones across the board (Blackjack 1 and 2, 8125, 8525, Tilt), so I'm sure it's either a Windows Mobile setting I need to hack in, or more likely, a setting on the Exchange Server I need to take a look at. Would anyone here know the first place to look?

Thanks!
0
Comment
Question by:sav2880
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 3
  • 2
12 Comments
 
LVL 20

Expert Comment

by:jdera
ID: 21822144
Have you checked the permissions on the activesync virtual directory within IIS?
0
 
LVL 1

Expert Comment

by:DAN_KANN
ID: 21823137
If they change the password in AD are they changing it in the device too? Go into the Activesync on the device and check the server settings. The password will need to be updated there too.
0
 
LVL 2

Author Comment

by:sav2880
ID: 21823874
jdera: I will check ... what should the permissions be in best practice?

DAN_KANN: They are never prompted to change the password, I would think that they would be. I agree, the password should be changed in the device too, but it seems like it should give me a "wrong password, try again" message and not an ActiveSync straight-up error and a completely unsuccessful sync.
0
Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

 
LVL 1

Expert Comment

by:DAN_KANN
ID: 21823972
You would think it would be that simple and straight forth. I am the only one currently using the MotoQ9c the rest of our guys with mobile devices are using BlackBerrys synching through the BIS server. When ever a password is changed in AD I have to log into the BIS site and manually change it otherwise they will stop getting their email and not even get a notification.

What is the error message that you have gotten?

Have you tried to recreate the error and then update the password in the device to see if that resolves it?
0
 
LVL 2

Author Comment

by:sav2880
ID: 21824184
The error message has always been like the one noted above. When it happens, it'll act like it's going to sync and then quickly give up. Not sure why it doesn't always bring up a "wrong password" message.
0
 
LVL 20

Expert Comment

by:jdera
ID: 21824465
Here is a good step by step including the permissions I mentioned.

http://www.riverbank.co.uk/home/support/knowledge-base/r1403

0
 
LVL 1

Accepted Solution

by:
DAN_KANN earned 500 total points
ID: 21824947
I would put money on it being the password needing to be changed if. I am assuming that the only devices failing are the ones where users have changed their passwords. You did not specify this.
0
 
LVL 1

Expert Comment

by:DAN_KANN
ID: 21825437
I was thinking about something you posted earlier... Are they being prompted to change their password on their mobile device or their Active Directory password?

0
 
LVL 2

Author Comment

by:sav2880
ID: 21827823
Guess I should have specified this ... thought I had stated it clearly, but I'll go for it.

You are correct. The only devices failing are ones where the AD password has been changed. It doesn't really matter where it's changed (by an admin in ADUC, by the end user when the password has expired or changed by the end user by choice). Once that password has been changed, the mobile device then fails to sync, and does not ever offer a "wrong password" message offering to update the password on the device ... just that error.

What I want it to do is properly note that the password is wrong, allow it to be updated on the mobile device, and then trot along as normal. So DAN_KAHN, you're on to how the error comes to be, just need to get to how to eliminate it.

jdera: Checking that post now.
0
 
LVL 1

Expert Comment

by:DAN_KANN
ID: 21830725
I don't believe you are going to be able to automatically rectify the situation. I tested this myself this morning and got the same thing. As I am not an expert on this, it's my opinion that you are going to have to have your users manually update the password on their mobile devices when they change it. If for some reason you have to reset it in AD then they will obviously be aware of this and will know to change it then too.
0

Featured Post

Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

MS Outlook is a world-class email client application that is mainly used for e-communication globally.  In this article, we will discuss the basic idea about MS Outlook, its advanced features, and types of MS Outlook File formats.
Find out what you should include to make the best professional email signature for your organization.
To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…
This video discusses moving either the default database or any database to a new volume.

733 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question